Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 14.10.2012 18:46:32 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 31,10% Memory free
6,50 Gb Paging File | 3,44 Gb Available in Paging File | 52,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 587,35 Gb Free Space | 64,51% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.10.10 12:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.09.15 10:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010.09.14 12:12:46 | 001,701,232 | ---- | M] (Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.14 09:11:59 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.10.12 15:22:42 | 002,111,456 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\mozjs.dll
MOD - [2012.10.12 15:22:41 | 000,157,664 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.10.12 15:22:41 | 000,021,984 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.10.10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012.10.10 12:06:13 | 012,435,992 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012.10.10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012.10.10 12:04:57 | 000,578,072 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012.10.10 12:04:55 | 000,123,928 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012.10.10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012.10.10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012.10.10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 08:59:44 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
MOD - [2012.06.13 08:54:18 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.13 08:53:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.13 08:52:58 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:56:39 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
MOD - [2012.05.09 10:46:49 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.09 10:46:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.09 10:46:36 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.09 10:45:27 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.13 02:13:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:21 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Photo Zoom for Facebook = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Clock f\u00FCr Google Chrome \u2122 = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\2.0.1.3_0\
CHR - Extension: YoWindow Wetter = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef\1.33_0\
CHR - Extension: Full Screen Weather = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: AdBlock = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Regen-Alarm Erweiterung = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnconaknblgbkfgknkfmmfhhbebkekd\1.2.7_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= -  File not found
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
         

Code: Alles auswählenAufklappen

ATTFilter

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.13 10:43:38 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\assembly
[2012.10.12 21:16:38 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Add-in Express
[2012.10.12 21:16:28 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools
[2012.10.12 21:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTools
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.14 18:34:54 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.14 18:34:54 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.14 18:34:48 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.14 18:34:48 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.14 18:34:48 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.14 18:34:48 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.14 18:33:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.14 18:27:14 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.14 18:27:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.14 18:26:46 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.14 18:26:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.14 18:26:35 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.14 12:12:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.14 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.14 01:56:45 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.12 15:18:45 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.11 23:02:37 | 000,001,244 | ---- | M] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.11 19:10:32 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.10.11 06:14:51 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.11 23:02:37 | 000,001,244 | ---- | C] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.11 19:19:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2011.09.02 19:02:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.13 21:57:45 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.12 11:34:58 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.10.12 21:16:38 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.14 18:34:39 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.14 18:28:26 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.14 11:17:52 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.14 18:28:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.14 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.14 19:00:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.13 22:01:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2012.10.12 21:14:01 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SmartTools
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.09.26 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.10.14 18:28:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Wise Care 365
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                         ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<           >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job

< End of report >
         

Code: Alles auswählenAufklappen

ATTFilter

(WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
         

Sry aber das Teil fällt mir jetzt erst auf und gefällt mir garnicht!

Finger weg von Registry-Cleanern!!

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr startet.

• Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
• Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
• Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.

Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Bitte deinstallieren! Mach danach ein neues Log mit dem afwCleaner, Verison 2.005 ist draußen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Suche.
• Nach Ende des Suchlaufs öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.005 - Datei am 15/10/2012 um 04:25:29 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-1.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-2.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-3.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-1.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-2.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-3.xml
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Ordner Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v16.0.1 (de)

Profilname : default 
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]
Gefunden : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8731 octets] - [09/10/2012 18:44:35]
AdwCleaner[R4].txt - [1724 octets] - [09/10/2012 19:21:59]
AdwCleaner[R5].txt - [2422 octets] - [09/10/2012 20:32:39]
AdwCleaner[R6].txt - [2482 octets] - [09/10/2012 21:43:21]
AdwCleaner[S4].txt - [2254 octets] - [09/10/2012 21:43:39]
AdwCleaner[R7].txt - [1964 octets] - [09/10/2012 21:55:47]
AdwCleaner[R8].txt - [2024 octets] - [10/10/2012 19:51:25]
AdwCleaner[R9].txt - [2084 octets] - [12/10/2012 00:32:54]
AdwCleaner[R10].txt - [4431 octets] - [15/10/2012 04:25:29]

########## EOF - C:\AdwCleaner[R10].txt - [4492 octets] ##########
         

Hast du diesen Regcleaner deinstalliert?! Lass die Flossen von solchen Programmen, Regcleaner ist regelrechte Problemverursachungssoftware!

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Löschen.
• Bestätige jeweils mit Ok.
• Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.005 - Datei am 15/10/2012 um 20:03:44 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-3.xml
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Ordner Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.1 (de)

Profilname : default 
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]
Gelöscht : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8731 octets] - [09/10/2012 18:44:35]
AdwCleaner[R4].txt - [1724 octets] - [09/10/2012 19:21:59]
AdwCleaner[R5].txt - [2422 octets] - [09/10/2012 20:32:39]
AdwCleaner[R6].txt - [2482 octets] - [09/10/2012 21:43:21]
AdwCleaner[S4].txt - [2254 octets] - [09/10/2012 21:43:39]
AdwCleaner[R7].txt - [1964 octets] - [09/10/2012 21:55:47]
AdwCleaner[R8].txt - [2024 octets] - [10/10/2012 19:51:25]
AdwCleaner[R9].txt - [2084 octets] - [12/10/2012 00:32:54]
AdwCleaner[R10].txt - [4562 octets] - [15/10/2012 04:25:29]
AdwCleaner[S6].txt - [4240 octets] - [15/10/2012 20:03:44]

########## EOF - C:\AdwCleaner[S6].txt - [4300 octets] ##########
         

Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log
         

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Setze oben mittig den Haken bei Scanne alle Benutzer
• Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code: Alles auswählenAufklappen

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Klick auf .
• Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 16.10.2012 04:24:35 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 66,29% Memory free
6,50 Gb Paging File | 4,99 Gb Available in Paging File | 76,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 586,46 Gb Free Space | 64,42% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.16 04:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.14 09:11:59 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.13 02:13:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:21 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Photo Zoom for Facebook = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Clock f\u00FCr Google Chrome \u2122 = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\2.0.1.3_0\
CHR - Extension: YoWindow Wetter = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef\1.33_0\
CHR - Extension: Full Screen Weather = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: AdBlock = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Regen-Alarm Erweiterung = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnconaknblgbkfgknkfmmfhhbebkekd\1.2.7_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
         

Code: Alles auswählenAufklappen

ATTFilter

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= -  File not found
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.16 04:08:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.13 10:43:38 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\assembly
[2012.10.12 21:16:38 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Add-in Express
[2012.10.12 21:16:28 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools
[2012.10.12 21:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTools
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.16 04:12:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.16 04:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.16 03:57:26 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.16 03:57:26 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.16 03:55:59 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.16 03:55:59 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.16 03:55:59 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.16 03:55:59 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.16 03:49:06 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.16 03:49:05 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.16 03:48:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.16 03:48:51 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.15 20:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.15 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.15 04:23:24 | 000,538,941 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.14 01:56:45 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.12 15:18:45 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.11 23:02:37 | 000,001,244 | ---- | M] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.11 06:14:51 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.15 04:24:26 | 000,538,941 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.11 23:02:37 | 000,001,244 | ---- | C] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.11 19:19:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2012.10.15 20:03:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.13 21:57:45 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.16 04:08:09 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.10.12 21:16:38 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.16 04:07:57 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.16 03:49:52 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.14 11:17:52 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.16 03:49:57 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.16 03:49:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.16 04:34:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.15 08:51:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2012.10.12 21:14:01 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SmartTools
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.10.15 12:07:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                         ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<           >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< End of report >
         

Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code: Alles auswählenAufklappen

ATTFilter

:OTL
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
:Files
C:\Externe Festplatte 1\Eigene Dateien\Software\registrybooster.exe
C:\Externe Festplatte 1\Software\jdprof2009.exe
C:\Externe Festplatte 1\Software\wgo-winload.exe
C:\Program Files\Glary Utilities\v9gls.exe
C:\Program Files\WebSite X5 v9 - Smart\imRegister.exe
C:\Users\zr7driver\Downloads\Babylon8_setup.exe
C:\Users\zr7driver\Downloads\gusetup.exe
C:\Users\zr7driver\Downloads\wsx5_sm.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Code: Alles auswählenAufklappen

ATTFilter

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A5C582A-2E0F-45B4-A278-5CC42B563211}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_USERS\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
========== FILES ==========
C:\Externe Festplatte 1\Eigene Dateien\Software\registrybooster.exe moved successfully.
C:\Externe Festplatte 1\Software\jdprof2009.exe moved successfully.
C:\Externe Festplatte 1\Software\wgo-winload.exe moved successfully.
C:\Program Files\Glary Utilities\v9gls.exe moved successfully.
C:\Program Files\WebSite X5 v9 - Smart\imRegister.exe moved successfully.
C:\Users\zr7driver\Downloads\Babylon8_setup.exe moved successfully.
C:\Users\zr7driver\Downloads\gusetup.exe moved successfully.
C:\Users\zr7driver\Downloads\wsx5_sm.exe moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\zr7driver\Desktop\cmd.bat deleted successfully.
C:\Users\zr7driver\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: zr7driver
->Temp folder emptied: 770897 bytes
->Temporary Internet Files folder emptied: 8382330 bytes
->Java cache emptied: 5544911 bytes
->FireFox cache emptied: 320650131 bytes
->Google Chrome cache emptied: 390395424 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2595475 bytes
RecycleBin emptied: 2374620 bytes
 
Total Files Cleaned = 697,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 10162012_203317

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Code: Alles auswählenAufklappen

ATTFilter

20:18:51.0730 8128  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:18:53.0779 8128  ============================================================
20:18:53.0779 8128  Current date / time: 2012/10/17 20:18:53.0779
20:18:53.0779 8128  SystemInfo:
20:18:53.0779 8128  
20:18:53.0779 8128  OS Version: 6.1.7601 ServicePack: 1.0
20:18:53.0779 8128  Product type: Workstation
20:18:53.0779 8128  ComputerName: ZR7DRIVER-PC
20:18:53.0779 8128  UserName: zr7driver
20:18:53.0779 8128  Windows directory: C:\Windows
20:18:53.0780 8128  System windows directory: C:\Windows
20:18:53.0780 8128  Processor architecture: Intel x86
20:18:53.0780 8128  Number of processors: 2
20:18:53.0780 8128  Page size: 0x1000
20:18:53.0780 8128  Boot type: Normal boot
20:18:53.0780 8128  ============================================================
20:18:55.0654 8128  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:18:55.0657 8128  ============================================================
20:18:55.0657 8128  \Device\Harddisk0\DR0:
20:18:55.0658 8128  MBR partitions:
20:18:55.0658 8128  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:18:55.0658 8128  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x71CD3000
20:18:55.0658 8128  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x71D05800, BlocksNum 0x2800000
20:18:55.0658 8128  ============================================================
20:18:55.0683 8128  C: <-> \Device\Harddisk0\DR0\Partition2
20:18:55.0729 8128  D: <-> \Device\Harddisk0\DR0\Partition3
20:18:55.0813 8128  ============================================================
20:18:55.0814 8128  Initialize success
20:18:55.0814 8128  ============================================================
20:20:26.0491 6872  ============================================================
20:20:26.0492 6872  Scan started
20:20:26.0492 6872  Mode: Manual; SigCheck; TDLFS; 
20:20:26.0492 6872  ============================================================
20:20:27.0133 6872  ================ Scan system memory ========================
20:20:27.0133 6872  System memory - ok
20:20:27.0134 6872  ================ Scan services =============================
20:20:27.0306 6872  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:20:27.0459 6872  1394ohci - ok
20:20:27.0544 6872  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files\AAVUpdateManager\aavus.exe
20:20:27.0571 6872  AAV UpdateService - ok
20:20:27.0641 6872  [ EC818AED40E3359FE49DDB1700151E56 ] ACEDRV09        C:\Windows\system32\drivers\ACEDRV09.sys
20:20:27.0713 6872  ACEDRV09 - ok
20:20:27.0741 6872  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:20:27.0768 6872  ACPI - ok
20:20:27.0785 6872  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:20:27.0865 6872  AcpiPmi - ok
20:20:27.0913 6872  [ 2C41AE09BB51EA074069135F183DAA9C ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
20:20:27.0941 6872  AcrSch2Svc - ok
20:20:28.0000 6872  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:28.0021 6872  AdobeARMservice - ok
20:20:28.0085 6872  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:20:28.0103 6872  AdobeFlashPlayerUpdateSvc - ok
20:20:28.0142 6872  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:20:28.0170 6872  adp94xx - ok
20:20:28.0202 6872  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:20:28.0226 6872  adpahci - ok
20:20:28.0248 6872  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:20:28.0269 6872  adpu320 - ok
20:20:28.0296 6872  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:20:28.0332 6872  AeLookupSvc - ok
20:20:28.0390 6872  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
20:20:28.0432 6872  AFD - ok
20:20:28.0450 6872  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
20:20:28.0469 6872  agp440 - ok
20:20:28.0488 6872  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
20:20:28.0508 6872  aic78xx - ok
20:20:28.0524 6872  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
20:20:28.0582 6872  ALG - ok
20:20:28.0597 6872  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:20:28.0616 6872  aliide - ok
20:20:28.0626 6872  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:20:28.0646 6872  amdagp - ok
20:20:28.0656 6872  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:20:28.0675 6872  amdide - ok
20:20:28.0733 6872  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:20:28.0789 6872  AmdK8 - ok
20:20:28.0800 6872  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:20:28.0837 6872  AmdPPM - ok
20:20:28.0857 6872  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:20:28.0876 6872  amdsata - ok
20:20:28.0899 6872  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:20:28.0922 6872  amdsbs - ok
20:20:28.0939 6872  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:20:28.0959 6872  amdxata - ok
20:20:28.0983 6872  [ 3E59DF4984FBD6800D6621480B38A34E ] Andbus          C:\Windows\system32\DRIVERS\lgandbus.sys
20:20:29.0049 6872  Andbus - ok
20:20:29.0072 6872  [ 8E0BF6F3B2C9C292BC7CE0DE727CDD56 ] AndDiag         C:\Windows\system32\DRIVERS\lganddiag.sys
20:20:29.0091 6872  AndDiag - ok
20:20:29.0105 6872  [ 1D2C90E25483363D54B652898BBC8F2A ] AndGps          C:\Windows\system32\DRIVERS\lgandgps.sys
20:20:29.0146 6872  AndGps - ok
20:20:29.0165 6872  [ B1B06A95DA2CAC7FA19832C60C348C85 ] ANDModem        C:\Windows\system32\DRIVERS\lgandmodem.sys
20:20:29.0199 6872  ANDModem - ok
20:20:29.0235 6872  [ A991EE642E225DC3072C06A7D3895F8A ] andnetadb       C:\Windows\system32\Drivers\lgandnetadb.sys
20:20:29.0256 6872  andnetadb - ok
20:20:29.0284 6872  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
20:20:29.0319 6872  AppID - ok
20:20:29.0337 6872  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:20:29.0369 6872  AppIDSvc - ok
20:20:29.0390 6872  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
20:20:29.0433 6872  Appinfo - ok
20:20:29.0452 6872  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:20:29.0473 6872  arc - ok
20:20:29.0480 6872  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:20:29.0502 6872  arcsas - ok
20:20:29.0612 6872  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:20:29.0639 6872  aspnet_state - ok
20:20:29.0676 6872  [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
20:20:29.0692 6872  aswFsBlk - ok
20:20:29.0725 6872  [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
20:20:29.0742 6872  aswMonFlt - ok
20:20:29.0774 6872  [ 924819669AFD0EDF5C067193D371FAB0 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
20:20:29.0791 6872  aswRdr - ok
20:20:29.0828 6872  [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
20:20:29.0857 6872  aswSnx - ok
20:20:29.0881 6872  [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
20:20:29.0904 6872  aswSP - ok
20:20:29.0933 6872  [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
20:20:29.0949 6872  aswTdi - ok
20:20:29.0976 6872  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:30.0024 6872  AsyncMac - ok
20:20:30.0079 6872  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
20:20:30.0101 6872  atapi - ok
20:20:30.0127 6872  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:20:30.0183 6872  AudioEndpointBuilder - ok
20:20:30.0194 6872  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:20:30.0231 6872  Audiosrv - ok
20:20:30.0273 6872  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:20:30.0290 6872  avast! Antivirus - ok
20:20:30.0315 6872  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:20:30.0404 6872  AxInstSV - ok
20:20:30.0430 6872  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
20:20:30.0481 6872  b06bdrv - ok
20:20:30.0490 6872  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:20:30.0521 6872  b57nd60x - ok
20:20:30.0588 6872  [ 483F1162EEEBD10BF77FBB32DB963370 ] BBSvc           C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:20:30.0611 6872  BBSvc - ok
20:20:30.0646 6872  [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate        C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:20:30.0669 6872  BBUpdate - ok
20:20:30.0697 6872  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:20:30.0759 6872  BDESVC - ok
20:20:30.0787 6872  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:20:30.0841 6872  Beep - ok
20:20:30.0871 6872  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
20:20:30.0923 6872  BFE - ok
20:20:30.0952 6872  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
20:20:31.0042 6872  BITS - ok
20:20:31.0065 6872  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:31.0109 6872  blbdrive - ok
20:20:31.0162 6872  [ 8BC053CD1F5F11F79C80BE85BC289258 ] BlueletAudio    C:\Windows\system32\DRIVERS\blueletaudio.sys
20:20:31.0182 6872  BlueletAudio - ok
20:20:31.0237 6872  [ BD91AFC523FD59F881E1763C38FB772F ] BlueletSCOAudio C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys
20:20:31.0255 6872  BlueletSCOAudio - ok
20:20:31.0310 6872  [ 2072720F0848312C40E01C2AEC8ED439 ] BlueSoleil Hid Service C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
20:20:31.0329 6872  BlueSoleil Hid Service - ok
20:20:31.0415 6872  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:20:31.0519 6872  bowser - ok
20:20:31.0607 6872  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:20:31.0748 6872  BrFiltLo - ok
20:20:31.0766 6872  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:20:31.0808 6872  BrFiltUp - ok
20:20:31.0842 6872  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
20:20:31.0886 6872  Browser - ok
20:20:31.0917 6872  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\system32\Drivers\Brserid.sys
20:20:31.0987 6872  Brserid - ok
20:20:32.0007 6872  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:32.0046 6872  BrSerWdm - ok
20:20:32.0066 6872  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:32.0109 6872  BrUsbMdm - ok
20:20:32.0129 6872  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\Drivers\BrUsbSer.sys
20:20:32.0152 6872  BrUsbSer - ok
20:20:32.0173 6872  [ C5CCE2B26F73F8CF7F3C82159E79AA08 ] BT              C:\Windows\system32\DRIVERS\btnetdrv.sys
20:20:32.0195 6872  BT - ok
20:20:32.0230 6872  [ 4813DF77EDE536A52E3737971F910BAA ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
20:20:32.0284 6872  BTCFilterService - ok
20:20:32.0318 6872  [ E5FDCB01AF073A653C55A77AD8AC8ECB ] Btcsrusb        C:\Windows\system32\Drivers\btcusb.sys
20:20:32.0332 6872  Btcsrusb - ok
20:20:32.0340 6872  [ CE643D0918123D76A5CAAB008FCA9663 ] BTHidEnum       C:\Windows\system32\Drivers\vbtenum.sys
20:20:32.0355 6872  BTHidEnum - ok
20:20:32.0363 6872  [ DFCA4FE4C8AEC786B4D0F432EB730F48 ] BTHidMgr        C:\Windows\system32\Drivers\BTHidMgr.sys
20:20:32.0378 6872  BTHidMgr - ok
20:20:32.0393 6872  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:20:32.0424 6872  BTHMODEM - ok
20:20:32.0457 6872  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
20:20:32.0506 6872  bthserv - ok
20:20:32.0514 6872  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:20:32.0577 6872  cdfs - ok
20:20:32.0632 6872  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:20:32.0665 6872  cdrom - ok
20:20:32.0755 6872  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:20:32.0791 6872  CertPropSvc - ok
20:20:32.0827 6872  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:20:32.0854 6872  circlass - ok
20:20:32.0881 6872  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
20:20:32.0906 6872  CLFS - ok
20:20:33.0336 6872  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:33.0370 6872  clr_optimization_v2.0.50727_32 - ok
20:20:33.0400 6872  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:33.0460 6872  clr_optimization_v4.0.30319_32 - ok
20:20:33.0479 6872  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:20:33.0500 6872  CmBatt - ok
20:20:33.0509 6872  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:20:33.0529 6872  cmdide - ok
20:20:33.0553 6872  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
20:20:33.0607 6872  CNG - ok
20:20:33.0619 6872  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:20:33.0640 6872  Compbatt - ok
20:20:33.0697 6872  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:20:33.0732 6872  CompositeBus - ok
20:20:33.0738 6872  COMSysApp - ok
20:20:33.0803 6872  [ 0283B43C6BC965175A1C92B255D39556 ] cpuz135         C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys
20:20:33.0819 6872  cpuz135 - ok
20:20:33.0840 6872  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:20:33.0858 6872  crcdisk - ok
20:20:33.0892 6872  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:20:33.0938 6872  CryptSvc - ok
20:20:33.0974 6872  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:20:34.0050 6872  DcomLaunch - ok
20:20:34.0085 6872  [ 65C7122D1115A4E1DB3E8C11DF919A40 ] DefragFS        C:\Windows\system32\drivers\DefragFS.sys
20:20:34.0102 6872  DefragFS - ok
20:20:34.0135 6872  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:20:34.0190 6872  defragsvc - ok
20:20:34.0240 6872  [ 893A82D118833A850459DD470FFA48D9 ] DeviceMonitorService C:\Program Files\Motorola Media Link\NServiceEntry.exe
20:20:34.0254 6872  DeviceMonitorService ( UnsignedFile.Multi.Generic ) - warning
20:20:34.0254 6872  DeviceMonitorService - detected UnsignedFile.Multi.Generic (1)
20:20:34.0286 6872  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:20:34.0382 6872  DfsC - ok
20:20:34.0482 6872  [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS          C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe
20:20:34.0506 6872  DfSdkS ( UnsignedFile.Multi.Generic ) - warning
20:20:34.0506 6872  DfSdkS - detected UnsignedFile.Multi.Generic (1)
20:20:34.0543 6872  [ 7BEF2E2159EDB03105BC7A8BABE04726 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:20:34.0561 6872  dg_ssudbus - ok
20:20:34.0603 6872  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:20:34.0653 6872  Dhcp - ok
20:20:34.0688 6872  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
20:20:34.0740 6872  discache - ok
20:20:34.0773 6872  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:20:34.0792 6872  Disk - ok
20:20:34.0819 6872  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:20:34.0841 6872  Dnscache - ok
20:20:34.0856 6872  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:20:34.0907 6872  dot3svc - ok
20:20:34.0941 6872  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
20:20:35.0006 6872  DPS - ok
20:20:35.0045 6872  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:20:35.0076 6872  drmkaud - ok
20:20:35.0160 6872  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:20:35.0191 6872  DXGKrnl - ok
20:20:35.0210 6872  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
20:20:35.0261 6872  EapHost - ok
20:20:35.0344 6872  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
20:20:35.0451 6872  ebdrv - ok
20:20:35.0481 6872  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
20:20:35.0515 6872  EFS - ok
20:20:35.0589 6872  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:20:35.0658 6872  ehRecvr - ok
20:20:35.0683 6872  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
20:20:35.0711 6872  ehSched - ok
20:20:35.0735 6872  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:20:35.0763 6872  elxstor - ok
20:20:35.0778 6872  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:20:35.0798 6872  ErrDev - ok
20:20:35.0820 6872  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
20:20:35.0876 6872  EventSystem - ok
20:20:35.0905 6872  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
20:20:35.0954 6872  exfat - ok
20:20:36.0032 6872  Fabs - ok
20:20:36.0063 6872  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:20:36.0114 6872  fastfat - ok
20:20:36.0155 6872  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
20:20:36.0193 6872  Fax - ok
20:20:36.0214 6872  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:20:36.0235 6872  fdc - ok
20:20:36.0244 6872  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
20:20:36.0280 6872  fdPHost - ok
20:20:36.0296 6872  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
20:20:36.0344 6872  FDResPub - ok
20:20:36.0365 6872  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:20:36.0386 6872  FileInfo - ok
20:20:36.0450 6872  [ 142A7AE58BD1ED496DC063196DB1527E ] FileMonitor     C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
20:20:36.0478 6872  FileMonitor - ok
20:20:36.0499 6872  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:20:36.0535 6872  Filetrace - ok
20:20:36.0592 6872  [ B84D31AC5AE8372CE60204920E8F98E2 ] FirebirdGuardianDefaultInstance C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
20:20:36.0611 6872  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - warning
20:20:36.0611 6872  FirebirdGuardianDefaultInstance - detected UnsignedFile.Multi.Generic (1)
20:20:36.0677 6872  [ E83398B97959086265B7FEE2BFAF1343 ] FirebirdServerDefaultInstance C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
20:20:36.0841 6872  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - warning
20:20:36.0841 6872  FirebirdServerDefaultInstance - detected UnsignedFile.Multi.Generic (1)
20:20:36.0984 6872  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
20:20:37.0134 6872  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
20:20:37.0134 6872  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
20:20:37.0177 6872  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:20:37.0200 6872  flpydisk - ok
20:20:37.0223 6872  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:20:37.0247 6872  FltMgr - ok
20:20:37.0285 6872  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
20:20:37.0322 6872  FontCache - ok
20:20:37.0373 6872  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:20:37.0402 6872  FontCache3.0.0.0 - ok
20:20:37.0425 6872  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:20:37.0446 6872  FsDepends - ok
20:20:37.0470 6872  [ 491E9D9A26A745F6AE7D570849F4BD87 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
20:20:37.0486 6872  fssfltr - ok
20:20:37.0533 6872  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:20:37.0563 6872  fsssvc - ok
20:20:37.0580 6872  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:20:37.0602 6872  Fs_Rec - ok
20:20:37.0668 6872  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:20:37.0702 6872  fvevol - ok
20:20:37.0722 6872  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:20:37.0742 6872  gagp30kx - ok
20:20:37.0783 6872  [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
20:20:37.0798 6872  ggflt - ok
20:20:37.0811 6872  [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
20:20:37.0826 6872  ggsemc - ok
20:20:37.0852 6872  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:20:37.0915 6872  gpsvc - ok
20:20:37.0950 6872  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:37.0970 6872  gupdate - ok
20:20:38.0006 6872  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:38.0028 6872  gupdatem - ok
20:20:38.0062 6872  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:20:38.0110 6872  hcw85cir - ok
20:20:38.0150 6872  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:20:38.0185 6872  HdAudAddService - ok
20:20:38.0203 6872  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:20:38.0240 6872  HDAudBus - ok
20:20:38.0246 6872  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:20:38.0277 6872  HidBatt - ok
20:20:38.0306 6872  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:20:38.0348 6872  HidBth - ok
20:20:38.0380 6872  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:20:38.0405 6872  HidIr - ok
20:20:38.0429 6872  [ 1FAB2540C1BD6DA847CCD292F4EEE48A ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
20:20:38.0445 6872  hidkmdf - ok
20:20:38.0471 6872  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
20:20:38.0523 6872  hidserv - ok
20:20:38.0538 6872  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:20:38.0577 6872  HidUsb - ok
20:20:38.0613 6872  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:20:38.0647 6872  hkmsvc - ok
20:20:38.0673 6872  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:20:38.0705 6872  HomeGroupListener - ok
20:20:38.0730 6872  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:20:38.0766 6872  HomeGroupProvider - ok
20:20:38.0793 6872  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:20:38.0813 6872  HpSAMD - ok
20:20:38.0823 6872  [ 950CC1E6AE3A6CD23E0945CDE089B02C ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:20:38.0851 6872  HTCAND32 - ok
20:20:38.0870 6872  [ 339ADEFAD60353F960E3CA67CE468C24 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
20:20:38.0897 6872  htcnprot - ok
20:20:38.0934 6872  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:20:38.0974 6872  HTTP - ok
20:20:39.0002 6872  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:20:39.0027 6872  hwpolicy - ok
20:20:39.0058 6872  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:20:39.0093 6872  i8042prt - ok
20:20:39.0128 6872  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:20:39.0152 6872  iaStorV - ok
20:20:39.0226 6872  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
20:20:39.0235 6872  IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:20:39.0235 6872  IDriverT - detected UnsignedFile.Multi.Generic (1)
20:20:39.0278 6872  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:20:39.0311 6872  idsvc - ok
20:20:39.0407 6872  [ 506801C7D47BE8CD1CF342BF28EB17EC ] IGDCTRL         C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
20:20:39.0424 6872  IGDCTRL - ok
20:20:39.0457 6872  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:20:39.0475 6872  iirsp - ok
20:20:39.0545 6872  [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:20:39.0562 6872  IJPLMSVC - ok
20:20:39.0584 6872  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:20:39.0643 6872  IKEEXT - ok
20:20:39.0701 6872  [ 8AE99EBE30E8338907361018D9030835 ] IMFservice      C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
20:20:39.0731 6872  IMFservice - ok
20:20:39.0885 6872  [ 4E3F36F7704CBBCD1B32657491A1944F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:20:39.0960 6872  IntcAzAudAddService - ok
20:20:39.0974 6872  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:20:39.0993 6872  intelide - ok
20:20:40.0028 6872  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:20:40.0071 6872  intelppm - ok
20:20:40.0116 6872  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:20:40.0152 6872  IPBusEnum - ok
20:20:40.0166 6872  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:40.0222 6872  IpFilterDriver - ok
20:20:40.0299 6872  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:20:40.0341 6872  iphlpsvc - ok
20:20:40.0379 6872  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:20:40.0435 6872  IPMIDRV - ok
20:20:40.0454 6872  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:20:40.0492 6872  IPNAT - ok
20:20:40.0501 6872  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:20:40.0526 6872  IRENUM - ok
20:20:40.0551 6872  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:20:40.0571 6872  isapnp - ok
20:20:40.0595 6872  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:20:40.0619 6872  iScsiPrt - ok
20:20:40.0634 6872  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:20:40.0653 6872  kbdclass - ok
20:20:40.0668 6872  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:20:40.0690 6872  kbdhid - ok
20:20:40.0703 6872  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
20:20:40.0726 6872  KeyIso - ok
20:20:40.0753 6872  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:20:40.0775 6872  KSecDD - ok
20:20:40.0792 6872  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:20:40.0814 6872  KSecPkg - ok
20:20:40.0838 6872  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:20:40.0880 6872  KtmRm - ok
20:20:40.0904 6872  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:20:40.0958 6872  LanmanServer - ok
20:20:40.0988 6872  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:20:41.0052 6872  LanmanWorkstation - ok
20:20:41.0091 6872  Lbd - ok
20:20:41.0106 6872  lgbusenum - ok
20:20:41.0123 6872  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:20:41.0159 6872  lltdio - ok
20:20:41.0186 6872  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:20:41.0236 6872  lltdsvc - ok
20:20:41.0253 6872  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:20:41.0291 6872  lmhosts - ok
20:20:41.0337 6872  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:20:41.0357 6872  LSI_FC - ok
20:20:41.0366 6872  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:20:41.0387 6872  LSI_SAS - ok
20:20:41.0405 6872  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:20:41.0425 6872  LSI_SAS2 - ok
20:20:41.0443 6872  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:20:41.0463 6872  LSI_SCSI - ok
20:20:41.0487 6872  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
20:20:41.0527 6872  luafv - ok
20:20:41.0559 6872  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:20:41.0584 6872  Mcx2Svc - ok
20:20:41.0599 6872  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:20:41.0619 6872  megasas - ok
20:20:41.0638 6872  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:20:41.0661 6872  MegaSR - ok
20:20:41.0682 6872  MEMSWEEP2 - ok
20:20:41.0743 6872  MFE_RR - ok
20:20:41.0761 6872  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
20:20:41.0815 6872  MMCSS - ok
20:20:41.0840 6872  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
20:20:41.0892 6872  Modem - ok
20:20:41.0921 6872  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:20:41.0966 6872  monitor - ok
20:20:41.0973 6872  motandroidusb - ok
20:20:42.0012 6872  [ F55572B150DB90CDBD95038ED287EB50 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
20:20:42.0135 6872  motccgp - ok
20:20:42.0197 6872  [ 1B3720C4D16904756D49EF306706B978 ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys
20:20:42.0248 6872  motccgpfl - ok
20:20:42.0261 6872  MotDev - ok
20:20:42.0282 6872  [ B5DF98B8FD04204F4571FE0161288B98 ] motmodem        C:\Windows\system32\DRIVERS\motmodem.sys
20:20:42.0347 6872  motmodem - ok
20:20:42.0399 6872  [ A8FD4605AACF006BBA3B2B90AC9565B2 ] Motorola Device Manager C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
20:20:42.0416 6872  Motorola Device Manager - ok
20:20:42.0436 6872  [ 140176B235722B6B92B56910ACDF3CC0 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
20:20:42.0459 6872  MotoSwitchService - ok
20:20:42.0469 6872  [ 28938D6403C55289B7670798C075EF02 ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
20:20:42.0505 6872  Motousbnet - ok
20:20:42.0523 6872  [ F780C53D98A0AAD28F5B7403B184AEA1 ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
20:20:42.0581 6872  motusbdevice - ok
20:20:42.0600 6872  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
20:20:42.0620 6872  mouclass - ok
20:20:42.0637 6872  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:20:42.0662 6872  mouhid - ok
20:20:42.0680 6872  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:20:42.0698 6872  mountmgr - ok
20:20:42.0732 6872  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:20:42.0750 6872  MozillaMaintenance - ok
20:20:42.0771 6872  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:20:42.0792 6872  mpio - ok
20:20:42.0813 6872  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:20:42.0848 6872  mpsdrv - ok
20:20:42.0886 6872  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:20:43.0065 6872  MpsSvc - ok
20:20:43.0103 6872  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:20:43.0129 6872  MRxDAV - ok
20:20:43.0152 6872  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:43.0176 6872  mrxsmb - ok
20:20:43.0204 6872  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:43.0246 6872  mrxsmb10 - ok
20:20:43.0264 6872  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:43.0285 6872  mrxsmb20 - ok
20:20:43.0295 6872  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
20:20:43.0315 6872  msahci - ok
20:20:43.0344 6872  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:20:43.0467 6872  msdsm - ok
20:20:43.0490 6872  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
20:20:43.0729 6872  MSDTC - ok
20:20:43.0779 6872  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:20:43.0816 6872  Msfs - ok
20:20:43.0830 6872  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:20:43.0866 6872  mshidkmdf - ok
20:20:43.0876 6872  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:20:43.0895 6872  msisadrv - ok
20:20:43.0930 6872  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:20:43.0967 6872  MSiSCSI - ok
20:20:43.0977 6872  msiserver - ok
20:20:44.0003 6872  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:20:44.0060 6872  MSKSSRV - ok
20:20:44.0066 6872  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:44.0102 6872  MSPCLOCK - ok
20:20:44.0131 6872  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:20:44.0166 6872  MSPQM - ok
20:20:44.0185 6872  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:20:44.0207 6872  MsRPC - ok
20:20:44.0227 6872  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:20:44.0249 6872  mssmbios - ok
20:20:44.0256 6872  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:20:44.0291 6872  MSTEE - ok
20:20:44.0322 6872  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:20:44.0343 6872  MTConfig - ok
20:20:44.0361 6872  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:20:44.0380 6872  Mup - ok
20:20:44.0410 6872  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
20:20:44.0468 6872  napagent - ok
20:20:44.0522 6872  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:20:44.0565 6872  NativeWifiP - ok
20:20:44.0605 6872  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:20:44.0637 6872  NDIS - ok
20:20:44.0656 6872  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:44.0691 6872  NdisCap - ok
20:20:44.0719 6872  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:44.0752 6872  NdisTapi - ok
20:20:44.0780 6872  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:44.0815 6872  Ndisuio - ok
20:20:44.0828 6872  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:44.0875 6872  NdisWan - ok
20:20:44.0910 6872  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:20:44.0992 6872  NDProxy - ok
20:20:45.0026 6872  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:20:45.0111 6872  NetBIOS - ok
20:20:45.0138 6872  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:20:45.0194 6872  NetBT - ok
20:20:45.0209 6872  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
20:20:45.0254 6872  Netlogon - ok
20:20:45.0309 6872  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
20:20:45.0376 6872  Netman - ok
20:20:45.0417 6872  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:45.0451 6872  NetMsmqActivator - ok
20:20:45.0458 6872  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:45.0476 6872  NetPipeActivator - ok
20:20:45.0500 6872  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
20:20:45.0610 6872  netprofm - ok
20:20:45.0622 6872  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:45.0642 6872  NetTcpActivator - ok
20:20:45.0648 6872  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:45.0678 6872  NetTcpPortSharing - ok
20:20:45.0717 6872  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:20:45.0748 6872  nfrd960 - ok
20:20:45.0774 6872  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:20:45.0829 6872  NlaSvc - ok
20:20:45.0881 6872  [ 712BC0C22BA00B2BA324C6B8DF668EE7 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
20:20:45.0933 6872  nmwcd - ok
20:20:45.0980 6872  [ 7312987B6CCDE6F6CEE32C14BED1CA2E ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
20:20:46.0030 6872  nmwcdc - ok
20:20:46.0042 6872  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:20:46.0080 6872  Npfs - ok
20:20:46.0113 6872  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
20:20:46.0153 6872  nsi - ok
20:20:46.0161 6872  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:20:46.0196 6872  nsiproxy - ok
20:20:46.0242 6872  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:20:46.0295 6872  Ntfs - ok
20:20:46.0310 6872  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
20:20:46.0345 6872  Null - ok
20:20:46.0366 6872  [ DD1D4DBA6223A8F512AC4301D4270A7A ] nvamacpi        C:\Windows\system32\DRIVERS\NVAMACPI.sys
20:20:46.0382 6872  nvamacpi - ok
20:20:46.0585 6872  [ 73A70F1D89C942EEDD99A3F10459B051 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:20:46.0983 6872  nvlddmkm - ok
20:20:47.0038 6872  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:20:47.0065 6872  nvraid - ok
20:20:47.0096 6872  [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
20:20:47.0141 6872  nvsmu - ok
20:20:47.0161 6872  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:20:47.0182 6872  nvstor - ok
20:20:47.0208 6872  [ 032EF66DD96692AD3A9D36160F467F67 ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
20:20:47.0227 6872  nvstor32 - ok
20:20:47.0245 6872  [ 538A52E480C816D1990579A8FAAFFA20 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:20:47.0274 6872  nvsvc - ok
20:20:47.0299 6872  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:20:47.0324 6872  nv_agp - ok
20:20:47.0356 6872  [ F1A718C6C6CD3EDF157FA3D459ADFEF7 ] NW1950          C:\Windows\system32\DRIVERS\NW1950.sys
20:20:47.0372 6872  NW1950 - ok
20:20:47.0589 6872  [ 953E08D5CA0B02697A8145AAA0CA28BE ] NxpCap          C:\Windows\system32\DRIVERS\NxpCap.sys
20:20:47.0698 6872  NxpCap - ok
20:20:47.0714 6872  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:20:47.0751 6872  ohci1394 - ok
20:20:47.0788 6872  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:47.0806 6872  ose - ok
20:20:47.0848 6872  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:20:47.0907 6872  p2pimsvc - ok
20:20:47.0949 6872  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:20:47.0992 6872  p2psvc - ok
20:20:48.0014 6872  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:20:48.0041 6872  Parport - ok
20:20:48.0069 6872  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:20:48.0091 6872  partmgr - ok
20:20:48.0115 6872  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
20:20:48.0149 6872  Parvdm - ok
20:20:48.0216 6872  [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
20:20:48.0225 6872  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:20:48.0225 6872  PassThru Service - detected UnsignedFile.Multi.Generic (1)
20:20:48.0244 6872  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:20:48.0271 6872  PcaSvc - ok
20:20:48.0300 6872  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:20:48.0331 6872  pccsmcfd - ok
20:20:48.0361 6872  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
20:20:48.0382 6872  pci - ok
20:20:48.0396 6872  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
20:20:48.0414 6872  pciide - ok
20:20:48.0435 6872  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:20:48.0457 6872  pcmcia - ok
20:20:48.0487 6872  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
20:20:48.0506 6872  pcw - ok
20:20:48.0578 6872  [ 20025B31C1FC8FFEA50711C85E1A9859 ] PDAgent         C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
20:20:48.0617 6872  PDAgent - ok
20:20:48.0657 6872  [ 0B2CF6201D0BB6D156A1957742828207 ] PDEngine        C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
20:20:48.0690 6872  PDEngine - ok
20:20:48.0715 6872  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:20:48.0766 6872  PEAUTH - ok
20:20:48.0830 6872  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
20:20:48.0911 6872  pla - ok
20:20:48.0942 6872  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:20:48.0982 6872  PlugPlay - ok
20:20:49.0006 6872  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:20:49.0035 6872  PNRPAutoReg - ok
20:20:49.0051 6872  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:20:49.0081 6872  PNRPsvc - ok
20:20:49.0109 6872  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:20:49.0149 6872  PolicyAgent - ok
20:20:49.0177 6872  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
20:20:49.0216 6872  Power - ok
20:20:49.0226 6872  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:20:49.0269 6872  PptpMiniport - ok
20:20:49.0286 6872  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:20:49.0344 6872  Processor - ok
20:20:49.0387 6872  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
20:20:49.0425 6872  ProfSvc - ok
20:20:49.0436 6872  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:20:49.0461 6872  ProtectedStorage - ok
20:20:49.0481 6872  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:20:49.0528 6872  Psched - ok
20:20:49.0561 6872  [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
20:20:49.0578 6872  PSI - ok
20:20:49.0633 6872  [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service     C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
20:20:49.0660 6872  PST Service ( UnsignedFile.Multi.Generic ) - warning
20:20:49.0660 6872  PST Service - detected UnsignedFile.Multi.Generic (1)
20:20:49.0688 6872  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:20:49.0711 6872  PxHelp20 - ok
20:20:49.0747 6872  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:20:49.0791 6872  ql2300 - ok
20:20:49.0809 6872  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:20:49.0830 6872  ql40xx - ok
20:20:49.0854 6872  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
20:20:49.0883 6872  QWAVE - ok
20:20:49.0899 6872  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:20:49.0923 6872  QWAVEdrv - ok
20:20:49.0961 6872  [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
20:20:49.0981 6872  RapiMgr - ok
20:20:49.0989 6872  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:20:50.0029 6872  RasAcd - ok
20:20:50.0051 6872  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:50.0087 6872  RasAgileVpn - ok
20:20:50.0095 6872  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
20:20:50.0134 6872  RasAuto - ok
20:20:50.0164 6872  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:50.0200 6872  Rasl2tp - ok
20:20:50.0228 6872  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
20:20:50.0282 6872  RasMan - ok
20:20:50.0306 6872  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:50.0358 6872  RasPppoe - ok
20:20:50.0384 6872  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:20:50.0418 6872  RasSstp - ok
20:20:50.0440 6872  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:20:50.0476 6872  rdbss - ok
20:20:50.0502 6872  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:20:50.0525 6872  rdpbus - ok
20:20:50.0542 6872  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:50.0593 6872  RDPCDD - ok
20:20:50.0632 6872  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:20:50.0665 6872  RDPENCDD - ok
20:20:50.0676 6872  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:20:50.0709 6872  RDPREFMP - ok
20:20:50.0732 6872  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:20:50.0754 6872  RDPWD - ok
20:20:50.0780 6872  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:20:50.0802 6872  rdyboost - ok
20:20:50.0871 6872  [ 169C4D45DFCFC2E1027CFBFC2015F142 ] RegFilter       C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
20:20:50.0891 6872  RegFilter - ok
20:20:50.0911 6872  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:20:50.0966 6872  RemoteAccess - ok
20:20:50.0986 6872  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:20:51.0047 6872  RemoteRegistry - ok
20:20:51.0117 6872  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
20:20:51.0141 6872  RichVideo ( UnsignedFile.Multi.Generic ) - warning
20:20:51.0142 6872  RichVideo - detected UnsignedFile.Multi.Generic (1)
20:20:51.0156 6872  [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
20:20:51.0208 6872  ROOTMODEM - ok
20:20:51.0231 6872  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:20:51.0270 6872  RpcEptMapper - ok
20:20:51.0290 6872  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
20:20:51.0314 6872  RpcLocator - ok
20:20:51.0329 6872  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
20:20:51.0376 6872  RpcSs - ok
20:20:51.0384 6872  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:20:51.0420 6872  rspndr - ok
20:20:51.0455 6872  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
20:20:51.0478 6872  RTL8167 - ok
20:20:51.0519 6872  [ B5E9979FBB26FC059BD87A81F763D5DA ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
20:20:51.0553 6872  rtl8192se - ok
20:20:51.0570 6872  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
20:20:51.0594 6872  SamSs - ok
20:20:51.0681 6872  [ 230FD3749904CA045EA5EC0AA14006E9 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\Sandra.sys
20:20:51.0710 6872  SANDRA - ok
20:20:51.0740 6872  [ A740F0412A3C994FB3BC1871B79E46CF ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe
20:20:51.0750 6872  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
20:20:51.0751 6872  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
20:20:51.0790 6872  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:20:51.0810 6872  sbp2port - ok
20:20:51.0827 6872  SBRE - ok
20:20:51.0886 6872  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
20:20:51.0922 6872  SBSDWSCService - ok
20:20:51.0945 6872  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:20:51.0983 6872  SCardSvr - ok
20:20:52.0012 6872  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:20:52.0059 6872  scfilter - ok
20:20:52.0094 6872  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
20:20:52.0159 6872  Schedule - ok
20:20:52.0188 6872  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:20:52.0224 6872  SCPolicySvc - ok
20:20:52.0259 6872  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:20:52.0309 6872  SDRSVC - ok
20:20:52.0338 6872  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:20:52.0387 6872  secdrv - ok
20:20:52.0441 6872  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
20:20:52.0528 6872  seclogon - ok
20:20:52.0631 6872  [ 456B0B5844575714DB0370742CBB7A88 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
20:20:52.0675 6872  Secunia PSI Agent - ok
20:20:52.0719 6872  [ E5C9695967B022317BB1D96BC15CFDA0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
20:20:52.0739 6872  Secunia Update Agent - ok
20:20:52.0817 6872  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
20:20:53.0227 6872  SENS - ok
20:20:53.0253 6872  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:20:53.0415 6872  SensrSvc - ok
20:20:53.0450 6872  [ AC1F2A09B76B57356F906EEDA43CCC2A ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl.sys
20:20:53.0503 6872  Ser2pl - ok
20:20:53.0522 6872  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:20:53.0565 6872  Serenum - ok
20:20:53.0600 6872  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:20:53.0631 6872  Serial - ok
20:20:53.0650 6872  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:20:53.0670 6872  sermouse - ok
20:20:53.0710 6872  [ 12B41D84A4D058ADC60853C365DBFCCA ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:20:53.0728 6872  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
20:20:53.0728 6872  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
20:20:53.0769 6872  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:20:53.0827 6872  SessionEnv - ok
20:20:53.0850 6872  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:20:53.0870 6872  sffdisk - ok
20:20:53.0877 6872  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:20:53.0898 6872  sffp_mmc - ok
20:20:53.0907 6872  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:20:53.0929 6872  sffp_sd - ok
20:20:53.0953 6872  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:20:53.0977 6872  sfloppy - ok
20:20:54.0003 6872  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:20:54.0066 6872  SharedAccess - ok
20:20:54.0095 6872  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:20:54.0146 6872  ShellHWDetection - ok
20:20:54.0175 6872  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:20:54.0197 6872  sisagp - ok
20:20:54.0245 6872  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:20:54.0280 6872  SiSRaid2 - ok
20:20:54.0293 6872  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:20:54.0313 6872  SiSRaid4 - ok
20:20:54.0466 6872  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:20:54.0647 6872  Skype C2C Service - ok
20:20:54.0716 6872  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
20:20:54.0746 6872  SkypeUpdate - ok
20:20:54.0767 6872  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:20:54.0802 6872  Smb - ok
20:20:54.0831 6872  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:20:54.0856 6872  SNMPTRAP - ok
20:20:54.0897 6872  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
20:20:54.0914 6872  Sony PC Companion - ok
20:20:54.0920 6872  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:20:54.0942 6872  spldr - ok
20:20:54.0972 6872  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
20:20:55.0001 6872  Spooler - ok
20:20:55.0071 6872  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:20:55.0143 6872  sppsvc - ok
20:20:55.0173 6872  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:20:55.0226 6872  sppuinotify - ok
20:20:55.0262 6872  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:20:55.0287 6872  srv - ok
20:20:55.0309 6872  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:20:55.0346 6872  srv2 - ok
20:20:55.0407 6872  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:20:55.0430 6872  srvnet - ok
20:20:55.0447 6872  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:20:55.0488 6872  SSDPSRV - ok
20:20:55.0504 6872  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:20:55.0545 6872  SstpSvc - ok
20:20:55.0575 6872  [ BCB4E273147AFCAFDFC0DA59AF9E6E25 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
20:20:55.0595 6872  ssudmdm - ok
20:20:55.0633 6872  [ A651B8D404FB1C0DA03FDC6549E35750 ] ssudserd        C:\Windows\system32\DRIVERS\ssudserd.sys
20:20:55.0652 6872  ssudserd - ok
20:20:55.0701 6872  [ 329EBFCE6BA46C29EA1B8624E7823CAD ] Start BT in service C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
20:20:55.0728 6872  Start BT in service - ok
20:20:55.0756 6872  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:20:55.0774 6872  stexstor - ok
20:20:55.0804 6872  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
20:20:55.0856 6872  StiSvc - ok
20:20:55.0888 6872  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:20:55.0907 6872  swenum - ok
20:20:55.0921 6872  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
20:20:55.0973 6872  swprv - ok
20:20:56.0015 6872  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
20:20:56.0079 6872  SysMain - ok
20:20:56.0099 6872  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:20:56.0137 6872  TabletInputService - ok
20:20:56.0171 6872  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:20:56.0214 6872  TapiSrv - ok
20:20:56.0232 6872  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
20:20:56.0282 6872  TBS - ok
20:20:56.0340 6872  [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:20:56.0386 6872  Tcpip - ok
20:20:56.0417 6872  [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:20:56.0455 6872  TCPIP6 - ok
20:20:56.0475 6872  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:20:56.0509 6872  tcpipreg - ok
20:20:56.0541 6872  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:20:56.0579 6872  TDPIPE - ok
20:20:56.0603 6872  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:20:56.0641 6872  TDTCP - ok
20:20:56.0672 6872  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:20:56.0723 6872  tdx - ok
20:20:56.0730 6872  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:20:56.0750 6872  TermDD - ok
20:20:56.0786 6872  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
20:20:56.0845 6872  TermService - ok
20:20:56.0864 6872  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
20:20:56.0909 6872  Themes - ok
20:20:56.0939 6872  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:20:56.0975 6872  THREADORDER - ok
20:20:57.0032 6872  [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
20:20:57.0050 6872  TomTomHOMEService - ok
20:20:57.0069 6872  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
20:20:57.0122 6872  TrkWks - ok
20:20:57.0172 6872  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:20:57.0219 6872  TrustedInstaller - ok
20:20:57.0234 6872  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:57.0267 6872  tssecsrv - ok
20:20:57.0288 6872  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:20:57.0319 6872  TsUsbFlt - ok
20:20:57.0357 6872  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:20:57.0410 6872  tunnel - ok
20:20:57.0445 6872  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:20:57.0468 6872  uagp35 - ok
20:20:57.0497 6872  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:20:57.0542 6872  udfs - ok
20:20:57.0567 6872  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:20:57.0596 6872  UI0Detect - ok
20:20:57.0625 6872  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:20:57.0645 6872  uliagpkx - ok
20:20:57.0652 6872  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:20:57.0689 6872  umbus - ok
20:20:57.0712 6872  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:20:57.0732 6872  UmPass - ok
20:20:57.0748 6872  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
20:20:57.0789 6872  upnphost - ok
20:20:57.0815 6872  [ 7062ED67A10F1C83B2AB951736E24F11 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
20:20:57.0867 6872  upperdev - ok
20:20:57.0902 6872  [ BAD56000F6F64C8E98F67DAFE6EB7444 ] UrlFilter       C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
20:20:57.0919 6872  UrlFilter - ok
20:20:57.0927 6872  usbbus - ok
20:20:57.0946 6872  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:57.0992 6872  usbccgp - ok
20:20:58.0020 6872  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:20:58.0086 6872  usbcir - ok
20:20:58.0094 6872  UsbDiag - ok
20:20:58.0136 6872  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:20:58.0157 6872  usbehci - ok
20:20:58.0196 6872  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:20:58.0222 6872  usbhub - ok
20:20:58.0239 6872  USBModem - ok
20:20:58.0262 6872  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
20:20:58.0282 6872  usbohci - ok
20:20:58.0321 6872  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:20:58.0344 6872  usbprint - ok
20:20:58.0372 6872  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:20:58.0422 6872  usbscan - ok
20:20:58.0496 6872  [ B76D8039F5B595C4CA551B3D5DD15A98 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
20:20:58.0603 6872  UsbserFilt - ok
20:20:58.0629 6872  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:58.0656 6872  USBSTOR - ok
20:20:58.0675 6872  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:20:58.0696 6872  usbuhci - ok
20:20:58.0718 6872  [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:20:58.0743 6872  usbvideo - ok
20:20:58.0772 6872  [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
20:20:58.0793 6872  usb_rndisx - ok
20:20:58.0812 6872  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
20:20:58.0850 6872  UxSms - ok
20:20:58.0869 6872  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
20:20:58.0891 6872  VaultSvc - ok
20:20:58.0913 6872  [ 025C2A8CBA0AB595D3461D278EFF5793 ] VComm           C:\Windows\system32\DRIVERS\VComm.sys
20:20:58.0929 6872  VComm - ok
20:20:58.0963 6872  [ 95DDF14292354887D7D8C8A0881C7485 ] VcommMgr        C:\Windows\system32\Drivers\VcommMgr.sys
20:20:58.0978 6872  VcommMgr - ok
20:20:59.0010 6872  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:20:59.0036 6872  vdrvroot - ok
20:20:59.0073 6872  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
20:20:59.0132 6872  vds - ok
20:20:59.0158 6872  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:59.0181 6872  vga - ok
20:20:59.0198 6872  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:20:59.0233 6872  VgaSave - ok
20:20:59.0253 6872  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:20:59.0275 6872  vhdmp - ok
20:20:59.0306 6872  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:20:59.0325 6872  viaagp - ok
20:20:59.0344 6872  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
20:20:59.0370 6872  ViaC7 - ok
20:20:59.0381 6872  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
20:20:59.0407 6872  viaide - ok
20:20:59.0423 6872  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:20:59.0450 6872  volmgr - ok
20:20:59.0474 6872  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:20:59.0505 6872  volmgrx - ok
20:20:59.0525 6872  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:20:59.0551 6872  volsnap - ok
20:20:59.0568 6872  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:20:59.0593 6872  vsmraid - ok
20:20:59.0632 6872  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
20:20:59.0684 6872  VSS - ok
20:20:59.0693 6872  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:20:59.0728 6872  vwifibus - ok
20:20:59.0755 6872  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:20:59.0779 6872  vwififlt - ok
20:20:59.0807 6872  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
20:20:59.0851 6872  W32Time - ok
20:20:59.0886 6872  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:20:59.0921 6872  WacomPen - ok
20:20:59.0955 6872  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:21:00.0011 6872  WANARP - ok
20:21:00.0032 6872  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:21:00.0090 6872  Wanarpv6 - ok
20:21:00.0127 6872  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
20:21:00.0183 6872  wbengine - ok
20:21:00.0208 6872  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:21:00.0240 6872  WbioSrvc - ok
20:21:00.0271 6872  [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
20:21:00.0295 6872  WcesComm - ok
20:21:00.0328 6872  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:21:00.0372 6872  wcncsvc - ok
20:21:00.0396 6872  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:21:00.0475 6872  WcsPlugInService - ok
20:21:00.0482 6872  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:21:00.0502 6872  Wd - ok
20:21:00.0515 6872  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:21:00.0545 6872  Wdf01000 - ok
20:21:00.0561 6872  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:21:00.0590 6872  WdiServiceHost - ok
20:21:00.0597 6872  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:21:00.0625 6872  WdiSystemHost - ok
20:21:00.0650 6872  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
20:21:00.0700 6872  WebClient - ok
20:21:00.0710 6872  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:21:00.0751 6872  Wecsvc - ok
20:21:00.0775 6872  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:21:00.0812 6872  wercplsupport - ok
20:21:00.0833 6872  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:21:00.0873 6872  WerSvc - ok
20:21:00.0901 6872  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:21:00.0936 6872  WfpLwf - ok
20:21:00.0957 6872  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:21:00.0976 6872  WIMMount - ok
20:21:01.0048 6872  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:21:01.0102 6872  WinDefend - ok
20:21:01.0119 6872  WinHttpAutoProxySvc - ok
20:21:01.0187 6872  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:21:01.0223 6872  Winmgmt - ok
20:21:01.0269 6872  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
20:21:01.0342 6872  WinRM - ok
20:21:01.0398 6872  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
20:21:01.0424 6872  WINUSB - ok
20:21:01.0492 6872  [ F514C1C9D814F3DB46A17C59EA8214B2 ] WiseBootAssistant C:\Program Files\Wise\Wise Care 365\BootTime.exe
20:21:01.0518 6872  WiseBootAssistant - ok
20:21:01.0547 6872  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:21:01.0594 6872  Wlansvc - ok
20:21:01.0671 6872  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:21:01.0731 6872  wlidsvc - ok
20:21:01.0747 6872  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:21:01.0776 6872  WmiAcpi - ok
20:21:01.0799 6872  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:21:01.0836 6872  wmiApSrv - ok
20:21:01.0887 6872  [ 36ED6F108DFA7C7DD329CF103B02C74B ] WMI_Hook_Service C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe
20:21:01.0908 6872  WMI_Hook_Service - ok
20:21:01.0956 6872  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:21:02.0008 6872  WMPNetworkSvc - ok
20:21:02.0036 6872  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:21:02.0079 6872  WPCSvc - ok
20:21:02.0107 6872  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:21:02.0163 6872  WPDBusEnum - ok
20:21:02.0180 6872  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:21:02.0230 6872  ws2ifsl - ok
20:21:02.0248 6872  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:21:02.0282 6872  wscsvc - ok
20:21:02.0292 6872  WSearch - ok
20:21:02.0346 6872  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:21:02.0397 6872  wuauserv - ok
20:21:02.0413 6872  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:21:02.0448 6872  WudfPf - ok
20:21:02.0493 6872  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:21:02.0532 6872  WUDFRd - ok
20:21:02.0577 6872  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:21:02.0634 6872  wudfsvc - ok
20:21:02.0658 6872  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:21:02.0688 6872  WwanSvc - ok
20:21:02.0746 6872  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:21:02.0773 6872  YahooAUService - ok
20:21:02.0845 6872  ================ Scan global ===============================
20:21:02.0885 6872  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:21:02.0908 6872  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:21:02.0921 6872  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:21:02.0947 6872  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:21:02.0967 6872  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:21:02.0974 6872  [Global] - ok
20:21:02.0974 6872  ================ Scan MBR ==================================
20:21:02.0985 6872  [ C79B30CB8852157F6F908E4698CFE0D0 ] \Device\Harddisk0\DR0
20:21:06.0218 6872  \Device\Harddisk0\DR0 - ok
20:21:06.0219 6872  ================ Scan VBR ==================================
20:21:06.0224 6872  [ 8C423774BD921C6392827BB35F660F35 ] \Device\Harddisk0\DR0\Partition1
20:21:06.0226 6872  \Device\Harddisk0\DR0\Partition1 - ok
20:21:06.0252 6872  [ BDC934EC8AB62F0F5E2026458B54D8CA ] \Device\Harddisk0\DR0\Partition2
20:21:06.0255 6872  \Device\Harddisk0\DR0\Partition2 - ok
20:21:06.0285 6872  [ CFCC77A5DB7DF5EF2B976DE0E9E1FABC ] \Device\Harddisk0\DR0\Partition3
20:21:06.0287 6872  \Device\Harddisk0\DR0\Partition3 - ok
20:21:06.0293 6872  ============================================================
20:21:06.0293 6872  Scan finished
20:21:06.0293 6872  ============================================================
20:21:06.0318 4264  Detected object count: 11
20:21:06.0318 4264  Actual detected object count: 11
20:21:24.0619 4264  DeviceMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0619 4264  DeviceMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0622 4264  DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0622 4264  DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0625 4264  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0625 4264  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0628 4264  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0628 4264  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0632 4264  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0632 4264  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0634 4264  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0634 4264  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0637 4264  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0637 4264  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0639 4264  PST Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0640 4264  PST Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0643 4264  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0643 4264  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0646 4264  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0646 4264  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:21:24.0649 4264  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0649 4264  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop.

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Fehler! Also ComboFix hat alles funktioniert wie beschrieben, nur am Ende als das Log geschrieben werden sollte hat es nicht mehr reagiert und der PC wurde schwarz... Hab ihn über Nacht laufen lassen aber es hat sich nichts geändert! Jetzt hab ich ihn manuell Neu gestartet und finde aber leider kein Combofix.txt! Was nun??