| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: CPU Auslastung zu hoch, führt zu StandbildernWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.09.2012, 20:57
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  CPU Auslastung zu hoch, führt zu Standbildern Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.09.2012, 21:39
| #17 |
 | CPU Auslastung zu hoch, führt zu Standbildern Soa und wieder alles wie befohlen gemacht
__________________ Hier der weitere Bericht von OTL OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.09.2012 22:05:55 - Run 2 OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\media\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,88% Memory free 6,21 Gb Paging File | 4,57 Gb Available in Paging File | 73,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,99 Gb Total Space | 217,92 Gb Free Space | 47,79% Space Free | Partition Type: NTFS Drive E: | 695,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MEDIA-PC | User Name: media | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\media\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\media\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Programme\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) PRC - C:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG) PRC - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG) PRC - C:\Programme\Zune\ZuneLauncher.exe (Microsoft Corporation) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Programme\ManyCam\Bin\ManyCam.exe (ManyCam LLC) PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Users\media\Program Files\DNA\btdna.exe (BitTorrent, Inc.) PRC - C:\Programme\Winamp\winampa.exe () PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated) PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Lexmark 2600 Series\lxdnmon.exe () PRC - C:\Programme\Lexmark 2600 Series\lxdnmsdmon.exe () PRC - C:\Windows\System32\lxdncoms.exe ( ) PRC - C:\Windows\vsnpstd3.exe () ========== Modules (No Company Name) ========== MOD - C:\Users\media\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\32983e3f4c5c20053e6673f37a58a874\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0f2b877ed16daa577f95be735a63d19c\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll () MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Users\media\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll () MOD - C:\Users\media\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll () MOD - C:\Users\media\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL () MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Programme\ManyCam\Bin\cximagecrt.dll () MOD - C:\Programme\ManyCam\Bin\CrashRpt.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3314.38784__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3314.38769__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3314.38785__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3314.38781__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3314.38776__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3314.38808__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3314.38856__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3314.38831__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3314.38823__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3314.38856__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3314.38857__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3314.38823__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3314.38807__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3314.38836__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3314.38776__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3314.38817__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3314.38822__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3314.38855__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3314.38805__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3314.38777__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3314.38786__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3314.38803__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3314.38806__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3314.38816__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3314.38789__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3314.38785__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3314.38815__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3314.38806__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3314.38789__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3314.38807__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3314.38815__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3314.38816__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3314.38846__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3314.38881__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3314.38780__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3314.38851__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3314.38767__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3314.38849__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3314.38769__90ba9c70f846762e\CLI.Component.SkinFactory.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3314.38864__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3294.18784__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3314.38766__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3314.38773__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3314.38768__90ba9c70f846762e\ATIDEMOS.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3314.38767__90ba9c70f846762e\APM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3314.38766__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3314.38850__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Programme\Winamp\winampa.exe () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll () MOD - C:\Programme\NewTech Infosystems\Acer Backup Manager\sqlite3.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Programme\Lexmark 2600 Series\lxdnmon.exe () MOD - C:\Programme\Lexmark 2600 Series\lxdnmsdmon.exe () MOD - C:\Programme\Lexmark 2600 Series\app4r.monitor.core.dll () MOD - C:\Programme\Lexmark 2600 Series\app4r.monitor.common.dll () MOD - C:\Programme\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll () MOD - C:\Programme\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll () MOD - C:\Programme\Lexmark 2600 Series\lxdndrs.dll () MOD - C:\Programme\Lexmark 2600 Series\lxdnscw.dll () MOD - C:\Programme\Lexmark 2600 Series\lxdncaps.dll () MOD - C:\Programme\Lexmark 2600 Series\lxdncnv4.dll () MOD - C:\Windows\System32\spool\drivers\w32x86\3\lxdndatr.dll () MOD - C:\Windows\System32\spool\drivers\w32x86\3\lxdncats.dll () MOD - C:\Windows\vsnpstd3.exe () MOD - C:\Programme\Launch Manager\PowerUtl.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG) SRV - (ZuneWlanCfgSvc) -- c:\Programme\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation) SRV - (WMZuneComm) -- c:\Programme\Zune\WMZuneComm.exe (Microsoft Corporation) SRV - (ZuneNetworkSvc) -- c:\Programme\Zune\ZuneNss.exe (Microsoft Corporation) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (TeamViewer5) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe () SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (lxdn_device) -- C:\Windows\System32\lxdncoms.exe ( ) SRV - (lxdnCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe () SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (ihfprsro) -- C:\Windows\system32\drivers\ihfprsro.sys File not found DRV - (catchme) -- C:\Users\media\AppData\Local\Temp\catchme.sys File not found DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (TelekomNM3) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (CyberLink Corp.) DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.) DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.) DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.) DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (RT73) -- C:\Windows\System32\drivers\rt73.sys (Ralink Technology, Corp.) DRV - (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7735 IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes\{3D41F773-C2A2-4541-8F58-DF94FA1311D3}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=oIV-U397g-4KwOoRbMN0V3uO2pA?q={searchTerms} IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "Google.de" FF - prefs.js..extensions.enabledAddons: ytd@mybrowserbar.com:6.2 FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4 FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\media\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\media\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( ) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\media\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.09.22 10:24:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.16 12:06:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\media\Program Files\DNA [2012.09.21 21:32:43 | 000,000,000 | ---D | M] [2009.09.28 00:46:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\media\AppData\Roaming\mozilla\Extensions [2009.09.28 00:46:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\media\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2012.09.20 22:13:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\media\AppData\Roaming\mozilla\Firefox\Profiles\980ntedn.default\extensions [2010.09.06 21:53:28 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\media\AppData\Roaming\mozilla\Firefox\Profiles\980ntedn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.08.10 21:10:23 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\media\AppData\Roaming\mozilla\Firefox\Profiles\980ntedn.default\extensions\support@predictad.com [2012.09.14 20:27:46 | 000,270,876 | ---- | M] () (No name found) -- C:\Users\media\AppData\Roaming\mozilla\firefox\profiles\980ntedn.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012.09.19 19:37:01 | 000,001,056 | ---- | M] () -- C:\Users\media\AppData\Roaming\mozilla\firefox\profiles\980ntedn.default\searchplugins\icqplugin.xml [2012.09.21 20:54:12 | 000,005,401 | ---- | M] () -- C:\Users\media\AppData\Roaming\mozilla\firefox\profiles\980ntedn.default\searchplugins\searchcanvas.xml [2012.09.16 12:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.07.30 16:16:54 | 000,000,000 | ---D | M] (YTD Toolbar) -- C:\PROGRAM FILES\YTD TOOLBAR\FF [2009.09.17 03:02:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\media\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Facebook Plugin (Enabled) = C:\Users\media\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll CHR - plugin: DNA Plug-in (Enabled) = C:\Users\media\Program Files\DNA\plugins\npbtdna.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Savings-Slider = C:\Users\media\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\ O1 HOSTS File: ([2011.03.24 21:36:39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [lxdnamon] C:\Program Files\Lexmark 2600 Series\lxdnamon.exe () O4 - HKLM..\Run: [lxdnmon.exe] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe () O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac7311\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4 - HKLM..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe () O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000..\Run: [BitTorrent DNA] C:\Users\media\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000..\Run: [Facebook Update] C:\Users\media\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000..\Run: [MobileDocuments] C:\Programme\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk = C:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube Download - C:\Users\media\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\media\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.7.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E7F14DB-A921-4029-A3D6-E11C62F8C966}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{847A802C-FADB-43EC-A88C-7D478309B2B8}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\media\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\media\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.08.18 00:18:04 | 000,000,134 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "bootini" - 2 SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.09.21 22:02:46 | 000,000,000 | ---D | C] -- C:\Users\media\Desktop\Gepostete Logs [2012.09.21 22:02:30 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\media\Desktop\OTL.exe [2012.09.19 16:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.09.17 19:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.09.17 19:05:12 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.17 19:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.09.16 15:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.09.16 15:48:10 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012.09.16 15:48:02 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2012.09.16 15:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012.09.16 12:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.09.12 14:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.09.05 17:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2012.09.05 17:18:07 | 000,081,920 | ---- | C] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll [2012.09.05 17:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2012.09.02 18:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Gilde 2 - Gold Edition [2012.09.02 18:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\Die Gilde 2 - Gold Edition [2012.09.01 17:47:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.08.26 13:26:19 | 000,000,000 | ---D | C] -- C:\Users\media\Documents\Anno 1404 [2012.08.25 00:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2012.08.25 00:33:43 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2012.08.24 22:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft [2012.08.24 16:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis [2012.08.24 16:27:23 | 000,000,000 | ---D | C] -- C:\Users\media\Documents\Electronic Arts [2012.08.24 16:15:24 | 000,000,000 | ---D | C] -- C:\Users\media\AppData\Roaming\Systweak [2012.08.24 16:15:23 | 000,017,320 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe [2010.08.10 21:10:20 | 002,944,904 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [1 C:\Users\media\Desktop\*.tmp files -> C:\Users\media\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.21 22:02:33 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\media\Desktop\OTL.exe [2012.09.21 21:46:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.09.21 21:38:35 | 000,633,830 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.09.21 21:38:35 | 000,600,388 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.09.21 21:38:35 | 000,129,240 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.09.21 21:38:35 | 000,106,264 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.09.21 21:35:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.21 21:32:25 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.09.21 21:31:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.21 21:31:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.21 21:31:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.21 21:31:35 | 3215,908,864 | -HS- | M] () -- C:\hiberfil.sys [2012.09.21 20:38:04 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3836772568-625509949-2968681795-1000UA.job [2012.09.21 18:30:35 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2012.09.20 22:29:11 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.09.17 20:50:10 | 386,506,872 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.09.16 15:48:10 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012.09.15 23:38:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3836772568-625509949-2968681795-1000Core.job [2012.09.15 21:03:22 | 000,000,176 | ---- | M] () -- C:\Users\media\defogger_reenable [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.02 18:49:26 | 000,160,256 | ---- | M] () -- C:\Users\media\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.02 18:46:25 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\Die Gilde 2 - Gold Edition.lnk [2012.08.29 18:17:01 | 000,039,694 | ---- | M] () -- C:\Users\media\.recently-used.xbel [2012.08.25 13:16:51 | 000,001,148 | ---- | M] () -- C:\Users\media\Desktop\SIMS 3.lnk [2012.08.24 16:48:16 | 000,000,824 | ---- | M] () -- C:\Windows\eReg.dat [1 C:\Users\media\Desktop\*.tmp files -> C:\Users\media\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.19 15:45:28 | 3215,908,864 | -HS- | C] () -- C:\hiberfil.sys [2012.09.16 12:56:14 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.16 12:06:18 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.09.16 00:38:47 | 386,506,872 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.09.15 21:02:42 | 000,000,176 | ---- | C] () -- C:\Users\media\defogger_reenable [2012.09.02 18:46:25 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\Die Gilde 2 - Gold Edition.lnk [2012.08.29 18:17:01 | 000,039,694 | ---- | C] () -- C:\Users\media\.recently-used.xbel [2012.08.25 13:16:51 | 000,001,148 | ---- | C] () -- C:\Users\media\Desktop\SIMS 3.lnk [2012.05.06 17:19:50 | 000,348,160 | ---- | C] () -- C:\Windows\System32\lxdncoin.dll [2012.05.06 17:10:51 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdnrwrd.ini [2012.05.06 17:10:38 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDNinst.dll [2012.05.06 17:10:37 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDNhcp.dll [2012.05.06 17:10:36 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdninpa.dll [2012.05.06 17:10:36 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdniesc.dll [2012.05.06 17:10:35 | 001,101,824 | ---- | C] ( ) -- C:\Windows\System32\lxdnserv.dll [2012.05.06 17:10:35 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdnusb1.dll [2012.05.06 17:10:34 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnpmui.dll [2012.05.06 17:10:34 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdnprox.dll [2012.05.06 17:10:33 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdnlmpm.dll [2012.05.06 17:10:31 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdnhbn3.dll [2012.05.06 17:10:31 | 000,320,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnih.exe [2012.05.06 17:10:31 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdngrd.dll [2012.05.06 17:10:29 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxdncoms.exe [2012.05.06 17:10:29 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdncomm.dll [2012.05.06 17:10:28 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdncomc.dll [2012.05.06 17:10:28 | 000,365,224 | ---- | C] ( ) -- C:\Windows\System32\lxdncfg.exe [2012.01.30 20:36:40 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2012.01.30 20:36:39 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2012.01.30 20:36:39 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2012.01.30 20:23:40 | 000,021,975 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011.08.23 20:37:53 | 000,071,680 | ---- | C] () -- C:\Users\media\AppData\Roaming\chrtmp [2011.08.09 15:51:41 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011.06.28 19:02:48 | 000,001,496 | ---- | C] () -- C:\Windows\System32\drivers\RtkAcerM.dat [2011.03.24 21:20:40 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011.03.24 21:20:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011.03.24 21:20:40 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011.03.24 21:20:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011.03.24 21:20:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011.03.23 23:49:54 | 000,003,287 | ---- | C] () -- C:\Users\media\AppData\Roaming\Tool-Store-Log.html [2011.01.29 17:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011.01.29 17:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011.01.29 17:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011.01.29 17:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2010.09.30 23:04:35 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010.09.30 23:04:35 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010.06.25 23:47:38 | 000,723,978 | ---- | C] () -- C:\Users\media\AppData\Roaming\unins000.exe [2010.06.25 23:47:38 | 000,013,099 | ---- | C] () -- C:\Users\media\AppData\Roaming\unins000.dat [2010.04.04 18:33:44 | 000,001,471 | ---- | C] () -- C:\Users\media\AppData\Local\RecConfig.xml [2010.03.13 13:23:34 | 000,000,170 | ---- | C] () -- C:\Users\media\AppData\Roaming\burnaware.ini [2009.10.14 14:11:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.09.15 21:59:55 | 000,000,116 | ---- | C] () -- C:\Users\media\AppData\Roaming\wklnhst.dat [2009.09.15 15:46:03 | 000,160,256 | ---- | C] () -- C:\Users\media\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.08.08 17:31:37 | 000,007,512 | ---- | C] () -- C:\Users\media\AppData\Local\d3d9caps.dat ========== ZeroAccess Check ========== [2011.04.16 13:13:28 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\LocalLow\Microsoft\Silverlight\is\mtpu52tp.4ou\g1rumu1c.f0b\1\l [2011.04.06 23:25:33 | 000,000,106 | ---- | M] () -- C:\Users\media\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7K3C4CB7\cdn.kaisergames.de\attachments\game\9\9787\dynamicsystems2.swf\u.sol [2012.08.06 20:09:08 | 000,000,082 | ---- | M] () -- C:\Users\media\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7K3C4CB7\t.cxt.ms\lso.swf\u.sol [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini ========== LOP Check ========== [2009.07.24 15:47:38 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console [2009.07.24 15:47:38 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console [2009.07.24 15:47:38 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Acer GameZone Console [2009.08.07 22:29:45 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\EA [2009.08.31 21:22:04 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\eSobi [2009.09.07 18:55:39 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\PowerCinema [2009.09.02 03:01:39 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\SoftDMA [2009.08.12 01:38:10 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Template [2010.11.15 16:05:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Absolutist [2009.07.24 15:47:38 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Acer GameZone Console [2010.11.12 20:34:17 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Anarchy [2010.11.15 12:55:32 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Artogon [2010.11.13 23:24:56 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Big Fish Games [2010.01.14 22:30:33 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\BRAVIS [2009.12.01 18:32:46 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Camfrog [2011.02.06 02:48:14 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\cerasus.media [2010.06.25 23:47:57 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\concept design [2012.09.16 15:49:51 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DAEMON Tools Lite [2009.09.16 17:05:10 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DeepBurner [2012.09.21 22:12:53 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DNA [2011.08.19 22:29:28 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DVDVideoSoft [2011.08.19 22:28:22 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DVDVideoSoftIEHelpers [2010.11.23 21:42:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Elephant Games [2010.11.13 21:09:07 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Enki Games [2010.11.10 17:09:09 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Enlightenus2SE_BFG [2010.11.22 22:12:09 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ERS G-Studio [2011.01.07 01:51:51 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ERS Game Studios [2010.03.19 03:00:44 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Facebook [2009.11.21 23:28:00 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\flightgear.org [2010.06.22 12:14:05 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Flood Light Games [2009.10.19 20:29:32 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\FOG Downloader [2010.06.25 23:47:38 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Franzis [2011.05.18 16:55:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\GetRightToGo [2011.01.08 02:57:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Gogii [2012.08.29 18:13:23 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\gtk-2.0 [2012.05.30 23:29:31 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ICQ [2010.11.08 19:14:19 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\iMaxGen [2009.09.20 15:08:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Inkscape [2009.11.01 22:05:38 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\iWin [2010.10.07 15:58:21 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\LimeWire [2010.10.07 17:35:32 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ManyCam [2011.03.10 10:19:59 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\MessengerDiscovery 2 [2011.03.05 12:27:53 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Modelchance_38227BF2 [2010.06.20 19:32:55 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\mresreg [2009.12.01 17:58:20 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Netviewer [2009.12.01 20:05:37 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\NewNetTelephoneOnline [2010.03.06 13:19:14 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ooVoo Details [2010.11.10 16:11:58 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Orneon [2009.12.01 20:06:59 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Paltalk [2010.09.30 23:09:04 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\PC Suite [2010.11.14 18:57:22 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Ph03nixNewMedia [2011.01.30 15:47:50 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\PhotoScape [2010.12.22 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Pirateville [2010.04.19 22:12:36 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\PlayFirst [2009.09.28 23:47:04 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Playrix Entertainment [2010.09.19 22:07:12 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\PowerCinema [2010.12.05 00:08:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Princess Isabella [2010.09.22 13:35:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ProtectDISC [2011.01.29 21:20:40 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\RobinsonCrusoeCER [2011.06.08 15:35:55 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Samsung [2010.09.04 06:44:45 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Scribus [2012.05.16 13:08:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\SFBot [2010.11.09 19:57:02 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ShaoLin [2010.11.09 21:13:42 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Skunk Studios [2010.09.19 23:45:33 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\SoftDMA [2010.11.10 22:17:56 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Specialbit [2012.08.25 00:28:47 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Systweak [2011.12.13 19:28:39 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TeamViewer [2010.11.15 11:43:25 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TeleportGamesLtd [2009.12.21 19:30:01 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Template [2010.12.04 01:33:27 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Ten Heavens [2010.11.13 22:22:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TOMI2.THE GATES OF FATE [2010.11.15 16:06:23 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Top Evidence [2010.12.27 22:06:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TS3Client [2009.11.01 17:34:52 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TuneUp Software [2009.12.07 21:02:08 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Ubisoft [2011.01.25 20:25:58 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\V-Games [2011.01.07 16:23:46 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\VampireSaga [2010.08.10 21:10:50 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\VDownloader [2010.11.21 21:30:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Vogat Interactive [2010.01.28 02:20:40 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\VoipCheapCom [2009.10.27 23:39:11 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\VoipStunt [2009.10.18 23:33:03 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Webcammax [2011.08.19 22:23:50 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\WindSolutions [2010.04.19 23:12:51 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Zylom [2010.04.20 18:01:19 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Zylom 3 Days Zoo Mystery ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.11.15 16:05:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Absolutist [2009.07.24 15:47:38 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Acer GameZone Console [2009.09.15 15:36:27 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Adobe [2010.11.12 20:34:17 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Anarchy [2012.05.09 13:29:04 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Apple Computer [2010.11.15 12:55:32 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Artogon [2009.08.06 21:01:04 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ATI [2012.06.03 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Avira [2010.11.13 23:24:56 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Big Fish Games [2010.01.14 22:30:33 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\BRAVIS [2009.12.01 18:32:46 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Camfrog [2011.02.06 02:48:14 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\cerasus.media [2010.06.25 23:47:57 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\concept design [2009.08.08 20:15:42 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\CyberLink [2012.09.16 15:49:51 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DAEMON Tools Lite [2009.09.16 17:05:10 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DeepBurner [2010.08.11 21:21:52 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DivX [2012.09.21 22:12:53 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DNA [2010.09.19 23:05:33 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\dvdcss [2011.08.19 22:29:28 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DVDVideoSoft [2011.08.19 22:28:22 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\DVDVideoSoftIEHelpers [2010.11.23 21:42:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Elephant Games [2010.11.13 21:09:07 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Enki Games [2010.11.10 17:09:09 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Enlightenus2SE_BFG [2010.11.22 22:12:09 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ERS G-Studio [2011.01.07 01:51:51 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ERS Game Studios [2010.03.19 03:00:44 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Facebook [2009.11.21 23:28:00 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\flightgear.org [2010.06.22 12:14:05 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Flood Light Games [2009.10.19 20:29:32 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\FOG Downloader [2010.06.25 23:47:38 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Franzis [2011.05.18 16:55:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\GetRightToGo [2011.01.08 02:57:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Gogii [2009.09.15 15:28:28 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Google [2012.08.29 18:13:23 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\gtk-2.0 [2012.05.30 23:29:31 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ICQ [2010.04.19 23:12:51 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Identities [2010.11.08 19:14:19 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\iMaxGen [2009.09.20 15:08:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Inkscape [2012.01.30 20:33:54 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\InstallShield [2009.10.06 21:56:57 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Intel [2009.11.01 22:05:38 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\iWin [2010.10.07 15:58:21 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\LimeWire [2009.08.06 21:00:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Macromedia [2011.03.21 21:47:55 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Malwarebytes [2010.10.07 17:35:32 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ManyCam [2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Media Center Programs [2011.03.10 10:19:59 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\MessengerDiscovery 2 [2012.06.13 16:27:07 | 000,000,000 | --SD | M] -- C:\Users\media\AppData\Roaming\Microsoft [2011.03.05 12:27:53 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Modelchance_38227BF2 [2009.09.15 16:26:06 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Mozilla [2010.02.11 16:52:55 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Mozilla Firefox [2010.06.20 19:32:55 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\mresreg [2009.12.01 17:58:20 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Netviewer [2009.12.01 20:05:37 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\NewNetTelephoneOnline [2010.03.06 13:19:14 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ooVoo Details [2010.11.10 16:11:58 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Orneon [2009.12.01 20:06:59 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Paltalk [2010.09.30 23:09:04 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\PC Suite [2010.11.14 18:57:22 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Ph03nixNewMedia [2011.01.30 15:47:50 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\PhotoScape [2010.12.22 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Pirateville [2010.04.19 22:12:36 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\PlayFirst [2009.09.28 23:47:04 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Playrix Entertainment [2010.09.19 22:07:12 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\PowerCinema [2010.12.05 00:08:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Princess Isabella [2010.09.22 13:35:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ProtectDISC [2011.01.29 21:20:40 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\RobinsonCrusoeCER [2011.06.08 15:35:55 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Samsung [2010.09.04 06:44:45 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Scribus [2012.05.16 13:08:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\SFBot [2010.11.09 19:57:02 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\ShaoLin [2010.11.09 21:13:42 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Skunk Studios [2012.09.21 22:05:52 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Skype [2012.01.11 07:39:48 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\skypePM [2010.09.19 23:45:33 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\SoftDMA [2010.11.10 22:17:56 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Specialbit [2010.11.10 22:35:06 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\SunRay Games [2011.03.26 21:23:28 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\SUPERAntiSpyware.com [2012.08.25 00:28:47 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Systweak [2010.01.10 22:05:37 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\teamspeak2 [2011.12.13 19:28:39 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TeamViewer [2010.11.15 11:43:25 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TeleportGamesLtd [2009.12.21 19:30:01 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Template [2010.12.04 01:33:27 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Ten Heavens [2010.11.13 22:22:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TOMI2.THE GATES OF FATE [2010.11.15 16:06:23 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Top Evidence [2010.12.27 22:06:15 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TS3Client [2009.11.01 17:34:52 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\TuneUp Software [2009.12.07 21:02:08 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Ubisoft [2011.01.25 20:25:58 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\V-Games [2011.01.07 16:23:46 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\VampireSaga [2010.08.10 21:10:50 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\VDownloader [2012.09.06 21:56:32 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\vlc [2010.11.21 21:30:24 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Vogat Interactive [2010.01.28 02:20:40 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\VoipCheapCom [2009.10.27 23:39:11 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\VoipStunt [2009.10.18 23:33:03 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Webcammax [2012.08.18 01:49:03 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Winamp [2011.08.19 22:23:50 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\WindSolutions [2009.09.17 02:26:46 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\WinRAR [2009.10.15 14:56:23 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Yahoo! [2010.04.19 23:12:51 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Zylom [2010.04.20 18:01:19 | 000,000,000 | ---D | M] -- C:\Users\media\AppData\Roaming\Zylom 3 Days Zoo Mystery < %APPDATA%\*.exe /s > [2010.06.25 23:50:36 | 000,723,978 | ---- | M] () -- C:\Users\media\AppData\Roaming\unins000.exe [2010.03.19 03:00:44 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\media\AppData\Roaming\Facebook\uninstall.exe [2009.09.28 00:46:16 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe [2009.09.28 00:46:17 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe [2009.09.28 00:46:17 | 000,014,848 | ---- | M] () -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe [2009.09.28 00:46:17 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe [2009.09.28 00:46:17 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe [2009.09.28 00:46:17 | 000,018,432 | ---- | M] () -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe [2009.09.28 00:46:17 | 000,014,336 | ---- | M] () -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe [2009.09.28 00:46:18 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe [2009.09.28 00:46:18 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\media\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe [2011.05.21 01:15:21 | 000,010,134 | R--- | M] () -- C:\Users\media\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe [2011.08.19 22:23:56 | 003,461,672 | ---- | M] (WindSolutions) -- C:\Users\media\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2009.02.12 03:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Acer\Preload\Autorun\DRV\AHCI\Driver64\IaStor.sys [2009.02.12 03:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Acer\Preload\Autorun\DRV\AHCI\Driver\IaStor.sys [2009.02.12 03:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys [2009.02.12 03:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys [2009.02.12 03:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_c491546e\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\ERDNT\cache\wininit.exe [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.01.28 08:34:54 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll [2011.04.24 23:22:38 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll [2011.04.24 23:22:38 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll < > [2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006.11.02 15:01:49 | 000,032,536 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009.09.27 01:04:34 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2009.09.27 01:04:34 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2009.11.01 17:34:53 | 000,000,390 | ---- | C] () -- C:\Windows\Tasks\1-Klick-Wartung.job [2011.09.05 14:28:28 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3836772568-625509949-2968681795-1000Core.job [2011.09.05 14:28:29 | 000,001,138 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3836772568-625509949-2968681795-1000UA.job [2012.09.16 12:56:14 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job < End of report > |
|
22.09.2012, 16:29
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | CPU Auslastung zu hoch, führt zu Standbildern Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Code:
ATTFilter :OTL
FF - user.js - File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7735
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
IE - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=oIV-U397g-4KwOoRbMN0V3uO2pA?q={searchTerms}
FF - prefs.js..extensions.enabledAddons: ytd@mybrowserbar.com:6.2
[2012.09.19 19:37:01 | 000,001,056 | ---- | M] () -- C:\Users\media\AppData\Roaming\mozilla\firefox\profiles\980ntedn.default\searchplugins\icqplugin.xml
[2012.09.21 20:54:12 | 000,005,401 | ---- | M] () -- C:\Users\media\AppData\Roaming\mozilla\firefox\profiles\980ntedn.default\searchplugins\searchcanvas.xml
[2012.07.30 16:16:54 | 000,000,000 | ---D | M] (YTD Toolbar) -- C:\PROGRAM FILES\YTD TOOLBAR\FF
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3836772568-625509949-2968681795-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O32 - HKLM CDRom: AutoRun - 1
:Files
C:\Program Files\Common Files\Spigot
C:\Program Files\YTD Toolbar
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache
C:\Users\media\Downloads\VLCMediaPlayerSetup.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
23.09.2012, 12:22
| #19 |
| | CPU Auslastung zu hoch, führt zu Standbildern So Computer hat den Fix verarbeitet und den Pc neu gestartet. Nach dem hochfahren war folgende Log geöffnet: Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3836772568-625509949-2968681795-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-3836772568-625509949-2968681795-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Prefs.js: ytd@mybrowserbar.com:6.2 removed from extensions.enabledAddons
C:\Users\media\AppData\Roaming\mozilla\firefox\profiles\980ntedn.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\media\AppData\Roaming\mozilla\firefox\profiles\980ntedn.default\searchplugins\searchcanvas.xml moved successfully.
C:\PROGRAM FILES\YTD TOOLBAR\FF\chrome folder moved successfully.
C:\PROGRAM FILES\YTD TOOLBAR\FF folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
C:\Programme\Winamp\winampa.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-3836772568-625509949-2968681795-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3836772568-625509949-2968681795-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
========== FILES ==========
File\Folder C:\Program Files\Common Files\Spigot not found.
C:\Program Files\YTD Toolbar\Res\Lang folder moved successfully.
C:\Program Files\YTD Toolbar\Res folder moved successfully.
C:\Program Files\YTD Toolbar\IE\6.2 folder moved successfully.
C:\Program Files\YTD Toolbar\IE folder moved successfully.
C:\Program Files\YTD Toolbar folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\media\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
File\Folder C:\Users\media\Downloads\VLCMediaPlayerSetup.exe not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\media\Desktop\cmd.bat deleted successfully.
C:\Users\media\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: media
->Temp folder emptied: 1822205 bytes
->Temporary Internet Files folder emptied: 80712570 bytes
->FireFox cache emptied: 334166274 bytes
->Google Chrome cache emptied: 34439228 bytes
->Apple Safari cache emptied: 21052416 bytes
->Flash cache emptied: 171765168 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 818350755 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1.395,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.65.1 log created on 09232012_131039
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
23.09.2012, 17:42
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | CPU Auslastung zu hoch, führt zu Standbildern Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.09.2012, 19:41
| #21 |
| | CPU Auslastung zu hoch, führt zu Standbildern So alles wie beschrieben durchgeführt. Die Log hab ich aus C: geholt Code:
ATTFilter 20:29:10.0629 2888 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:29:11.0174 2888 ============================================================
20:29:11.0174 2888 Current date / time: 2012/09/23 20:29:11.0174
20:29:11.0174 2888 SystemInfo:
20:29:11.0174 2888
20:29:11.0174 2888 OS Version: 6.0.6002 ServicePack: 2.0
20:29:11.0174 2888 Product type: Workstation
20:29:11.0174 2888 ComputerName: MEDIA-PC
20:29:11.0174 2888 UserName: media
20:29:11.0174 2888 Windows directory: C:\Windows
20:29:11.0174 2888 System windows directory: C:\Windows
20:29:11.0174 2888 Processor architecture: Intel x86
20:29:11.0174 2888 Number of processors: 2
20:29:11.0174 2888 Page size: 0x1000
20:29:11.0174 2888 Boot type: Normal boot
20:29:11.0174 2888 ============================================================
20:29:11.0866 2888 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:29:11.0869 2888 ============================================================
20:29:11.0869 2888 \Device\Harddisk0\DR0:
20:29:11.0869 2888 MBR partitions:
20:29:11.0869 2888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x38FFD000
20:29:11.0869 2888 ============================================================
20:29:11.0902 2888 C: <-> \Device\Harddisk0\DR0\Partition1
20:29:11.0902 2888 ============================================================
20:29:11.0902 2888 Initialize success
20:29:11.0902 2888 ============================================================
20:35:54.0441 4692 ============================================================
20:35:54.0441 4692 Scan started
20:35:54.0441 4692 Mode: Manual; SigCheck; TDLFS;
20:35:54.0441 4692 ============================================================
20:35:55.0653 4692 ================ Scan system memory ========================
20:35:55.0653 4692 System memory - ok
20:35:55.0653 4692 ================ Scan services =============================
20:35:55.0987 4692 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:35:56.0333 4692 ACPI - ok
20:35:56.0502 4692 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
20:35:56.0823 4692 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
20:35:56.0823 4692 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
20:35:56.0937 4692 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:35:57.0023 4692 AdobeFlashPlayerUpdateSvc - ok
20:35:57.0089 4692 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:35:57.0259 4692 adp94xx - ok
20:35:57.0347 4692 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:35:57.0568 4692 adpahci - ok
20:35:57.0698 4692 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:35:57.0863 4692 adpu160m - ok
20:35:57.0929 4692 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:35:58.0030 4692 adpu320 - ok
20:35:58.0119 4692 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:35:58.0362 4692 AeLookupSvc - ok
20:35:58.0504 4692 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
20:35:58.0713 4692 AFD - ok
20:35:58.0812 4692 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
20:35:58.0893 4692 AgereModemAudio - ok
20:35:59.0027 4692 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
20:35:59.0373 4692 AgereSoftModem - ok
20:35:59.0487 4692 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:35:59.0559 4692 agp440 - ok
20:35:59.0673 4692 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:36:00.0092 4692 aic78xx - ok
20:36:00.0170 4692 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
20:36:00.0487 4692 ALG - ok
20:36:00.0558 4692 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
20:36:00.0581 4692 aliide - ok
20:36:00.0661 4692 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:36:00.0702 4692 amdagp - ok
20:36:00.0738 4692 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
20:36:00.0849 4692 amdide - ok
20:36:00.0988 4692 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:36:01.0221 4692 AmdK7 - ok
20:36:01.0260 4692 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:36:01.0427 4692 AmdK8 - ok
20:36:01.0760 4692 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:36:01.0826 4692 AntiVirSchedulerService - ok
20:36:01.0887 4692 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:36:01.0949 4692 AntiVirService - ok
20:36:02.0023 4692 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
20:36:02.0217 4692 Appinfo - ok
20:36:02.0351 4692 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:36:02.0408 4692 Apple Mobile Device - ok
20:36:02.0521 4692 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
20:36:02.0601 4692 arc - ok
20:36:02.0708 4692 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:36:02.0740 4692 arcsas - ok
20:36:02.0791 4692 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:36:02.0907 4692 AsyncMac - ok
20:36:02.0996 4692 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
20:36:03.0023 4692 atapi - ok
20:36:03.0103 4692 [ ACDB46B1A467752A2F280C68C8461556 ] athr C:\Windows\system32\DRIVERS\athr.sys
20:36:03.0281 4692 athr - ok
20:36:03.0413 4692 [ 4CFBFEC540F136CF952E8B6FDB80E52E ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
20:36:03.0733 4692 Ati External Event Utility - ok
20:36:04.0048 4692 [ 6F2CC6403012375385D556BF39382B74 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:36:04.0369 4692 atikmdag - ok
20:36:04.0471 4692 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
20:36:04.0543 4692 atksgt - ok
20:36:04.0651 4692 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:36:04.0816 4692 AudioEndpointBuilder - ok
20:36:04.0847 4692 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:36:04.0881 4692 Audiosrv - ok
20:36:04.0921 4692 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:36:04.0946 4692 avgntflt - ok
20:36:05.0026 4692 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:36:05.0090 4692 avipbb - ok
20:36:05.0184 4692 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:36:05.0218 4692 avkmgr - ok
20:36:05.0338 4692 [ D1A9AE485FFF7C72CA50D8949B2210B9 ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
20:36:05.0391 4692 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
20:36:05.0391 4692 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
20:36:05.0478 4692 [ 263CF9D248FD5E020A1333ED4F7EAA88 ] avmeject C:\Windows\system32\drivers\avmeject.sys
20:36:05.0537 4692 avmeject ( UnsignedFile.Multi.Generic ) - warning
20:36:05.0537 4692 avmeject - detected UnsignedFile.Multi.Generic (1)
20:36:05.0641 4692 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:36:05.0741 4692 b57nd60x - ok
20:36:05.0787 4692 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:36:05.0864 4692 Beep - ok
20:36:05.0980 4692 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
20:36:06.0066 4692 BFE - ok
20:36:06.0150 4692 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
20:36:06.0403 4692 BITS - ok
20:36:06.0458 4692 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:36:06.0552 4692 blbdrive - ok
20:36:06.0601 4692 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:36:06.0662 4692 bowser - ok
20:36:06.0707 4692 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:36:06.0780 4692 BrFiltLo - ok
20:36:06.0806 4692 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:36:06.0869 4692 BrFiltUp - ok
20:36:06.0897 4692 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
20:36:06.0980 4692 Browser - ok
20:36:07.0029 4692 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:36:07.0243 4692 Brserid - ok
20:36:07.0287 4692 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:36:07.0449 4692 BrSerWdm - ok
20:36:07.0487 4692 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:36:07.0566 4692 BrUsbMdm - ok
20:36:07.0599 4692 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:36:07.0728 4692 BrUsbSer - ok
20:36:07.0799 4692 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
20:36:07.0871 4692 BthEnum - ok
20:36:07.0957 4692 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:36:08.0041 4692 BTHMODEM - ok
20:36:08.0073 4692 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:36:08.0130 4692 BthPan - ok
20:36:08.0182 4692 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
20:36:08.0241 4692 BTHPORT - ok
20:36:08.0305 4692 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
20:36:08.0387 4692 BthServ - ok
20:36:08.0439 4692 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
20:36:08.0489 4692 BTHUSB - ok
20:36:08.0652 4692 catchme - ok
20:36:08.0719 4692 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:36:08.0790 4692 cdfs - ok
20:36:08.0863 4692 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:36:08.0923 4692 cdrom - ok
20:36:09.0000 4692 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:36:09.0051 4692 CertPropSvc - ok
20:36:09.0105 4692 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
20:36:09.0177 4692 circlass - ok
20:36:09.0240 4692 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
20:36:09.0278 4692 CLFS - ok
20:36:09.0371 4692 [ 252F4B4EDC7BB632E531834F59ABB84E ] CLHNService C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
20:36:09.0399 4692 CLHNService - ok
20:36:09.0506 4692 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:36:09.0539 4692 clr_optimization_v2.0.50727_32 - ok
20:36:09.0668 4692 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:36:09.0760 4692 clr_optimization_v4.0.30319_32 - ok
20:36:09.0796 4692 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:36:09.0840 4692 CmBatt - ok
20:36:09.0878 4692 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:36:09.0918 4692 cmdide - ok
20:36:09.0970 4692 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:36:10.0014 4692 Compbatt - ok
20:36:10.0033 4692 COMSysApp - ok
20:36:10.0067 4692 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:36:10.0116 4692 crcdisk - ok
20:36:10.0159 4692 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:36:10.0211 4692 Crusoe - ok
20:36:10.0309 4692 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:36:10.0422 4692 CryptSvc - ok
20:36:10.0801 4692 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:36:10.0928 4692 DcomLaunch - ok
20:36:11.0003 4692 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:36:11.0075 4692 DfsC - ok
20:36:11.0527 4692 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
20:36:11.0668 4692 DFSR - ok
20:36:11.0792 4692 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:36:11.0873 4692 Dhcp - ok
20:36:11.0996 4692 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
20:36:12.0047 4692 disk - ok
20:36:12.0196 4692 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
20:36:12.0226 4692 DKbFltr - ok
20:36:12.0310 4692 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:36:12.0365 4692 Dnscache - ok
20:36:12.0475 4692 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:36:12.0532 4692 dot3svc - ok
20:36:12.0570 4692 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
20:36:12.0648 4692 DPS - ok
20:36:12.0676 4692 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:36:12.0794 4692 drmkaud - ok
20:36:12.0879 4692 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:36:12.0913 4692 dtsoftbus01 - ok
20:36:13.0046 4692 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:36:13.0132 4692 DXGKrnl - ok
20:36:13.0255 4692 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:36:13.0409 4692 E1G60 - ok
20:36:13.0433 4692 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
20:36:13.0481 4692 EapHost - ok
20:36:13.0601 4692 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:36:13.0642 4692 Ecache - ok
20:36:13.0710 4692 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:36:13.0766 4692 ehRecvr - ok
20:36:13.0792 4692 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:36:13.0855 4692 ehSched - ok
20:36:13.0878 4692 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:36:13.0928 4692 ehstart - ok
20:36:13.0988 4692 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:36:14.0025 4692 elxstor - ok
20:36:14.0175 4692 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:36:14.0322 4692 EMDMgmt - ok
20:36:14.0540 4692 [ 2072CBE938DD355C4A52E9A4DCF5439F ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
20:36:14.0623 4692 ePowerSvc - ok
20:36:14.0680 4692 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:36:14.0751 4692 ErrDev - ok
20:36:14.0868 4692 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
20:36:14.0916 4692 EventSystem - ok
20:36:14.0993 4692 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
20:36:15.0060 4692 exfat - ok
20:36:15.0126 4692 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:36:15.0171 4692 fastfat - ok
20:36:15.0197 4692 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:36:15.0259 4692 fdc - ok
20:36:15.0289 4692 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:36:15.0336 4692 fdPHost - ok
20:36:15.0350 4692 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:36:15.0458 4692 FDResPub - ok
20:36:15.0482 4692 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:36:15.0507 4692 FileInfo - ok
20:36:15.0549 4692 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:36:15.0599 4692 Filetrace - ok
20:36:15.0781 4692 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:36:15.0840 4692 flpydisk - ok
20:36:15.0912 4692 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:36:15.0941 4692 FltMgr - ok
20:36:16.0023 4692 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
20:36:16.0159 4692 FontCache - ok
20:36:16.0254 4692 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:36:16.0275 4692 FontCache3.0.0.0 - ok
20:36:16.0355 4692 [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
20:36:16.0387 4692 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
20:36:16.0387 4692 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
20:36:16.0430 4692 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:36:16.0478 4692 Fs_Rec - ok
20:36:16.0527 4692 [ 161F20685595EDDC06C0EA1F1D7BC92B ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
20:36:16.0595 4692 fwlanusbn - ok
20:36:16.0635 4692 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:36:16.0660 4692 gagp30kx - ok
20:36:16.0707 4692 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:36:16.0735 4692 GEARAspiWDM - ok
20:36:16.0790 4692 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
20:36:16.0805 4692 GoogleDesktopManager-051210-111108 - ok
20:36:16.0886 4692 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:36:17.0021 4692 gpsvc - ok
20:36:17.0087 4692 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca3efc34f091bb C:\Program Files\Google\Update\GoogleUpdate.exe
20:36:17.0105 4692 gupdate1ca3efc34f091bb - ok
20:36:17.0132 4692 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:36:17.0151 4692 gupdatem - ok
20:36:17.0213 4692 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:36:17.0236 4692 gusvc - ok
20:36:17.0326 4692 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:36:17.0371 4692 HdAudAddService - ok
20:36:17.0437 4692 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:36:17.0556 4692 HDAudBus - ok
20:36:17.0612 4692 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:36:17.0709 4692 HidBth - ok
20:36:17.0747 4692 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:36:17.0827 4692 HidIr - ok
20:36:17.0887 4692 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
20:36:17.0934 4692 hidserv - ok
20:36:18.0013 4692 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:36:18.0058 4692 HidUsb - ok
20:36:18.0093 4692 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:36:18.0146 4692 hkmsvc - ok
20:36:18.0184 4692 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:36:18.0216 4692 HpCISSs - ok
20:36:18.0737 4692 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
20:36:18.0843 4692 HPSLPSVC - ok
20:36:18.0924 4692 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:36:18.0972 4692 HTTP - ok
20:36:19.0014 4692 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:36:19.0037 4692 i2omp - ok
20:36:19.0107 4692 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:36:19.0162 4692 i8042prt - ok
20:36:19.0196 4692 [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:36:19.0222 4692 iaStor - ok
20:36:19.0239 4692 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:36:19.0268 4692 iaStorV - ok
20:36:19.0375 4692 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:36:19.0407 4692 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:36:19.0407 4692 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:36:19.0777 4692 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:36:19.0855 4692 idsvc - ok
20:36:19.0907 4692 ihfprsro - ok
20:36:19.0935 4692 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:36:19.0957 4692 iirsp - ok
20:36:20.0016 4692 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:36:20.0110 4692 IKEEXT - ok
20:36:20.0297 4692 [ FFB0B713A54DD05193DBCD0B790B37EE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:36:20.0471 4692 IntcAzAudAddService - ok
20:36:20.0537 4692 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
20:36:20.0560 4692 intelide - ok
20:36:20.0606 4692 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:36:20.0648 4692 intelppm - ok
20:36:20.0721 4692 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:36:20.0772 4692 IPBusEnum - ok
20:36:20.0802 4692 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:36:20.0898 4692 IpFilterDriver - ok
20:36:20.0984 4692 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:36:21.0042 4692 iphlpsvc - ok
20:36:21.0048 4692 IpInIp - ok
20:36:21.0083 4692 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:36:21.0145 4692 IPMIDRV - ok
20:36:21.0170 4692 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:36:21.0233 4692 IPNAT - ok
20:36:21.0304 4692 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:36:21.0385 4692 iPod Service - ok
20:36:21.0434 4692 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
20:36:21.0500 4692 irda - ok
20:36:21.0548 4692 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:36:21.0615 4692 IRENUM - ok
20:36:21.0646 4692 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
20:36:21.0748 4692 Irmon - ok
20:36:21.0761 4692 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:36:21.0787 4692 isapnp - ok
20:36:21.0866 4692 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:36:21.0893 4692 iScsiPrt - ok
20:36:21.0904 4692 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:36:21.0927 4692 iteatapi - ok
20:36:21.0957 4692 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:36:21.0991 4692 iteraid - ok
20:36:22.0027 4692 [ EAC21E8014C7E6EE341AFFFB7E2BBD54 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
20:36:22.0077 4692 k57nd60x - ok
20:36:22.0136 4692 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:36:22.0158 4692 kbdclass - ok
20:36:22.0214 4692 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:36:22.0270 4692 kbdhid - ok
20:36:22.0326 4692 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
20:36:22.0397 4692 KeyIso - ok
20:36:22.0481 4692 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:36:22.0518 4692 KSecDD - ok
20:36:22.0561 4692 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:36:22.0692 4692 KtmRm - ok
20:36:22.0785 4692 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
20:36:22.0825 4692 LanmanServer - ok
20:36:22.0905 4692 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:36:22.0986 4692 LanmanWorkstation - ok
20:36:23.0048 4692 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
20:36:23.0067 4692 lirsgt - ok
20:36:23.0085 4692 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:36:23.0142 4692 lltdio - ok
20:36:23.0175 4692 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:36:23.0242 4692 lltdsvc - ok
20:36:23.0264 4692 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:36:23.0372 4692 lmhosts - ok
20:36:23.0417 4692 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:36:23.0455 4692 LSI_FC - ok
20:36:23.0491 4692 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:36:23.0515 4692 LSI_SAS - ok
20:36:23.0545 4692 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:36:23.0569 4692 LSI_SCSI - ok
20:36:23.0598 4692 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
20:36:23.0642 4692 luafv - ok
20:36:23.0742 4692 [ AB694FA24E02246F9DDCDD729D6B9278 ] lxdnCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
20:36:23.0780 4692 lxdnCATSCustConnectService - ok
20:36:23.0786 4692 lxdn_device - ok
20:36:23.0818 4692 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:36:23.0840 4692 MBAMProtector - ok
20:36:23.0873 4692 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:36:23.0902 4692 MBAMScheduler - ok
20:36:23.0944 4692 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:36:24.0039 4692 MBAMService - ok
20:36:24.0100 4692 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:36:24.0154 4692 Mcx2Svc - ok
20:36:24.0233 4692 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
20:36:24.0256 4692 megasas - ok
20:36:24.0304 4692 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:36:24.0376 4692 MegaSR - ok
20:36:24.0443 4692 [ BAFDD5E28BAEA99D7F4772AF2F5EC7EE ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:36:24.0463 4692 mfeavfk - ok
20:36:24.0512 4692 [ 1D003E3056A43D881597D6763E83B943 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
20:36:24.0573 4692 mfebopk - ok
20:36:24.0632 4692 [ 3F138A1C8A0659F329F242D1E389B2CF ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:36:24.0664 4692 mfehidk - ok
20:36:24.0704 4692 [ 41FE2F288E05A6C8AB85DD56770FFBAD ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
20:36:24.0722 4692 mferkdk - ok
20:36:24.0753 4692 [ 096B52EA918AA909BA5903D79E129005 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
20:36:24.0771 4692 mfesmfk - ok
20:36:24.0803 4692 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:36:24.0853 4692 MMCSS - ok
20:36:24.0874 4692 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
20:36:24.0928 4692 Modem - ok
20:36:24.0960 4692 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:36:25.0012 4692 monitor - ok
20:36:25.0083 4692 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:36:25.0118 4692 mouclass - ok
20:36:25.0137 4692 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:36:25.0179 4692 mouhid - ok
20:36:25.0199 4692 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:36:25.0222 4692 MountMgr - ok
20:36:25.0266 4692 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
20:36:25.0291 4692 mpio - ok
20:36:25.0334 4692 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:36:25.0379 4692 mpsdrv - ok
20:36:25.0442 4692 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:36:25.0493 4692 MpsSvc - ok
20:36:25.0554 4692 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:36:25.0575 4692 Mraid35x - ok
20:36:25.0645 4692 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:36:25.0683 4692 MRxDAV - ok
20:36:25.0757 4692 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:36:25.0806 4692 mrxsmb - ok
20:36:25.0868 4692 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:36:25.0910 4692 mrxsmb10 - ok
20:36:25.0983 4692 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:36:26.0034 4692 mrxsmb20 - ok
20:36:26.0069 4692 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
20:36:26.0091 4692 msahci - ok
20:36:26.0129 4692 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:36:26.0154 4692 msdsm - ok
20:36:26.0173 4692 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
20:36:26.0234 4692 MSDTC - ok
20:36:26.0248 4692 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:36:26.0308 4692 Msfs - ok
20:36:26.0374 4692 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:36:26.0403 4692 msisadrv - ok
20:36:26.0438 4692 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:36:26.0499 4692 MSiSCSI - ok
20:36:26.0507 4692 msiserver - ok
20:36:26.0554 4692 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:36:26.0636 4692 MSKSSRV - ok
20:36:26.0658 4692 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:36:26.0736 4692 MSPCLOCK - ok
20:36:26.0752 4692 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:36:26.0807 4692 MSPQM - ok
20:36:26.0877 4692 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:36:26.0916 4692 MsRPC - ok
20:36:26.0980 4692 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:36:27.0003 4692 mssmbios - ok
20:36:27.0041 4692 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:36:27.0117 4692 MSTEE - ok
20:36:27.0170 4692 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
20:36:27.0193 4692 Mup - ok
20:36:27.0231 4692 [ 2DE94E435C3EFDE58C7B1856D4F20724 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:36:27.0246 4692 mwlPSDFilter - ok
20:36:27.0263 4692 [ 61920A7146EED3D903DBBB8EC295AF76 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:36:27.0277 4692 mwlPSDNServ - ok
20:36:27.0289 4692 [ E0F49721E68EBD2983E84C44FADA6665 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:36:27.0306 4692 mwlPSDVDisk - ok
20:36:27.0383 4692 [ FD257CD94057D02108B954156D7B2770 ] MWLService C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
20:36:27.0410 4692 MWLService - ok
20:36:27.0475 4692 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
20:36:27.0534 4692 napagent - ok
20:36:27.0603 4692 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:36:27.0633 4692 NativeWifiP - ok
20:36:27.0721 4692 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:36:27.0795 4692 NDIS - ok
20:36:27.0843 4692 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:36:27.0891 4692 NdisTapi - ok
20:36:27.0905 4692 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:36:27.0950 4692 Ndisuio - ok
20:36:28.0021 4692 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:36:28.0086 4692 NdisWan - ok
20:36:28.0114 4692 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:36:28.0178 4692 NDProxy - ok
20:36:28.0261 4692 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:36:28.0292 4692 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:36:28.0292 4692 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:36:28.0321 4692 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:36:28.0403 4692 NetBIOS - ok
20:36:28.0481 4692 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:36:28.0560 4692 netbt - ok
20:36:28.0604 4692 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
20:36:28.0630 4692 Netlogon - ok
20:36:28.0721 4692 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
20:36:28.0802 4692 Netman - ok
20:36:28.0845 4692 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
20:36:28.0896 4692 netprofm - ok
20:36:28.0947 4692 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:36:28.0969 4692 NetTcpPortSharing - ok
20:36:29.0387 4692 [ 70B5B4E69A07895DF30291CAB6ABDA54 ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
20:36:29.0588 4692 Netzmanager Service ( UnsignedFile.Multi.Generic ) - warning
20:36:29.0588 4692 Netzmanager Service - detected UnsignedFile.Multi.Generic (1)
20:36:29.0646 4692 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:36:29.0700 4692 nfrd960 - ok
20:36:29.0753 4692 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:36:29.0802 4692 NlaSvc - ok
20:36:29.0859 4692 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:36:29.0921 4692 Npfs - ok
20:36:29.0975 4692 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
20:36:30.0054 4692 NSCIRDA - ok
20:36:30.0087 4692 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
20:36:30.0152 4692 nsi - ok
20:36:30.0192 4692 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:36:30.0260 4692 nsiproxy - ok
20:36:30.0390 4692 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:36:30.0507 4692 Ntfs - ok
20:36:30.0601 4692 [ 944E3911888B9FFFD843B91C8ABBD3F6 ] NTI IScheduleSvc C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
20:36:30.0619 4692 NTI IScheduleSvc - ok
20:36:30.0682 4692 [ 973DCB15731339FCA176E534055CF115 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
20:36:30.0701 4692 NTIBackupSvc - ok
20:36:30.0730 4692 [ 6DCAA65F49EF3B97A5CFFC0CB5DE1C2F ] NTIDrvr C:\Windows\system32\Drivers\NTIDrvr.sys
20:36:30.0747 4692 NTIDrvr - ok
20:36:30.0776 4692 [ 58751F9248D50BCE1053976C9E2F0859 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
20:36:30.0795 4692 NTISchedulerSvc - ok
20:36:30.0840 4692 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:36:30.0929 4692 ntrigdigi - ok
20:36:30.0958 4692 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
20:36:31.0029 4692 Null - ok
20:36:31.0058 4692 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:36:31.0083 4692 nvraid - ok
20:36:31.0131 4692 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:36:31.0154 4692 nvstor - ok
20:36:31.0176 4692 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:36:31.0201 4692 nv_agp - ok
20:36:31.0212 4692 NwlnkFlt - ok
20:36:31.0220 4692 NwlnkFwd - ok
20:36:31.0433 4692 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:36:31.0467 4692 odserv - ok
20:36:31.0513 4692 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:36:31.0557 4692 ohci1394 - ok
20:36:31.0591 4692 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:36:31.0612 4692 ose - ok
20:36:31.0727 4692 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:36:31.0795 4692 p2pimsvc - ok
20:36:31.0843 4692 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:36:31.0928 4692 p2psvc - ok
20:36:31.0985 4692 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
20:36:32.0100 4692 Parport - ok
20:36:32.0163 4692 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:36:32.0191 4692 partmgr - ok
20:36:32.0210 4692 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:36:32.0294 4692 Parvdm - ok
20:36:32.0314 4692 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
20:36:32.0377 4692 PcaSvc - ok
20:36:32.0398 4692 pccsmcfd - ok
20:36:32.0495 4692 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
20:36:32.0522 4692 pci - ok
20:36:32.0548 4692 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
20:36:32.0586 4692 pciide - ok
20:36:32.0634 4692 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:36:32.0661 4692 pcmcia - ok
20:36:32.0714 4692 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:36:32.0885 4692 PEAUTH - ok
20:36:32.0998 4692 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
20:36:33.0088 4692 pla - ok
20:36:33.0166 4692 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:36:33.0216 4692 PlugPlay - ok
20:36:33.0250 4692 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:36:33.0259 4692 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:36:33.0260 4692 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:36:33.0294 4692 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:36:33.0394 4692 PNRPAutoReg - ok
20:36:33.0410 4692 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:36:33.0517 4692 PNRPsvc - ok
20:36:33.0599 4692 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:36:33.0689 4692 PolicyAgent - ok
20:36:33.0710 4692 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:36:33.0791 4692 PptpMiniport - ok
20:36:33.0811 4692 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
20:36:33.0874 4692 Processor - ok
20:36:33.0937 4692 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:36:34.0024 4692 ProfSvc - ok
20:36:34.0037 4692 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:36:34.0061 4692 ProtectedStorage - ok
20:36:34.0135 4692 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:36:34.0190 4692 PSched - ok
20:36:34.0269 4692 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:36:34.0288 4692 PxHelp20 - ok
20:36:34.0340 4692 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:36:34.0508 4692 ql2300 - ok
20:36:34.0580 4692 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:36:34.0619 4692 ql40xx - ok
20:36:34.0669 4692 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
20:36:34.0721 4692 QWAVE - ok
20:36:34.0731 4692 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:36:34.0772 4692 QWAVEdrv - ok
20:36:34.0795 4692 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:36:34.0864 4692 RasAcd - ok
20:36:34.0921 4692 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
20:36:34.0969 4692 RasAuto - ok
20:36:34.0995 4692 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:36:35.0054 4692 Rasl2tp - ok
20:36:35.0140 4692 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
20:36:35.0206 4692 RasMan - ok
20:36:35.0274 4692 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:36:35.0336 4692 RasPppoe - ok
20:36:35.0386 4692 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:36:35.0411 4692 RasSstp - ok
20:36:35.0470 4692 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:36:35.0531 4692 rdbss - ok
20:36:35.0558 4692 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:36:35.0601 4692 RDPCDD - ok
20:36:35.0646 4692 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:36:35.0709 4692 rdpdr - ok
20:36:35.0716 4692 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:36:35.0780 4692 RDPENCDD - ok
20:36:35.0822 4692 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:36:35.0893 4692 RDPWD - ok
20:36:35.0934 4692 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:36:35.0979 4692 RemoteAccess - ok
20:36:36.0047 4692 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:36:36.0095 4692 RemoteRegistry - ok
20:36:36.0207 4692 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:36:36.0256 4692 RFCOMM - ok
20:36:36.0296 4692 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:36:36.0342 4692 RpcLocator - ok
20:36:36.0410 4692 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
20:36:36.0457 4692 RpcSs - ok
20:36:36.0488 4692 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:36:36.0541 4692 rspndr - ok
20:36:36.0632 4692 [ DA4980FAD2B7D86D6ED8E35E3874F65E ] RT73 C:\Windows\system32\DRIVERS\rt73.sys
20:36:36.0697 4692 RT73 - ok
20:36:36.0801 4692 [ 4A8393F03CB2F40E08126D83916C5633 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
20:36:36.0822 4692 RTHDMIAzAudService - ok
20:36:36.0860 4692 [ 9B09F336DE36A7A6CA871DE8A7847B65 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
20:36:36.0899 4692 RTSTOR - ok
20:36:36.0915 4692 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
20:36:36.0939 4692 SamSs - ok
20:36:36.0987 4692 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:36:37.0015 4692 SASDIFSV - ok
20:36:37.0035 4692 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:36:37.0052 4692 SASKUTIL - ok
20:36:37.0078 4692 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:36:37.0105 4692 sbp2port - ok
20:36:37.0159 4692 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:36:37.0215 4692 SCardSvr - ok
20:36:37.0308 4692 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
20:36:37.0476 4692 Schedule - ok
20:36:37.0555 4692 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:36:37.0591 4692 SCPolicySvc - ok
20:36:37.0628 4692 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:36:37.0675 4692 sdbus - ok
20:36:37.0750 4692 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:36:37.0796 4692 SDRSVC - ok
20:36:37.0826 4692 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:36:37.0921 4692 secdrv - ok
20:36:37.0943 4692 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
20:36:38.0007 4692 seclogon - ok
20:36:38.0019 4692 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
20:36:38.0065 4692 SENS - ok
20:36:38.0089 4692 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:36:38.0162 4692 Serenum - ok
20:36:38.0202 4692 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
20:36:38.0315 4692 Serial - ok
20:36:38.0412 4692 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:36:38.0469 4692 sermouse - ok
20:36:38.0511 4692 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:36:38.0567 4692 SessionEnv - ok
20:36:38.0607 4692 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:36:38.0666 4692 sffdisk - ok
20:36:38.0685 4692 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:36:38.0744 4692 sffp_mmc - ok
20:36:38.0765 4692 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:36:38.0808 4692 sffp_sd - ok
20:36:38.0826 4692 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:36:38.0925 4692 sfloppy - ok
20:36:38.0976 4692 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:36:39.0035 4692 SharedAccess - ok
20:36:39.0073 4692 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:36:39.0125 4692 ShellHWDetection - ok
20:36:39.0147 4692 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:36:39.0171 4692 sisagp - ok
20:36:39.0217 4692 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:36:39.0239 4692 SiSRaid2 - ok
20:36:39.0263 4692 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:36:39.0287 4692 SiSRaid4 - ok
20:36:39.0340 4692 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:36:39.0360 4692 SkypeUpdate - ok
20:36:39.0558 4692 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
20:36:39.0917 4692 slsvc - ok
20:36:40.0001 4692 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:36:40.0071 4692 SLUINotify - ok
20:36:40.0123 4692 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:36:40.0158 4692 Smb - ok
20:36:40.0195 4692 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:36:40.0229 4692 SNMPTRAP - ok
20:36:42.0220 4692 [ 11BB0E11D42CC3A43D741D9B30839BE1 ] SNPSTD3 C:\Windows\system32\DRIVERS\snpstd3.sys
20:36:42.0848 4692 SNPSTD3 - ok
20:36:42.0916 4692 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
20:36:42.0958 4692 spldr - ok
20:36:42.0993 4692 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:36:43.0074 4692 Spooler - ok
20:36:43.0201 4692 [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd C:\Windows\System32\Drivers\sptd.sys
20:36:43.0245 4692 sptd - ok
20:36:43.0386 4692 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:36:43.0457 4692 srv - ok
20:36:43.0522 4692 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:36:43.0580 4692 srv2 - ok
20:36:43.0595 4692 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:36:43.0659 4692 srvnet - ok
20:36:43.0690 4692 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:36:43.0738 4692 SSDPSRV - ok
20:36:43.0818 4692 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
20:36:43.0859 4692 ssmdrv - ok
20:36:43.0927 4692 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:36:43.0961 4692 SstpSvc - ok
20:36:44.0167 4692 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
20:36:44.0226 4692 stisvc - ok
20:36:44.0307 4692 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:36:44.0354 4692 swenum - ok
20:36:44.0459 4692 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
20:36:44.0501 4692 swprv - ok
20:36:44.0565 4692 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:36:44.0604 4692 Symc8xx - ok
20:36:44.0631 4692 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:36:44.0652 4692 Sym_hi - ok
20:36:44.0675 4692 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:36:44.0697 4692 Sym_u3 - ok
20:36:44.0785 4692 [ AEE6E411A915F50101895BA8DC5C15D4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:36:44.0833 4692 SynTP - ok
20:36:44.0986 4692 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
20:36:45.0106 4692 SysMain - ok
20:36:45.0157 4692 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:36:45.0197 4692 TabletInputService - ok
20:36:45.0281 4692 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:36:45.0343 4692 TapiSrv - ok
20:36:45.0354 4692 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
20:36:45.0409 4692 TBS - ok
20:36:45.0513 4692 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:36:45.0604 4692 Tcpip - ok
20:36:45.0646 4692 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:36:45.0704 4692 Tcpip6 - ok
20:36:45.0764 4692 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:36:45.0808 4692 tcpipreg - ok
20:36:45.0847 4692 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:36:45.0903 4692 TDPIPE - ok
20:36:45.0929 4692 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:36:45.0988 4692 TDTCP - ok
20:36:46.0061 4692 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:36:46.0123 4692 tdx - ok
20:36:46.0186 4692 [ 2A96C8FA665C02E6AD596C321B583112 ] TeamViewer5 C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
20:36:46.0208 4692 TeamViewer5 - ok
20:36:46.0357 4692 [ 5D528200679C3B4595B4237E02C077D5 ] TelekomNM3 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys
20:36:46.0374 4692 TelekomNM3 - ok
20:36:46.0437 4692 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:36:46.0486 4692 TermDD - ok
20:36:46.0600 4692 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
20:36:46.0646 4692 TermService - ok
20:36:46.0683 4692 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
20:36:46.0713 4692 Themes - ok
20:36:46.0725 4692 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:36:46.0771 4692 THREADORDER - ok
20:36:46.0812 4692 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
20:36:46.0875 4692 TrkWks - ok
20:36:46.0985 4692 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:36:47.0047 4692 TrustedInstaller - ok
20:36:47.0082 4692 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:36:47.0132 4692 tssecsrv - ok
20:36:47.0244 4692 [ D579510E96A89E37F93B8420CB765709 ] TuneUp.Defrag C:\Windows\System32\TuneUpDefragService.exe
20:36:47.0272 4692 TuneUp.Defrag - ok
20:36:47.0305 4692 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:36:47.0352 4692 tunmp - ok
20:36:47.0372 4692 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:36:47.0417 4692 tunnel - ok
20:36:47.0447 4692 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:36:47.0472 4692 uagp35 - ok
20:36:47.0536 4692 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
20:36:47.0554 4692 UBHelper - ok
20:36:47.0619 4692 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:36:47.0667 4692 udfs - ok
20:36:47.0705 4692 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:36:47.0765 4692 UI0Detect - ok
20:36:47.0807 4692 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:36:47.0839 4692 uliagpkx - ok
20:36:47.0886 4692 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:36:47.0917 4692 uliahci - ok
20:36:47.0947 4692 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:36:47.0997 4692 UlSata - ok
20:36:48.0024 4692 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:36:48.0057 4692 ulsata2 - ok
20:36:48.0067 4692 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:36:48.0123 4692 umbus - ok
20:36:48.0147 4692 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
20:36:48.0187 4692 upnphost - ok
20:36:48.0262 4692 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:36:48.0367 4692 USBAAPL - ok
20:36:48.0391 4692 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:36:48.0440 4692 usbccgp - ok
20:36:48.0486 4692 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:36:48.0597 4692 usbcir - ok
20:36:48.0687 4692 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:36:48.0755 4692 usbehci - ok
20:36:48.0824 4692 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:36:48.0878 4692 usbhub - ok
20:36:48.0905 4692 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:36:49.0004 4692 usbohci - ok
20:36:49.0047 4692 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:36:49.0101 4692 usbprint - ok
20:36:49.0143 4692 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:36:49.0214 4692 usbscan - ok
20:36:49.0303 4692 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:36:49.0338 4692 USBSTOR - ok
20:36:49.0397 4692 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:36:49.0431 4692 usbuhci - ok
20:36:49.0443 4692 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:36:49.0487 4692 usbvideo - ok
20:36:49.0558 4692 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
20:36:49.0623 4692 UxSms - ok
20:36:49.0680 4692 [ D81CD7E761C1A52DEC20F0D4EAEA3259 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
20:36:49.0707 4692 UxTuneUp - ok
20:36:49.0778 4692 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
20:36:49.0824 4692 vds - ok
20:36:49.0881 4692 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:36:49.0966 4692 vga - ok
20:36:49.0993 4692 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:36:50.0043 4692 VgaSave - ok
20:36:50.0064 4692 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:36:50.0088 4692 viaagp - ok
20:36:50.0116 4692 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:36:50.0160 4692 ViaC7 - ok
20:36:50.0177 4692 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
20:36:50.0214 4692 viaide - ok
20:36:50.0233 4692 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:36:50.0265 4692 volmgr - ok
20:36:50.0364 4692 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:36:50.0397 4692 volmgrx - ok
20:36:50.0458 4692 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:36:50.0490 4692 volsnap - ok
20:36:50.0536 4692 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:36:50.0561 4692 vsmraid - ok
20:36:50.0689 4692 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
20:36:50.0811 4692 VSS - ok
20:36:50.0892 4692 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
20:36:50.0943 4692 W32Time - ok
20:36:50.0972 4692 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:36:51.0076 4692 WacomPen - ok
20:36:51.0117 4692 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:36:51.0164 4692 Wanarp - ok
20:36:51.0170 4692 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:36:51.0208 4692 Wanarpv6 - ok
20:36:51.0274 4692 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:36:51.0312 4692 wcncsvc - ok
20:36:51.0349 4692 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:36:51.0387 4692 WcsPlugInService - ok
20:36:51.0430 4692 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
20:36:51.0467 4692 Wd - ok
20:36:51.0499 4692 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:36:51.0556 4692 Wdf01000 - ok
20:36:51.0582 4692 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:36:51.0629 4692 WdiServiceHost - ok
20:36:51.0635 4692 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:36:51.0681 4692 WdiSystemHost - ok
20:36:51.0763 4692 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
20:36:51.0827 4692 WebClient - ok
20:36:51.0892 4692 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:36:51.0997 4692 Wecsvc - ok
20:36:52.0028 4692 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:36:52.0067 4692 wercplsupport - ok
20:36:52.0131 4692 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:36:52.0185 4692 WerSvc - ok
20:36:52.0256 4692 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:36:52.0284 4692 WinDefend - ok
20:36:52.0294 4692 WinHttpAutoProxySvc - ok
20:36:52.0567 4692 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:36:52.0603 4692 Winmgmt - ok
20:36:52.0692 4692 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:36:52.0773 4692 WinRM - ok
20:36:52.0809 4692 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
20:36:52.0861 4692 winusb - ok
20:36:52.0906 4692 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:36:53.0012 4692 Wlansvc - ok
20:36:53.0069 4692 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:36:53.0103 4692 WmiAcpi - ok
20:36:53.0220 4692 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:36:53.0283 4692 wmiApSrv - ok
20:36:53.0383 4692 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:36:53.0455 4692 WMPNetworkSvc - ok
20:36:53.0554 4692 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
20:36:53.0586 4692 WMZuneComm - ok
20:36:53.0643 4692 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:36:53.0693 4692 WPCSvc - ok
20:36:53.0768 4692 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:36:53.0818 4692 WPDBusEnum - ok
20:36:53.0880 4692 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:36:53.0917 4692 WpdUsb - ok
20:36:54.0136 4692 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:36:54.0178 4692 WPFFontCache_v0400 - ok
20:36:54.0204 4692 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:36:54.0267 4692 ws2ifsl - ok
20:36:54.0333 4692 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
20:36:54.0362 4692 wscsvc - ok
20:36:54.0369 4692 WSearch - ok
20:36:54.0644 4692 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:36:54.0938 4692 wuauserv - ok
20:36:55.0000 4692 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:36:55.0044 4692 WudfPf - ok
20:36:55.0077 4692 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:36:55.0105 4692 WUDFRd - ok
20:36:55.0125 4692 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:36:55.0227 4692 wudfsvc - ok
20:36:55.0665 4692 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
20:36:56.0148 4692 ZuneNetworkSvc - ok
20:36:56.0209 4692 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
20:36:56.0248 4692 ZuneWlanCfgSvc - ok
20:36:56.0357 4692 [ 74EC37B9EAF9FCA015B933A526825C7A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
20:36:56.0376 4692 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
20:36:56.0419 4692 ================ Scan global ===============================
20:36:56.0439 4692 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:36:56.0474 4692 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:36:56.0492 4692 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:36:56.0567 4692 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:36:56.0574 4692 [Global] - ok
20:36:56.0574 4692 ================ Scan MBR ==================================
20:36:56.0592 4692 [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
20:36:56.0899 4692 \Device\Harddisk0\DR0 - ok
20:36:56.0902 4692 ================ Scan VBR ==================================
20:36:56.0906 4692 [ 0655143A0999E8D803F726F032D67F53 ] \Device\Harddisk0\DR0\Partition1
20:36:56.0908 4692 \Device\Harddisk0\DR0\Partition1 - ok
20:36:56.0909 4692 ============================================================
20:36:56.0909 4692 Scan finished
20:36:56.0909 4692 ============================================================
20:36:56.0930 1244 Detected object count: 8
20:36:56.0930 1244 Actual detected object count: 8
20:37:14.0968 1244 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:14.0969 1244 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:37:14.0971 1244 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:14.0971 1244 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:37:14.0975 1244 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:14.0975 1244 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:37:14.0977 1244 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:14.0977 1244 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:37:14.0980 1244 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:14.0980 1244 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:37:14.0983 1244 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:14.0983 1244 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:37:14.0985 1244 Netzmanager Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:14.0985 1244 Netzmanager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:37:14.0988 1244 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:37:14.0988 1244 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:37:26.0709 3944 Deinitialize success
Und dann hab ich da aufeinmal noch eine entdeckt aber ich glaube die ist von früher^^ : Code:
ATTFilter 2011/03/24 21:19:13.0786 4292 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/24 21:19:14.0179 4292 ================================================================================
2011/03/24 21:19:14.0179 4292 SystemInfo:
2011/03/24 21:19:14.0180 4292
2011/03/24 21:19:14.0180 4292 OS Version: 6.0.6002 ServicePack: 2.0
2011/03/24 21:19:14.0180 4292 Product type: Workstation
2011/03/24 21:19:14.0180 4292 ComputerName: MEDIA-PC
2011/03/24 21:19:14.0180 4292 UserName: media
2011/03/24 21:19:14.0180 4292 Windows directory: C:\Windows
2011/03/24 21:19:14.0180 4292 System windows directory: C:\Windows
2011/03/24 21:19:14.0180 4292 Processor architecture: Intel x86
2011/03/24 21:19:14.0180 4292 Number of processors: 2
2011/03/24 21:19:14.0180 4292 Page size: 0x1000
2011/03/24 21:19:14.0180 4292 Boot type: Normal boot
2011/03/24 21:19:14.0180 4292 ================================================================================
2011/03/24 21:19:19.0474 4292 Initialize success
2011/03/24 21:19:34.0964 5036 ================================================================================
2011/03/24 21:19:34.0964 5036 Scan started
2011/03/24 21:19:34.0964 5036 Mode: Manual;
2011/03/24 21:19:34.0964 5036 ================================================================================
2011/03/24 21:19:35.0613 5036 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/03/24 21:19:36.0191 5036 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/03/24 21:19:36.0817 5036 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/03/24 21:19:37.0056 5036 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/03/24 21:19:37.0354 5036 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/03/24 21:19:37.0864 5036 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/03/24 21:19:38.0020 5036 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/03/24 21:19:38.0262 5036 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/03/24 21:19:38.0565 5036 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/03/24 21:19:38.0970 5036 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/03/24 21:19:39.0330 5036 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/03/24 21:19:39.0977 5036 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/03/24 21:19:40.0355 5036 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/03/24 21:19:40.0931 5036 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/03/24 21:19:41.0262 5036 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/03/24 21:19:41.0671 5036 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/03/24 21:19:42.0002 5036 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/24 21:19:42.0101 5036 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/03/24 21:19:42.0369 5036 athr (acdb46b1a467752a2f280c68c8461556) C:\Windows\system32\DRIVERS\athr.sys
2011/03/24 21:19:42.0613 5036 atikmdag (6f2cc6403012375385d556bf39382b74) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/24 21:19:42.0795 5036 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/03/24 21:19:42.0924 5036 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/03/24 21:19:43.0065 5036 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/24 21:19:43.0177 5036 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/24 21:19:43.0277 5036 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys
2011/03/24 21:19:43.0386 5036 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/03/24 21:19:43.0493 5036 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/03/24 21:19:43.0629 5036 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/03/24 21:19:43.0739 5036 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/24 21:19:43.0772 5036 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/03/24 21:19:43.0855 5036 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/03/24 21:19:43.0990 5036 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/03/24 21:19:44.0062 5036 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/03/24 21:19:44.0143 5036 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/03/24 21:19:44.0195 5036 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/03/24 21:19:44.0313 5036 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/03/24 21:19:44.0428 5036 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/24 21:19:44.0495 5036 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/03/24 21:19:44.0596 5036 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/03/24 21:19:44.0716 5036 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/03/24 21:19:44.0929 5036 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/24 21:19:45.0068 5036 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/24 21:19:45.0126 5036 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/03/24 21:19:45.0198 5036 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/03/24 21:19:45.0367 5036 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/24 21:19:45.0403 5036 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/03/24 21:19:45.0480 5036 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/24 21:19:45.0572 5036 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/03/24 21:19:45.0624 5036 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/03/24 21:19:45.0810 5036 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/03/24 21:19:46.0001 5036 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/03/24 21:19:46.0094 5036 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/03/24 21:19:46.0248 5036 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/03/24 21:19:46.0325 5036 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/24 21:19:46.0444 5036 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/03/24 21:19:46.0604 5036 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/03/24 21:19:46.0670 5036 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/03/24 21:19:46.0792 5036 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/03/24 21:19:46.0886 5036 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/03/24 21:19:47.0021 5036 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/03/24 21:19:47.0081 5036 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/24 21:19:47.0105 5036 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/03/24 21:19:47.0139 5036 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/03/24 21:19:47.0241 5036 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/24 21:19:47.0350 5036 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/03/24 21:19:47.0490 5036 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
2011/03/24 21:19:47.0548 5036 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/24 21:19:47.0587 5036 fwlanusbn (161f20685595eddc06c0ea1f1d7bc92b) C:\Windows\system32\DRIVERS\fwlanusbn.sys
2011/03/24 21:19:47.0692 5036 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/03/24 21:19:47.0896 5036 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/03/24 21:19:47.0973 5036 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/24 21:19:48.0082 5036 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/03/24 21:19:48.0122 5036 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/03/24 21:19:48.0274 5036 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/24 21:19:48.0351 5036 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/03/24 21:19:48.0425 5036 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/03/24 21:19:48.0530 5036 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/03/24 21:19:48.0601 5036 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/24 21:19:48.0700 5036 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
2011/03/24 21:19:48.0743 5036 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/03/24 21:19:48.0863 5036 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/03/24 21:19:48.0939 5036 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/03/24 21:19:48.0988 5036 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/24 21:19:49.0061 5036 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/24 21:19:49.0132 5036 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/03/24 21:19:49.0192 5036 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/03/24 21:19:49.0281 5036 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
2011/03/24 21:19:49.0321 5036 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/03/24 21:19:49.0375 5036 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/03/24 21:19:49.0437 5036 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/24 21:19:49.0496 5036 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/03/24 21:19:49.0559 5036 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/03/24 21:19:49.0654 5036 k57nd60x (eac21e8014c7e6ee341afffb7e2bbd54) C:\Windows\system32\DRIVERS\k57nd60x.sys
2011/03/24 21:19:49.0752 5036 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/24 21:19:49.0849 5036 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/24 21:19:49.0966 5036 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/24 21:19:50.0095 5036 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/03/24 21:19:50.0145 5036 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/24 21:19:50.0246 5036 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/03/24 21:19:50.0353 5036 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/03/24 21:19:50.0443 5036 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/03/24 21:19:50.0525 5036 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/03/24 21:19:50.0627 5036 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/03/24 21:19:50.0697 5036 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/03/24 21:19:50.0786 5036 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\Windows\system32\drivers\mfeavfk.sys
2011/03/24 21:19:50.0853 5036 mfebopk (1d003e3056a43d881597d6763e83b943) C:\Windows\system32\drivers\mfebopk.sys
2011/03/24 21:19:50.0929 5036 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\Windows\system32\drivers\mfehidk.sys
2011/03/24 21:19:50.0994 5036 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
2011/03/24 21:19:51.0081 5036 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
2011/03/24 21:19:51.0141 5036 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/03/24 21:19:51.0187 5036 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/24 21:19:51.0281 5036 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/24 21:19:51.0341 5036 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/24 21:19:51.0370 5036 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/03/24 21:19:51.0468 5036 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/03/24 21:19:51.0520 5036 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/24 21:19:51.0555 5036 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/03/24 21:19:51.0672 5036 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/24 21:19:51.0707 5036 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/24 21:19:51.0733 5036 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/24 21:19:51.0812 5036 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/24 21:19:51.0861 5036 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/03/24 21:19:51.0948 5036 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/03/24 21:19:52.0007 5036 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/03/24 21:19:52.0067 5036 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/03/24 21:19:52.0151 5036 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/24 21:19:52.0196 5036 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/24 21:19:52.0222 5036 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/03/24 21:19:52.0337 5036 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/03/24 21:19:52.0420 5036 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/24 21:19:52.0486 5036 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/03/24 21:19:52.0577 5036 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/03/24 21:19:52.0647 5036 mwlPSDFilter (2de94e435c3efde58c7b1856d4f20724) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
2011/03/24 21:19:52.0684 5036 mwlPSDNServ (61920a7146eed3d903dbbb8ec295af76) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
2011/03/24 21:19:52.0722 5036 mwlPSDVDisk (e0f49721e68ebd2983e84c44fada6665) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
2011/03/24 21:19:52.0818 5036 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/24 21:19:52.0946 5036 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/03/24 21:19:53.0039 5036 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/24 21:19:53.0091 5036 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/24 21:19:53.0170 5036 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/24 21:19:53.0263 5036 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/03/24 21:19:53.0337 5036 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/24 21:19:53.0440 5036 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/24 21:19:53.0504 5036 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/03/24 21:19:53.0608 5036 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/03/24 21:19:53.0675 5036 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
2011/03/24 21:19:53.0716 5036 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/24 21:19:53.0814 5036 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/03/24 21:19:53.0947 5036 NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\Drivers\NTIDrvr.sys
2011/03/24 21:19:54.0022 5036 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/03/24 21:19:54.0069 5036 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/03/24 21:19:54.0123 5036 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/03/24 21:19:54.0191 5036 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/03/24 21:19:54.0272 5036 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/03/24 21:19:54.0405 5036 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/24 21:19:54.0502 5036 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/03/24 21:19:54.0602 5036 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/03/24 21:19:54.0659 5036 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/03/24 21:19:54.0788 5036 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/03/24 21:19:54.0864 5036 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/03/24 21:19:54.0934 5036 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/24 21:19:55.0039 5036 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/03/24 21:19:55.0225 5036 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/24 21:19:55.0269 5036 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/03/24 21:19:55.0429 5036 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/24 21:19:55.0496 5036 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/03/24 21:19:55.0617 5036 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/03/24 21:19:55.0741 5036 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/03/24 21:19:55.0780 5036 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/24 21:19:55.0834 5036 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/24 21:19:55.0900 5036 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/24 21:19:56.0001 5036 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/24 21:19:56.0091 5036 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/24 21:19:56.0185 5036 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/24 21:19:56.0247 5036 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/24 21:19:56.0308 5036 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/03/24 21:19:56.0398 5036 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/24 21:19:56.0477 5036 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/03/24 21:19:56.0637 5036 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/03/24 21:19:56.0688 5036 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/24 21:19:56.0796 5036 RT73 (da4980fad2b7d86d6ed8e35e3874f65e) C:\Windows\system32\DRIVERS\rt73.sys
2011/03/24 21:19:56.0955 5036 RTSTOR (9b09f336de36a7a6ca871de8a7847b65) C:\Windows\system32\drivers\RTSTOR.SYS
2011/03/24 21:19:57.0001 5036 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/03/24 21:19:57.0130 5036 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/03/24 21:19:57.0167 5036 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/24 21:19:57.0284 5036 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/03/24 21:19:57.0338 5036 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/03/24 21:19:57.0429 5036 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/03/24 21:19:57.0536 5036 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/03/24 21:19:57.0576 5036 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/24 21:19:57.0659 5036 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/24 21:19:57.0697 5036 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/03/24 21:19:57.0790 5036 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/03/24 21:19:57.0835 5036 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/03/24 21:19:57.0864 5036 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/03/24 21:19:58.0005 5036 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/03/24 21:19:58.0299 5036 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys
2011/03/24 21:19:58.0580 5036 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/03/24 21:19:58.0700 5036 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
2011/03/24 21:19:58.0701 5036 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
2011/03/24 21:19:58.0712 5036 sptd - detected Locked file (1)
2011/03/24 21:19:58.0855 5036 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/03/24 21:19:58.0872 5036 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/24 21:19:58.0890 5036 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/24 21:19:58.0925 5036 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/03/24 21:19:59.0042 5036 ss_bus (54946449a0eb74915a4bb34f7ee51a5a) C:\Windows\system32\DRIVERS\ss_bus.sys
2011/03/24 21:19:59.0074 5036 ss_mdfl (4450bc0b2e9d7d9b90e3c3de4ea00a78) C:\Windows\system32\DRIVERS\ss_mdfl.sys
2011/03/24 21:19:59.0108 5036 ss_mdm (30b8d0dd01ead1243f329caf7d7d1517) C:\Windows\system32\DRIVERS\ss_mdm.sys
2011/03/24 21:19:59.0248 5036 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/24 21:19:59.0294 5036 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/03/24 21:19:59.0324 5036 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/03/24 21:19:59.0422 5036 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/03/24 21:19:59.0478 5036 SynTP (aee6e411a915f50101895ba8dc5c15d4) C:\Windows\system32\DRIVERS\SynTP.sys
2011/03/24 21:19:59.0629 5036 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/03/24 21:19:59.0762 5036 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/24 21:19:59.0894 5036 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/24 21:19:59.0938 5036 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/03/24 21:20:00.0035 5036 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/03/24 21:20:00.0110 5036 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/24 21:20:00.0246 5036 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/24 21:20:00.0314 5036 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/24 21:20:00.0432 5036 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/03/24 21:20:00.0469 5036 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/24 21:20:00.0569 5036 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/03/24 21:20:00.0608 5036 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
2011/03/24 21:20:00.0743 5036 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/24 21:20:00.0804 5036 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/24 21:20:00.0905 5036 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/03/24 21:20:01.0019 5036 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/03/24 21:20:01.0073 5036 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/03/24 21:20:01.0161 5036 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/24 21:20:01.0255 5036 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/24 21:20:01.0292 5036 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/03/24 21:20:01.0436 5036 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/24 21:20:01.0519 5036 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/24 21:20:01.0555 5036 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/03/24 21:20:01.0655 5036 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/24 21:20:01.0734 5036 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/24 21:20:01.0837 5036 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/24 21:20:01.0875 5036 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/24 21:20:01.0997 5036 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/24 21:20:02.0045 5036 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/03/24 21:20:02.0125 5036 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/03/24 21:20:02.0161 5036 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/03/24 21:20:02.0215 5036 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/03/24 21:20:02.0327 5036 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/03/24 21:20:02.0404 5036 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/03/24 21:20:02.0455 5036 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/03/24 21:20:02.0563 5036 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/03/24 21:20:02.0622 5036 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/03/24 21:20:02.0711 5036 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/24 21:20:02.0726 5036 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/24 21:20:02.0773 5036 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/03/24 21:20:02.0893 5036 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/24 21:20:03.0069 5036 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/24 21:20:03.0131 5036 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/24 21:20:03.0232 5036 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/24 21:20:03.0356 5036 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
2011/03/24 21:20:03.0556 5036 ================================================================================
2011/03/24 21:20:03.0556 5036 Scan finished
2011/03/24 21:20:03.0556 5036 ================================================================================
2011/03/24 21:20:03.0569 0560 Detected object count: 1
2011/03/24 21:20:20.0130 0560 Locked file(sptd) - User select action: Skip
2011/03/24 21:21:21.0726 5988 Deinitialize success
|
|
23.09.2012, 19:51
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | CPU Auslastung zu hoch, führt zu Standbildern Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.09.2012, 20:33
| #23 | |
| | CPU Auslastung zu hoch, führt zu Standbildern So alles getan wie angegeben und auch die Aussage: Zitat:
So hier ist die Log: Code:
ATTFilter ComboFix 12-09-23.02 - media 23.09.2012 21:06:48.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3066.1903 [GMT 2:00]
ausgeführt von:: c:\users\media\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Amazon.ico
c:\programdata\Backup.ico
c:\programdata\MercadoLivre.ico
c:\programdata\QuickStores.ico
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-23 bis 2012-09-23 ))))))))))))))))))))))))))))))
.
.
2012-09-23 19:20 . 2012-09-23 19:20 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-09-23 19:20 . 2012-09-23 19:20 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-09-23 19:20 . 2012-09-23 19:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-19 14:09 . 2012-09-19 14:09 -------- d-----w- c:\program files\ESET
2012-09-17 17:05 . 2012-09-17 17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-17 17:05 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-16 13:48 . 2012-09-16 13:48 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-09-16 13:48 . 2012-09-23 17:37 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-09-16 13:45 . 2012-09-16 13:50 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-09-12 12:30 . 2012-09-12 12:30 -------- d-----w- c:\program files\Common Files\Java
2012-09-12 12:29 . 2012-09-12 12:28 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-05 15:18 . 2012-07-29 11:59 81920 ----a-w- c:\windows\system32\pdfcmon.dll
2012-09-05 15:18 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2012-09-05 15:18 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-09-05 15:18 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-09-05 15:18 . 1998-07-06 16:56 125712 ----a-w- c:\windows\system32\VB6DE.DLL
2012-09-05 15:18 . 1998-07-06 16:55 158208 ----a-w- c:\windows\system32\MSCMCDE.DLL
2012-09-05 15:18 . 1998-07-06 16:55 64512 ----a-w- c:\windows\system32\MSCC2DE.DLL
2012-09-05 15:18 . 2012-09-05 15:18 -------- d-----w- c:\program files\PDFCreator
2012-09-02 16:38 . 2012-09-02 18:43 -------- d-----w- c:\program files\Die Gilde 2 - Gold Edition
2012-08-24 22:33 . 2012-08-24 22:33 -------- d-----w- c:\program files\Electronic Arts
2012-08-24 20:00 . 2012-09-15 14:59 -------- d-----w- c:\program files\ElcomSoft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 18:35 . 2012-03-30 02:05 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-20 18:35 . 2011-08-10 18:09 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-12 12:28 . 2012-06-22 07:40 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-12 12:28 . 2010-05-22 19:29 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-16 12:25 . 2012-08-24 14:15 17320 ----a-w- c:\windows\system32\roboot.exe
2012-07-04 14:02 . 2012-08-16 10:37 2047488 ----a-w- c:\windows\system32\win32k.sys
2010-07-22 21:40 . 2010-08-10 19:10 2944904 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
2012-09-06 01:26 . 2012-09-16 10:06 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-05-14 21:02 120104 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"BitTorrent DNA"="c:\users\media\Program Files\DNA\btdna.exe" [2009-10-19 323392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-03-16 2423752]
"Facebook Update"="c:\users\media\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-01-27 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-12-05 1410344]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-11 249600]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-06-23 440864]
"EgisTecLiveUpdate"="c:\program files\EgisTec Egis Software Update\EgisUpdate.exe" [2009-05-13 199464]
"mwlDaemon"="c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-05-14 345384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-02 30192]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"PLFSetL"="c:\windows\\PLFSetL.exe" [2007-07-05 94208]
"Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-02-24 870920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 159456]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-10 6957600]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-03-10 1833504]
"lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2007-12-17 660136]
"lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2007-12-17 16040]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe [2011-11-10 14000128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"AVMWlanClient"=c:\program files\avmwlanstick\wlangui.exe
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 39066514
*NewlyCreated* - 57818828
*Deregistered* - 39066514
*Deregistered* - 57818828
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-21 c:\windows\Tasks\1-Klick-Wartung.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-03 18:27]
.
2012-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 18:35]
.
2012-09-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3836772568-625509949-2968681795-1000Core.job
- c:\users\media\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-05 21:33]
.
2012-09-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3836772568-625509949-2968681795-1000UA.job
- c:\users\media\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-05 21:33]
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-26 22:53]
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-26 22:53]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mStart Page =
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\media\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to iPhone Converter - c:\users\media\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\media\AppData\Roaming\Mozilla\Firefox\Profiles\980ntedn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - Google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-09-23 21:20
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1516)
c:\program files\EgisTec\MyWinLocker 3\x86\psdprotect.dll
c:\program files\EgisTec\MyWinLocker 3\x86\sysenv.dll
c:\program files\Acer\Acer PowerSmart Manager\SysHook.dll
.
Zeit der Fertigstellung: 2012-09-23 21:24:42
ComboFix-quarantined-files.txt 2012-09-23 19:24
ComboFix2.txt 2011-03-24 19:42
.
Vor Suchlauf: 19 Verzeichnis(se), 235.571.589.120 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 235.728.191.488 Bytes frei
.
- - End Of File - - 9CB7689107DA9237A34A05C7D64F3DEF
|
|
24.09.2012, 13:01
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | CPU Auslastung zu hoch, führt zu Standbildern Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.09.2012, 19:10
| #25 |
| | CPU Auslastung zu hoch, führt zu Standbildern So also wie schon von dir angekündigt hat GMER nicht funktioniert und führte zu dieser Meldung auch nach 2 maligem versuchen:  so, anschließend hab ich den OSAM Scan durchführen lassen und da kam diese log dabei raus: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 19:15:54 on 24.09.2012 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Adobe Gamma" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "AVM Eject" (avmeject) - "AVM Berlin" - C:\Windows\System32\drivers\avmeject.sys "catchme" (catchme) - ? - C:\Users\media\AppData\Local\Temp\catchme.sys (File not found) "FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS (File found, but it contains no detailed information) "ihfprsro" (ihfprsro) - ? - C:\Windows\system32\drivers\ihfprsro.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "kwdoypod" (kwdoypod) - ? - C:\Users\media\AppData\Local\Temp\kwdoypod.sys (Hidden registry entry, rootkit activity | File not found) "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "McAfee Inc. mfeavfk" (mfeavfk) - "McAfee, Inc." - C:\Windows\System32\drivers\mfeavfk.sys "McAfee Inc. mfebopk" (mfebopk) - "McAfee, Inc." - C:\Windows\System32\drivers\mfebopk.sys "McAfee Inc. mfehidk" (mfehidk) - "McAfee, Inc." - C:\Windows\System32\drivers\mfehidk.sys "McAfee Inc. mferkdk" (mferkdk) - "McAfee, Inc." - C:\Windows\System32\drivers\mferkdk.sys "McAfee Inc. mfesmfk" (mfesmfk) - "McAfee, Inc." - C:\Windows\System32\drivers\mfesmfk.sys "mwlPSDFilter" (mwlPSDFilter) - "Egis Incorporated." - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys "mwlPSDNServ" (mwlPSDNServ) - "Egis Incorporated." - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys "mwlPSDVDisk" (mwlPSDVDisk) - "Egis Incorporated." - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys "PCCS Mode Change Filter Driver" (pccsmcfd) - ? - C:\Windows\System32\DRIVERS\pccsmcfd.sys (File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS "SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "Telekom Netzmanager Packet Filter Driver" (TelekomNM3) - "Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH" - C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys "UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys "Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\System32\Drivers\NTIDrvr.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Technology Inc." - C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\Program Files\TuneUp Utilities 2008\SDShelEx-win32.dll {44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\Windows\System32\uxtuneup.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} "Java Plug-in 1.6.0_35" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} "ClsidExtension" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll "ICQ7.5" - "ICQ, LLC." - C:\Program Files\ICQ7.5\ICQ.exe {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} "Google Gears Helper" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Logon] -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "BitTorrent DNA" - "BitTorrent, Inc." - "C:\Users\media\Program Files\DNA\btdna.exe" "DAEMON Tools Lite" - "DT Soft Ltd" - "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun "Facebook Update" - "Facebook Inc." - "C:\Users\media\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver "MobileDocuments" - "Apple Inc." - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe "Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun "SUPERAntiSpyware" - "SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Acer ePower Management" - "Acer Incorporated" - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "BackupManagerTray" - "NewTech Infosystems, Inc." - "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "EgisTecLiveUpdate" - "Egis Technology Inc." - "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe" "Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "LManager" - "Dritek System Inc." - C:\Program Files\Launch Manager\LManager.exe "lxdnamon" - ? - "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe" (File found, but it contains no detailed information) "lxdnmon.exe" - ? - "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe" "mwlDaemon" - "Egis Technology Inc." - C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Zune Launcher" - "Microsoft Corporation" - "c:\Program Files\Zune\ZuneLauncher.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "hpf3l70v.dll" - "Hewlett-Packard Company" - C:\Windows\system32\hpf3l70v.dll "pdfcmon" - "pdfforge GbR" - C:\Windows\system32\pdfcmon.dll "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%SystemRoot%\System32\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software GmbH" - C:\Windows\System32\TuneUpDefragService.exe "@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software GmbH" - C:\Windows\System32\uxtuneup.dll "@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Adobe LM Service" (Adobe LM Service) - "Adobe Systems" - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "AVM WLAN Connection Service" (AVM WLAN Connection Service) - "AVM Berlin" - C:\Program Files\avmwlanstick\WlanNetService.exe "CLHNService" (CLHNService) - ? - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe "Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate1ca3efc34f091bb)" (gupdate1ca3efc34f091bb) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "MyWinLocker Service" (MWLService) - "Egis Technology Inc." - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Netzmanager Infrastruktur Informationssystem Dienst" (Netzmanager Service) - "Deutsche Telekom AG" - C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe "NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe "NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - "NewTech Infosystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe "NTI IScheduleSvc" (NTI IScheduleSvc) - "NewTech Infosystems, Inc." - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe "TeamViewer 5" (TeamViewer5) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe "Zune Network Sharing Service" (ZuneNetworkSvc) - "Microsoft Corporation" - c:\Program Files\Zune\ZuneNss.exe "Zune Windows Mobile Connectivity Service" (WMZuneComm) - "Microsoft Corporation" - c:\Program Files\Zune\WMZuneComm.exe "Zune Wireless Configuration Service" (ZuneWlanCfgSvc) - "Microsoft Corporation" - c:\Program Files\Zune\ZuneWlanCfgSvc.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-24 19:18:51
-----------------------------
19:18:51.140 OS Version: Windows 6.0.6002 Service Pack 2
19:18:51.140 Number of processors: 2 586 0x170A
19:18:51.140 ComputerName: MEDIA-PC UserName: media
19:18:54.156 Initialize success
19:20:52.788 AVAST engine defs: 12092400
19:21:28.666 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:21:28.670 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
19:21:28.703 Disk 0 MBR read successfully
19:21:28.707 Disk 0 MBR scan
19:21:28.714 Disk 0 unknown MBR code
19:21:28.723 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
19:21:28.740 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 466938 MB offset 20482048
19:21:28.754 Disk 0 scanning sectors +976771072
19:21:28.848 Disk 0 scanning C:\Windows\system32\drivers
19:21:47.628 Service scanning
19:22:26.307 Modules scanning
19:22:37.166 Disk 0 trace - called modules:
19:22:37.189 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:22:37.198 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a5d278]
19:22:37.205 3 CLASSPNP.SYS[8af9e8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85f0f028]
19:22:39.496 AVAST engine scan C:\Windows
19:22:50.440 AVAST engine scan C:\Windows\system32
19:27:50.046 AVAST engine scan C:\Windows\system32\drivers
19:28:22.623 AVAST engine scan C:\Users\media
19:51:12.938 AVAST engine scan C:\ProgramData
19:54:10.304 Scan finished successfully
20:05:27.393 Disk 0 MBR has been saved successfully to "C:\Users\media\Desktop\MBR.dat"
20:05:27.399 The log file has been saved successfully to "C:\Users\media\Desktop\aswMBR.txt"
|
|
25.09.2012, 08:12
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | CPU Auslastung zu hoch, führt zu Standbildern Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.09.2012, 15:18
| #27 |
| | CPU Auslastung zu hoch, führt zu Standbildern So hatte alle miene wichtigen Daten auf eine externe Festplatte gespeichert. Habe dann aswMBR per rechtsklick (Admin) gestartet update runtergeladen und den FIXMBR Button geklickt noch keine sekunde später war er schon fertig!! (Ist das normal? oder hab ich was falsch gemacht?) Dann habe ich das Programm geschlossen und den Pc neu gestartet, dann den Scan nocheinmal durchgeführt und hier ist die Log: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-26 15:42:21
-----------------------------
15:42:21.911 OS Version: Windows 6.0.6002 Service Pack 2
15:42:21.911 Number of processors: 2 586 0x170A
15:42:21.918 ComputerName: MEDIA-PC UserName: media
15:43:25.001 Initialize success
15:43:43.396 AVAST engine defs: 12092600
15:43:50.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:43:50.549 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
15:43:50.568 Disk 0 MBR read successfully
15:43:50.572 Disk 0 MBR scan
15:43:50.578 Disk 0 Windows VISTA default MBR code
15:43:50.589 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
15:43:50.606 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 466938 MB offset 20482048
15:43:50.616 Disk 0 scanning sectors +976771072
15:43:50.733 Disk 0 scanning C:\Windows\system32\drivers
15:44:09.616 Service scanning
15:44:49.849 Modules scanning
15:45:01.884 Disk 0 trace - called modules:
15:45:01.910 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:45:01.918 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a7a370]
15:45:01.927 3 CLASSPNP.SYS[8afa98b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85f0a028]
15:45:04.694 AVAST engine scan C:\Windows
15:45:20.572 AVAST engine scan C:\Windows\system32
15:51:29.628 AVAST engine scan C:\Windows\system32\drivers
15:52:30.423 AVAST engine scan C:\Users\media
16:11:23.883 AVAST engine scan C:\ProgramData
16:13:43.901 Scan finished successfully
16:14:08.528 Disk 0 MBR has been saved successfully to "C:\Users\media\Desktop\MBR.dat"
16:14:08.535 The log file has been saved successfully to "C:\Users\media\Desktop\aswMBR.txt"
|
|
26.09.2012, 16:18
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | CPU Auslastung zu hoch, führt zu Standbildern Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu CPU Auslastung zu hoch, führt zu Standbildern |
| auslastung, automatische, automatischen, bluescreen, cpu, cpu auslastung, cpu auslastung zu hoch, fehler, firefox, firefox settings, freundin, gmer, infos, laptop, maleware, maus, min, neustart, scan, skype, standbild, standbilder, stelle, versuche, weiterhelfen, überprüfen, zu hoch |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
