Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Auswertung Combo-Fix Log-Datei (https://www.trojaner-board.de/96687-auswertung-combo-fix-log-datei.html)

Alone Wolf 21.03.2011 23:02
Auswertung Combo-Fix Log-Datei
 
Hallo Lieber Trojaner-Board Gemeinde,

ich bin hier im forum neu, und benötige weitere hilfe für die Auswertung von Combo-Fix Log-Datei.

Ich habe eine vollständige Systemprüfung mit Avira gemacht, hat 6 versteckte objeckte gefunden.
Danach habe ich mit HijackThis einen scan gemacht und auf der website hijackthis logdatei analiysiert. Log ist sauber.
Hab bisschen im internet recherchiert, und las das man mit Combofix einen scan macht und in Foren die log datei untersuchen lassen soll.
Ich brauche eure hilfe.
Beste Grüße.


PHP-Code:
ComboFix 11-03-21.01 Acer 21.03.2011  22:34:13.1.4 x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3071.2106 [GMT 1:00]
ausgeführt von:: c:\users\Acer\Desktop\ComboFix.exe
AVAntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SPAntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SPWindows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Acer\AppData\Roaming\Local
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\FILE4D2B93368724F.ddr
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\Post_Install_RB_HiQ_de.divx.ddr
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\FILE4D2B93368724F.ddp
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Post_Install_RB_HiQ_de.divx
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-02-21 bis 2011-03-21  ))))))))))))))))))))))))))))))
.
.
2011-03-21 21:37 2011-03-21 21:37    --------    d-----w-    c:\users\Acer\AppData\Local\temp
2011-03-21 21:37 2011-03-21 21:37    --------    d-----w-    c:\users\Default\AppData\Local\temp
2011-03-12 00:41 2011-03-16 12:39    --------    d-----w-    c:\programdata\TuneUp Software
2011-03-12 00:41 2011-03-12 00:41    --------    d-sh--w-    c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-09 13:29 2011-02-19 06:30    805376    ----a-w-    c:\windows\system32\FntCache.dll
2011-03-09 13:29 2011-02-19 06:30    1076736    ----a-w-    c:\windows\system32\DWrite.dll
2011-03-09 13:29 2011-02-19 06:30    739840    ----a-w-    c:\windows\system32\d2d1.dll
2011-03-09 13:29 2010-12-23 05:54    850944    ----a-w-    c:\windows\system32\sbe.dll
2011-03-09 13:29 2010-12-23 05:54    642048    ----a-w-    c:\windows\system32\CPFilters.dll
2011-03-09 13:29 2010-12-23 05:54    534528    ----a-w-    c:\windows\system32\EncDec.dll
2011-03-09 13:29 2010-12-23 05:50    199680    ----a-w-    c:\windows\system32\mpg2splt.ax
2011-03-05 23:15 2011-03-05 23:42    2337865    ----a-w-    c:\windows\system32\pbsvc.exe
2011-03-05 20:50 2011-03-14 15:25    --------    d-----w-    c:\users\Acer\AppData\Roaming\Ubisoft
2011-03-05 20:49 2011-03-05 20:49    --------    d-----w-    c:\programdata\Ubisoft
2011-03-02 15:44 2011-03-02 15:44    --------    d-----w-    c:\programdata\ATI
2011-03-02 15:43 2011-03-02 15:43    --------    d-----w-    c:\program files\Common Files\ATI Technologies
2011-03-02 15:42 2011-03-02 15:43    --------    d-----w-    c:\program files\ATI Technologies
2011-03-01 09:09 2011-03-10 23:27    --------    d-----w-    c:\program files\JDownloader
2011-02-28 02:02 2011-02-28 02:02    --------    d-----w-    c:\program files\ZippyUploader
2011-02-27 21:47 2011-02-27 21:47    --------    d-----w-    c:\users\Acer\AppData\Roaming\teamspeak2
2011-02-27 21:46 2011-02-27 21:46    34064    ----a-w-    c:\windows\system32\lhacm.acm
2011-02-27 21:46 2011-02-27 21:47    --------    d-----w-    c:\program files\Teamspeak2_RC2
2011-02-26 01:08 2011-02-26 01:08    --------    d-----w-    c:\program files\Common Files\Java
2011-02-26 01:07 2011-02-26 01:07    --------    d-----w-    c:\program files\Java
2011-02-22 20:40 2011-02-22 20:40    --------    d-----w-    c:\windows\system32\SPReview
2011-02-22 20:40 2011-02-22 20:40    --------    d-----w-    c:\windows\system32\EventProviders
2011-02-22 20:37 2010-11-20 12:29    132992    ----a-w-    c:\windows\system32\drivers\ataport.sys
2011-02-22 20:36 2010-11-20 12:18    323072    ----a-w-    c:\windows\system32\drvstore.dll
2011-02-22 20:36 2010-11-20 12:18    257024    ----a-w-    c:\windows\system32\dpx.dll
2011-02-22 20:26 2011-01-17 05:47    161792    ----a-w-    c:\windows\system32\d3d10_1.dll
2011-02-22 20:25 2011-01-07 07:46    870912    ----a-w-    c:\windows\system32\XpsPrint.dll
2011-02-22 20:25 2011-01-07 07:46    288256    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 11:47 2011-01-11 06:11    137656    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2011-03-09 02:16 2010-06-24 10:33    18328    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-05 23:47 2011-01-12 02:25    22328    ----a-w-    c:\windows\system32\drivers\PnkBstrK.sys
2011-03-05 23:47 2011-01-12 02:24    107832    ----a-w-    c:\windows\system32\PnkBstrB.exe
2011-03-05 23:42 2011-01-12 02:25    22328    ----a-w-    c:\users\Acer\AppData\Roaming\PnkBstrK.sys
2011-03-05 23:42 2011-01-12 02:24    66872    ----a-w-    c:\windows\system32\PnkBstrA.exe
2011-02-28 08:00 2011-01-11 07:06    80896    ----a-w-    c:\windows\system32\ff_vfw.dll
2011-02-26 01:07 2011-01-11 07:05    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2011-02-22 20:44 2009-07-14 02:05    152576    ----a-w-    c:\windows\system32\msclmd.dll
2011-02-13 13:35 2011-01-12 02:25    215128    ----a-w-    c:\windows\system32\PnkBstrB.xtr
2011-02-09 13:49 2011-01-12 02:24    2434856    ----a-w-    c:\windows\system32\pbsvc_bc2.exe
2011-02-03 05:54 2011-02-08 20:00    219008    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2011-02-01 19:12 2011-01-12 02:24    215128    ----a-w-    c:\windows\system32\PnkBstrB.ex0
2011-01-26 23:36 2011-01-26 23:36    7566848    ----a-w-    c:\windows\system32\drivers\atikmdag.sys
2011-01-26 23:00 2011-01-26 23:00    143360    ----a-w-    c:\windows\system32\atiapfxx.exe
2011-01-26 23:00 2010-11-26 02:58    596480    ----a-w-    c:\windows\system32\aticfx32.dll
2011-01-26 22:59 2011-01-26 22:59    17204736    ----a-w-    c:\windows\system32\atioglxx.dll
2011-01-26 22:56 2011-01-26 22:56    462848    ----a-w-    c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:55 2011-01-26 22:55    393216    ----a-w-    c:\windows\system32\atieclxx.exe
2011-01-26 22:55 2011-01-26 22:55    176128    ----a-w-    c:\windows\system32\atiesrxx.exe
2011-01-26 22:54 2011-01-26 22:54    159744    ----a-w-    c:\windows\system32\atitmmxx.dll
2011-01-26 22:53 2011-01-26 22:53    356352    ----a-w-    c:\windows\system32\atipdlxx.dll
2011-01-26 22:53 2011-01-26 22:53    278528    ----a-w-    c:\windows\system32\Oemdspif.dll
2011-01-26 22:53 2011-01-26 22:53    15872    ----a-w-    c:\windows\system32\atimuixx.dll
2011-01-26 22:53 2011-01-26 22:53    43520    ----a-w-    c:\windows\system32\ati2edxx.dll
2011-01-26 22:49 2009-07-13 22:09    4105728    ----a-w-    c:\windows\system32\atidxx32.dll
2011-01-26 22:32 2011-01-26 22:32    1912832    ----a-w-    c:\windows\system32\atiumdmv.dll
2011-01-26 22:28 2009-06-10 21:19    4170752    ----a-w-    c:\windows\system32\atiumdag.dll
2011-01-26 22:27 2011-01-26 22:27    46080    ----a-w-    c:\windows\system32\aticalrt.dll
2011-01-26 22:27 2011-01-26 22:27    44032    ----a-w-    c:\windows\system32\aticalcl.dll
2011-01-26 22:25 2011-01-26 22:25    5580800    ----a-w-    c:\windows\system32\aticaldd.dll
2011-01-26 22:24 2009-07-13 22:09    3463680    ----a-w-    c:\windows\system32\atiumdva.dll
2011-01-26 22:20 2010-11-26 02:24    52736    ----a-w-    c:\windows\system32\coinst.dll
2011-01-26 22:14 2010-11-26 02:17    249856    ----a-w-    c:\windows\system32\atiadlxx.dll
2011-01-26 22:13 2011-01-26 22:13    12800    ----a-w-    c:\windows\system32\atiglpxx.dll
2011-01-26 22:13 2011-01-26 22:13    32768    ----a-w-    c:\windows\system32\atigktxx.dll
2011-01-26 22:13 2011-01-26 22:13    238592    ----a-w-    c:\windows\system32\drivers\atikmpag.sys
2011-01-26 22:12 2010-11-26 02:15    30720    ----a-w-    c:\windows\system32\atiuxpag.dll
2011-01-26 22:12 2010-11-26 02:15    28672    ----a-w-    c:\windows\system32\atiu9pag.dll
2011-01-26 22:11 2011-01-26 22:11    53248    ----a-w-    c:\windows\system32\drivers\ati2erec.dll
2011-01-26 22:08 2011-01-26 22:08    52736    ----a-w-    c:\windows\system32\atimpc32.dll
2011-01-26 22:08 2011-01-26 22:08    52736    ----a-w-    c:\windows\system32\amdpcom32.dll
2011-01-25 17:54 2011-02-12 10:31    3386792    ----a-w-    c:\windows\system32\drivers\RTKVHDA.sys
2011-01-25 12:58 2011-02-12 10:31    2137704    ----a-w-    c:\windows\system32\RtkPgExt.dll
2011-01-25 12:58 2011-02-12 10:31    3804264    ----a-w-    c:\windows\system32\RtkAPO.dll
2011-01-24 13:20 2011-02-12 10:31    477800    ----a-w-    c:\windows\system32\RtkApoApi.dll
2011-01-24 12:29 2011-01-11 05:50    1284712    ----a-w-    c:\windows\RtlExUpd.dll
2011-01-20 13:46 2011-02-12 10:31    1564736    ----a-w-    c:\windows\system32\FMAPO.dll
2011-01-14 13:23 2011-01-11 06:11    61960    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2011-01-12 10:09 2011-02-12 10:31    783360    ----a-w-    c:\windows\system32\RCoRes.dat
2011-01-07 07:45 2011-02-08 20:01    34304    ----a-w-    c:\windows\system32\atmlib.dll
2011-01-07 05:43 2011-02-08 20:01    294400    ----a-w-    c:\windows\system32\atmfd.dll
2011-01-05 03:51 2011-02-08 20:01    2330624    ----a-w-    c:\windows\system32\win32k.sys
2011-01-04 18:25 2011-02-12 10:31    69224    ----a-w-    c:\windows\system32\RtkCoInst.dll
2009-05-01 21:02 2009-05-01 21:02    1044480    ----a-w-    c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 2009-05-01 21:02    200704    ----a-w-    c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweisleere Einträge legitime Standardeinträge werden nicht angezeigt
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20    442880    ----a-w-    c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-14 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"(0x5)
"ConsentPromptBehaviorUser"(0x3)
"EnableUIADesktopToggle"(0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"(0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 11:49    932288    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45    35736    ----a-w-    c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxczbmgr.exe]
2009-04-27 14:20    74408    ----a-w-    c:\program files\Lexmark 1200 Series\LXCZbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickFinder Scheduler]
2007-01-02 22:21    83568    ----a-w-    c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2011-01-18 19:47    10025576    ----a-w-    c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2007-08-07 10:38    675840    ----a-w-    c:\windows\vsnp2std.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2011-01-26 16:41    336384    ----a-w-    c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49    249064    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2009-03-10 17:28    258048    ----a-w-    c:\windows\tsnp2std.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 sppsvc;Software Protection;c:\windows\system32\sppsvc.exe [2010-11-20 3179520]
R3 AcpiPmi;ACPI-Energieanzeigetreiber;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 10240]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-20 80256]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
R3 AppID;Anwendungs-ID-Treiber;c:\windows\system32\drivers\appid.sys [2010-11-20 50176]
R3 AppIDSvc;Anwendungsidentität;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 BDESVC;BitLocker-Laufwerkverschlüsselungsdienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
R3 CertPropSvc;Zertifikatverteilung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-13 37888]
R3 defragsvc;Defragmentierung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 28160]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 46160]
R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 136176]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
R3 HomeGroupListener;Heimnetzgruppen-Listener;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;Heimnetzgruppen-Anbieter;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2009-07-14 67152]
R3 iaStorV;Intel RAID-Controller Windows 7;c:\windows\system32\drivers\iaStorV.sys [2010-11-20 332160]
R3 IKEEXT;IKEund AuthIP IPsec-Schlüsselerstellungsmodule;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 IPBusEnum;PnP-X-IP-Busenumerator;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 65536]
R3 iScsiPrt;iScsiPort-Treiber;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 233344]
R3 KeyIso;CNG-Schlüsselisolation;c:\windows\system32\lsass.exe [2009-07-14 22528]
R3 KtmRm;KtmRm für Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 lltdsvc;Verbindungsschicht-Topologieerkennungs-Zuordnungsprogramm;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
R3 mpio;Microsoft Multipfad-Bustreiber;c:\windows\system32\drivers\mpio.sys [2010-11-20 130432]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 28032]
R3 msdsm;Microsoft Multipfadgeräte-spezifisches Modul;c:\windows\system32\drivers\msdsm.sys [2010-11-20 116096]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-13 4096]
R3 MSiSCSI;Microsoft iSCSI-Initiator-Dienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-13 12288]
R3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-13 267264]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-13 27136]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
R3 pla;Leistungsprotokolle und -warnungen;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 PNRPAutoReg;PNRP-Computernamenveröffentlichungs-Dienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 scfilter;Filtertreiber für Smartcards der Plug Play-Klasse;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 26624]
R3 SCPolicySvc;Richtlinie zum Entfernen der Scmartcard;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SDRSVC;Windows-Sicherung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SensrSvc;Adaptive Helligkeit;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SessionEnv;Konfiguration für Remotedesktops;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 sffp_mmc;SFF-Speicherprotokolltreiber für MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-13 12288]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
R3 Smb;Nachrichtenorientiertes TCP/IPund TCP/IPv6-Protokoll (SMB-Sitzung);c:\windows\system32\DRIVERS\smb.sys [2009-07-13 71168]
R3 sppuinotify;SPP-Benachrichtigungsdienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
R3 TabletInputService;Tablet PC-Eingabedienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 TBS;TPM-Basisdienste;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 THREADORDER;Server für Threadsortierung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 204800]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 31232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 UI0Detect;Erkennung interaktiver Dienste;c:\windows\system32\UI0Detect.exe [2009-07-14 35840]
R3 uliagpkx;Uli AGP-Bus-Filter;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 57424]
R3 usbcir;eHome-Infrarotempfänger (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-13 86016]
R3 VaultSvc;Anmeldeinformationsverwaltung;c:\windows\system32\lsass.exe [2009-07-14 22528]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 160128]
R3 ViaC7;VIA C7 Processor Driver;c:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
R3 vwifibus;Virtueller WiFi-Bustreiber;c:\windows\System32\drivers\vwifibus.sys [2009-07-13 19968]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-13 21632]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-11 1343400]
R3 wbengine;Blockebenen-Sicherungsmodul;c:\windows\system32\wbengine.exe [2010-11-20 1203200]
R3 WbioSrvc;Windows-Biometriedienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wcncsvc;Windows-Sofortverbindung Konfigurationsregistrierungsstelle;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WcsPlugInService;Windows-Farbsystem;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
R3 WdiSystemHost;Diagnosesystemhost;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Wecsvc;Windows-Ereignissammlung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wercplsupport;Unterstützung in der Systemsteuerung unter Lösungen für Probleme;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WerSvc;Windows-Fehlerberichterstattungsdienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 19008]
R3 WinRM;Windows-Remoteverwaltung (WS-Verwaltung);c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Wlansvc;Automatische WLAN-Konfiguration;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WwanSvc;WWAN automatische Konfiguration;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
R4 fdPHost;Funktionssuchanbieter-Host;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 Mcx2Svc;Media Center Extender-Dienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 20992]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-20 22400]
S0 CLFS;Gemeinsames Protokoll (CLFS);c:\windows\System32\CLFS.sys [2009-07-14 249408]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2009-07-14 369568]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 58448]
S0 fvevol;Filtertreiber der Bitlocker-Laufwerkverschlüsselung;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 194800]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14208]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2009-07-14 133200]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 13888]
S0 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-20 143744]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 43088]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
S0 spldr;Security Processor Loader Driver; [x]
S0 vdrvroot;Enumerator-Treiber für Microsoft Virtual Drive;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 32832]
S0 volmgr;Treiber für Volume-Manager;c:\windows\system32\drivers\volmgr.sys [2010-11-20 53120]
S0 volmgrx;Dynamischer Volume-Manager;c:\windows\System32\drivers\volmgrx.sys [2009-07-14 297040]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 35328]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 78336]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 32256]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 16896]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
S1 tdx;NetIO-Legacy-TDI-Supporttreiber;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 74752]
S1 Wanarpv6;Remotezugriff-IPv6-ARP-Treiber;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 63488]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-13 9728]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-01-14 135336]
S2 AudioEndpointBuilder;Windows-Audio-Endpunkterstellung;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 BFE;Basisfiltermodul;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 DPS;Diagnoserichtliniendienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gpsvc;Gruppenrichtlinienclient;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 iphlpsvc;IP-Hilfsdienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-13 48128]
S2 luafv;UAC-Dateivirtualisierung;c:\windows\system32\drivers\luafv.sys [2009-07-13 86528]
S2 MMCSS;Multimediaklassenplaner;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 MpsSvc;Windows-Firewall;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NlaSvc;NLA (Network Location Awareness);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 nsi;Netzwerkspeicher-Schnittstellendienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 586752]
S2 Power;Stromversorgung;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 ProfSvc;Benutzerprofildienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 RpcEptMapper;RPC-Endpunktzuordnung;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-20 35328]
S2 UxSms;Sitzungs-Manager für Desktopfenster-Manager;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2011-01-11 14416]
S3 1394ohci;OHCI-konformer 1394-Hostcontroller;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 164864]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
S3 Appinfo;Anwendungsinformationen;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 bowser;Browsersupporttreiber;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 69632]
S3 CompositeBus;Busenumeratortreiber für Verbundgeräte;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 31232]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 728448]
S3 FDResPub;Funktionssuche-Ressourcenveröffentlichung;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 monitor;Microsoft Monitor-Klassenfunktionstreiber-Dienst;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 23552]
S3 mpsdrv;Windows-Firewallautorisierungstreiber;c:\windows\system32\drivers\mpsdrv.sys [2009-07-13 60416]
S3 mrxsmb10;SMB 1.x-Miniredirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-20 223232]
S3 mrxsmb20;SMB 2.0-Miniredirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-20 96768]
S3 netprofm;Netzwerklistendienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-04-18 30752]
S3 PcaSvc;Programmkompatibilitäts-Assistent-Dienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-13 49152]
S3 Ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at.sys [2009-08-26 76288]
S3 srv2;Server-SMB-Treiber 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-20 309248]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-20 114176]
S3 tunnel;Microsoft-Tunnelminiport-Adaptertreiber;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 108544]
S3 umbus;UMBusenumerator-Treiber;c:\windows\system32\drivers\umbus.sys [2010-11-20 39936]
S3 WdiServiceHost;Diagnosediensthost;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 WPDBusEnum;Enumeratordienst für tragbare Geräte;c:\windows\system32\svchost.exe [2009-07-14 20992]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
RPCSS    REG_MULTI_SZ       RpcEptMapper RpcSs
defragsvc    REG_MULTI_SZ       defragsvc
WerSvcGroup    REG_MULTI_SZ       wersvc
LocalServiceNoNetwork    REG_MULTI_SZ       DPS PLA BFE mpssvc WwanSvc
swprv    REG_MULTI_SZ       swprv
LocalServicePeerNet    REG_MULTI_SZ       PNRPSvc p2pimsvc p2psvc PnrpAutoReg
NetworkServiceAndNoImpersonation    REG_MULTI_SZ       KtmRm
regsvc    REG_MULTI_SZ       RemoteRegistry
LocalServiceAndNoImpersonation    REG_MULTI_SZ       SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
DcomLaunch    REG_MULTI_SZ       Power PlugPlay DcomLaunch
NetworkServiceNetworkRestricted    REG_MULTI_SZ       PolicyAgent
sdrsvc    REG_MULTI_SZ       sdrsvc
WbioSvcGroup    REG_MULTI_SZ       WbioSrvc
wcssvc    REG_MULTI_SZ       WcsPlugInService
AxInstSVGroup    REG_MULTI_SZ       AxInstSV
secsvcs    REG_MULTI_SZ       WinDefend
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
wercplsupport
EapHost
ProfSvc
schedule
hkmsvc
SessionEnv
winmgmt
browser
Themes
BDESVC
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  LocalSystemNetworkRestricted
homegrouplistener
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  LocalService
WdiServiceHost
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  NetworkService
lanmanworkstation
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 07:25]
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 07:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page hxxp://www.google.de/
IEÖffnen mit WordPerfect c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
FF ProfilePath c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\yhdt4lzu.default\
FF prefs.jsbrowser.search.selectedEngine Facemoods Search
FF prefs.jsbrowser.startup.homepage hxxp://www.google.de/
FF prefs.jsnetwork.proxy.http 74.208.195.48
FF prefs.jsnetwork.proxy.http_port 80
FF prefs.jsnetwork.proxy.type 0
FF Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF ExtJava Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF ExtYouTube to MP3youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF ExtFlagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF ExtNoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF ExtPlainOldFavorites: {7E7165E2-0767-448c-852F-5FA8714F2C37} - %profile%\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}
FF ExtWOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF ExtAdblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF ExtGreasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF ExtVTzillavtzilla@virustotal.com - %profile%\extensions\vtzilla@virustotal.com
FF user.jsnetwork.http.max-persistent-connections-per-server 4
FF user.jsnglayout.initialpaint.delay 600
FF user.jscontent.notify.interval 600000
FF user.jscontent.max.tokenizing.time 1800000
FF user.jscontent.switch.threshold 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
MSConfigStartUp-FlashPlayerUpdate c:\windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116ZwQueryKey 0 != 244ZwOpenKey 0 != 182ZwClose 0 != 50ZwEnumerateValueKey 0 != 119ZwQueryValueKey 0 != 266ZwOpenFile 0 != 179ZwQueryDirectoryFile 0 != 223ZwQuerySystemInformation 0 != 261Initialization error
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3654799423-1883908886-3868828420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3654799423-1883908886-3868828420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung2011-03-21  22:39:25
ComboFix-quarantined-files.txt  2011-03-21 21:39
.
Vor Suchlauf5 Verzeichnis(se), 230.577.385.472 Bytes frei
Nach Suchlauf9 Verzeichnis(se), 230.478.503.936 Bytes frei
.
- - End Of File - - 4BA651A45A7CF7951BC2F5D0FD19A3B4 

cosinus 22.03.2011 12:06
Warum führst du CF aus? :balla: => Hinweise zu ComboFix

Alone Wolf 22.03.2011 13:50
Warum führst du CF aus?
Wie ich schon geschrieben habe, hab ich im internet recherchiert.
Da bin ich auf einer seite gelandet und da war ein Leitfaden und Tutorium zur Nutzung von ComboFix.
Da ist alles beschrieben wie ComboFix benutzt wird.
Wer danach noch fehler macht, muss richtig dumm sein.
Daher habe ich CF ausgeführt.
Ich kann aber nichts Auswerten von diesem Log.

Und wie gehts jetzt weiter ?

cosinus 22.03.2011 14:58
Warum du CF nicht ausführen sollst, steht hier eigentlich immer dick und fett bei jedem Hinweis, deswegen hab ich dir den Link auchnohcmal gepostet. Aber nun gut.

Poste die nächsten Logs bitte NICHT in PHP-Tags sondern in Codetags, also so:

[code]

hier das Log rein

[/code]


Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.

Alone Wolf 22.03.2011 15:27
Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6131

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

22.03.2011 15:26:38
mbam-log-2011-03-22 (15-26-38).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 204610
Laufzeit: 12 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 22.03.2011 15:37
Mehr Logs von MBAM hast du nicht?

Alone Wolf 22.03.2011 15:38
Leider nein, habe MBAM erst jetzt neu installiert.

cosinus 22.03.2011 15:49
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

Alone Wolf 22.03.2011 15:58
Code:
OTL logfile created on: 22.03.2011 15:55:05 - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Acer\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
9,00 Gb Paging File | 8,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 6144 6144 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,78 Gb Total Space | 214,35 Gb Free Space | 92,08% Space Free | Partition Type: NTFS
 
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Acer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Acer\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxcz_device) -- C:\Windows\System32\lxczcoms.exe ( )
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (WinRing0_1_2_0) -- C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys (OpenLibSys.org)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (Ser2at) -- C:\Windows\System32\drivers\ser2at.sys (Prolific Technology Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (SNP2STD) USB2.0 PC Camera (SNP2STD) -- C:\Windows\System32\drivers\snp2sxp.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 E9 77 18 54 B1 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {7E7165E2-0767-448c-852F-5FA8714F2C37}:1.1.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: vtzilla@virustotal.com:1.0
FF - prefs.js..network.proxy.http: "74.208.195.48"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.05 19:55:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.05 19:55:35 | 000,000,000 | ---D | M]
 
[2011.01.11 07:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Extensions
[2011.03.22 15:51:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions
[2011.03.10 00:08:36 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.03.10 00:08:57 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.03.22 15:50:51 | 000,000,000 | ---D | M] (PlainOldFavorites) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}
[2011.01.11 07:27:36 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.01.11 07:27:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.01.26 18:49:43 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.03.17 21:00:37 | 000,000,000 | ---D | M] (VTzilla) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\vtzilla@virustotal.com
[2011.01.11 07:27:36 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\youtube2mp3@mondayx.de
[2011.02.26 02:09:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.02.26 02:08:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.26 02:08:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.26 02:07:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.01 10:09:38 | 000,002,046 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.03.21 22:37:39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.03.22 15:53:52 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2011.03.22 15:13:26 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Malwarebytes
[2011.03.22 15:13:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.03.22 15:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.22 15:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.22 15:13:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.03.22 15:13:18 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.03.22 15:12:55 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Acer\Desktop\Malwarebytes' Anti-Malware.exe
[2011.03.21 22:39:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.03.21 22:39:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.03.21 22:39:26 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\temp
[2011.03.21 22:33:34 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.03.21 22:33:34 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.03.21 22:33:34 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.03.21 22:33:30 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.03.21 22:32:40 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.21 22:32:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011.03.21 14:37:30 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.03.21 14:37:30 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.03.21 14:37:30 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.03.21 14:37:30 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.03.21 14:37:30 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.03.21 14:37:30 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.03.21 14:37:30 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.03.21 14:37:30 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.03.21 14:37:30 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.03.21 14:37:30 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.03.21 14:37:30 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.03.21 14:37:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.03.21 14:37:30 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.03.21 14:37:30 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.03.21 14:37:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.03.21 14:37:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.03.21 14:37:30 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.03.21 14:37:30 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.03.21 14:37:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.03.21 14:37:30 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.03.21 14:37:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.03.21 14:37:30 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.03.21 14:37:30 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.03.21 14:37:30 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.03.21 14:37:30 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.03.21 14:37:30 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.03.21 14:37:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.03.21 14:37:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.03.21 14:37:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.03.21 14:37:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.03.21 14:37:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.03.21 14:37:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.03.21 14:37:30 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.03.21 14:37:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.03.21 14:37:30 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.03.21 14:37:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.03.21 14:37:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.03.21 14:37:30 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.03.21 14:37:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.03.12 02:10:19 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.03.12 02:10:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.03.12 01:41:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.03.09 14:29:20 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.09 14:29:20 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.03.09 14:29:19 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.03.09 14:29:19 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011.03.09 14:29:19 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.03.09 14:29:19 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.03.06 00:16:30 | 000,000,000 | ---D | C] -- C:\Users\Acer\Documents\My Games
[2011.03.05 21:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2011.03.02 16:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.03.02 16:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.03.02 16:43:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies
[2011.03.02 16:42:20 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2011.03.01 10:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader
[2011.03.01 10:09:34 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2011.02.28 03:02:18 | 000,000,000 | ---D | C] -- C:\Programme\ZippyUploader
[2011.02.27 22:47:35 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\teamspeak2
[2011.02.27 22:46:59 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2011.02.27 22:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teamspeak2 RC2
[2011.02.27 22:46:56 | 000,000,000 | ---D | C] -- C:\Programme\Teamspeak2_RC2
[2011.02.26 02:08:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.02.26 02:08:01 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.02.26 02:08:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.02.26 02:08:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.02.26 02:07:52 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.02.22 21:40:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011.02.22 21:40:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011.02.22 21:38:31 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2011.02.22 21:38:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2011.02.22 21:38:29 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.02.22 21:38:28 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011.02.22 21:38:28 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011.02.22 21:38:27 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.02.22 21:38:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.02.22 21:38:26 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.02.22 21:38:25 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.02.22 21:38:25 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2011.02.22 21:38:24 | 003,966,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.02.22 21:38:24 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.02.22 21:38:23 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011.02.22 21:38:23 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011.02.22 21:38:23 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2011.02.22 21:38:22 | 003,911,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.02.22 21:38:22 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011.02.22 21:38:22 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.02.22 21:38:22 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.02.22 21:38:21 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2011.02.22 21:38:21 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011.02.22 21:38:21 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2011.02.22 21:38:20 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.02.22 21:38:19 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2011.02.22 21:38:18 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.02.22 21:38:18 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011.02.22 21:38:17 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2011.02.22 21:38:17 | 001,038,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011.02.22 21:38:17 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2011.02.22 21:38:17 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2011.02.22 21:38:17 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011.02.22 21:38:17 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2011.02.22 21:38:16 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011.02.22 21:38:16 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011.02.22 21:38:16 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2011.02.22 21:38:16 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2011.02.22 21:38:16 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.02.22 21:38:16 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2011.02.22 21:38:16 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2011.02.22 21:38:16 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2011.02.22 21:38:15 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2011.02.22 21:38:15 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011.02.22 21:38:15 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011.02.22 21:38:15 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011.02.22 21:38:14 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011.02.22 21:38:14 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2011.02.22 21:38:14 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2011.02.22 21:38:14 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2011.02.22 21:38:13 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2011.02.22 21:38:13 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2011.02.22 21:38:13 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011.02.22 21:38:13 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.02.22 21:38:12 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2011.02.22 21:38:12 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2011.02.22 21:38:12 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011.02.22 21:38:12 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011.02.22 21:38:12 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011.02.22 21:38:12 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2011.02.22 21:38:11 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.02.22 21:38:11 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2011.02.22 21:38:11 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011.02.22 21:38:11 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2011.02.22 21:38:11 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2011.02.22 21:38:11 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.02.22 21:38:10 | 002,414,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011.02.22 21:38:10 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2011.02.22 21:38:10 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011.02.22 21:38:10 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011.02.22 21:38:10 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2011.02.22 21:38:10 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011.02.22 21:38:10 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2011.02.22 21:38:09 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2011.02.22 21:38:09 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011.02.22 21:38:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.02.22 21:38:09 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2011.02.22 21:38:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2011.02.22 21:38:09 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011.02.22 21:38:09 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2011.02.22 21:38:08 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2011.02.22 21:38:08 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011.02.22 21:38:08 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2011.02.22 21:38:08 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2011.02.22 21:38:08 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.02.22 21:38:08 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011.02.22 21:38:08 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2011.02.22 21:38:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011.02.22 21:38:07 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2011.02.22 21:38:07 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2011.02.22 21:38:07 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2011.02.22 21:38:07 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2011.02.22 21:38:07 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2011.02.22 21:38:07 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2011.02.22 21:38:06 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011.02.22 21:38:06 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011.02.22 21:38:06 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011.02.22 21:38:06 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2011.02.22 21:38:06 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2011.02.22 21:38:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011.02.22 21:38:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2011.02.22 21:38:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2011.02.22 21:38:05 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011.02.22 21:38:05 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2011.02.22 21:38:05 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.02.22 21:38:05 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2011.02.22 21:38:05 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2011.02.22 21:38:05 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2011.02.22 21:38:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2011.02.22 21:38:05 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2011.02.22 21:38:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011.02.22 21:38:05 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011.02.22 21:38:05 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011.02.22 21:38:04 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2011.02.22 21:38:04 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2011.02.22 21:38:04 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2011.02.22 21:38:04 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011.02.22 21:38:04 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2011.02.22 21:38:04 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2011.02.22 21:38:04 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011.02.22 21:38:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2011.02.22 21:38:03 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2011.02.22 21:38:03 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2011.02.22 21:38:03 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2011.02.22 21:38:03 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2011.02.22 21:38:03 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2011.02.22 21:38:03 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2011.02.22 21:38:03 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2011.02.22 21:38:03 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.02.22 21:38:03 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2011.02.22 21:38:03 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011.02.22 21:38:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2011.02.22 21:38:03 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.02.22 21:38:02 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011.02.22 21:38:02 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2011.02.22 21:38:02 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011.02.22 21:38:02 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2011.02.22 21:38:02 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2011.02.22 21:38:01 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2011.02.22 21:38:01 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2011.02.22 21:38:01 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2011.02.22 21:38:01 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2011.02.22 21:38:01 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011.02.22 21:38:01 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2011.02.22 21:38:01 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2011.02.22 21:38:01 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2011.02.22 21:38:01 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2011.02.22 21:38:01 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2011.02.22 21:38:01 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011.02.22 21:38:01 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2011.02.22 21:38:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011.02.22 21:38:01 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2011.02.22 21:38:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2011.02.22 21:38:00 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2011.02.22 21:38:00 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011.02.22 21:38:00 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2011.02.22 21:38:00 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2011.02.22 21:38:00 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2011.02.22 21:38:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2011.02.22 21:38:00 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011.02.22 21:38:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2011.02.22 21:38:00 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.02.22 21:38:00 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2011.02.22 21:38:00 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011.02.22 21:38:00 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2011.02.22 21:38:00 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011.02.22 21:38:00 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2011.02.22 21:38:00 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.02.22 21:38:00 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2011.02.22 21:38:00 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2011.02.22 21:38:00 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011.02.22 21:37:59 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2011.02.22 21:37:59 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2011.02.22 21:37:59 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011.02.22 21:37:59 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2011.02.22 21:37:59 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011.02.22 21:37:59 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2011.02.22 21:37:59 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2011.02.22 21:37:58 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2011.02.22 21:37:58 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2011.02.22 21:37:58 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.02.22 21:37:58 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2011.02.22 21:37:58 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011.02.22 21:37:58 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011.02.22 21:37:58 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2011.02.22 21:37:58 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2011.02.22 21:37:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011.02.22 21:37:58 | 000,187,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011.02.22 21:37:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.02.22 21:37:58 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2011.02.22 21:37:57 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2011.02.22 21:37:57 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2011.02.22 21:37:57 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2011.02.22 21:37:57 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2011.02.22 21:37:57 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2011.02.22 21:37:57 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2011.02.22 21:37:57 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2011.02.22 21:37:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2011.02.22 21:37:57 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2011.02.22 21:37:57 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2011.02.22 21:37:57 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2011.02.22 21:37:56 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2011.02.22 21:37:56 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2011.02.22 21:37:56 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2011.02.22 21:37:56 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2011.02.22 21:37:56 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2011.02.22 21:37:56 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2011.02.22 21:37:56 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2011.02.22 21:37:56 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2011.02.22 21:37:56 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2011.02.22 21:37:56 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011.02.22 21:37:56 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2011.02.22 21:37:56 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2011.02.22 21:37:56 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.02.22 21:37:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2011.02.22 21:37:56 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.02.22 21:37:55 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2011.02.22 21:37:55 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2011.02.22 21:37:55 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011.02.22 21:37:55 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
[2011.02.22 21:37:55 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2011.02.22 21:37:55 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2011.02.22 21:37:55 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2011.02.22 21:37:55 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2011.02.22 21:37:55 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2011.02.22 21:37:55 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2011.02.22 21:37:55 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011.02.22 21:37:55 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2011.02.22 21:37:55 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011.02.22 21:37:55 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2011.02.22 21:37:55 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2011.02.22 21:37:55 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2011.02.22 21:37:55 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2011.02.22 21:37:55 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2011.02.22 21:37:55 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011.02.22 21:37:55 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2011.02.22 21:37:55 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2011.02.22 21:37:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2011.02.22 21:37:55 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2011.02.22 21:37:55 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2011.02.22 21:37:54 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2011.02.22 21:37:54 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2011.02.22 21:37:54 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2011.02.22 21:37:54 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2011.02.22 21:37:54 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2011.02.22 21:37:54 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2011.02.22 21:37:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2011.02.22 21:37:54 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2011.02.22 21:37:54 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011.02.22 21:37:54 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011.02.22 21:37:54 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2011.02.22 21:37:54 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2011.02.22 21:37:54 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2011.02.22 21:37:54 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2011.02.22 21:37:54 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2011.02.22 21:37:54 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2011.02.22 21:37:54 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2011.02.22 21:37:54 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2011.02.22 21:37:54 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2011.02.22 21:37:54 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2011.02.22 21:37:54 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2011.02.22 21:37:54 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2011.02.22 21:37:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2011.02.22 21:37:54 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2011.02.22 21:37:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011.02.22 21:37:53 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2011.02.22 21:37:53 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011.02.22 21:37:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2011.02.22 21:37:53 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2011.02.22 21:37:53 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011.02.22 21:37:53 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2011.02.22 21:37:53 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2011.02.22 21:37:53 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2011.02.22 21:37:53 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2011.02.22 21:37:53 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011.02.22 21:37:53 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2011.02.22 21:37:53 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2011.02.22 21:37:53 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2011.02.22 21:37:53 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2011.02.22 21:37:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2011.02.22 21:37:53 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2011.02.22 21:37:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2011.02.22 21:37:53 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2011.02.22 21:37:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2011.02.22 21:37:52 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2011.02.22 21:37:52 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2011.02.22 21:37:52 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2011.02.22 21:37:52 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2011.02.22 21:37:52 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2011.02.22 21:37:52 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2011.02.22 21:37:52 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2011.02.22 21:37:52 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2011.02.22 21:37:52 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011.02.22 21:37:52 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011.02.22 21:37:52 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2011.02.22 21:37:52 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2011.02.22 21:37:52 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2011.02.22 21:37:52 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2011.02.22 21:37:52 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2011.02.22 21:37:52 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2011.02.22 21:37:52 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2011.02.22 21:37:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2011.02.22 21:37:52 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2011.02.22 21:37:52 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2011.02.22 21:37:52 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2011.02.22 21:37:52 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011.02.22 21:37:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2011.02.22 21:37:52 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2011.02.22 21:37:52 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011.02.22 21:37:52 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011.02.22 21:37:52 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011.02.22 21:37:51 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011.02.22 21:37:51 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2011.02.22 21:37:51 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2011.02.22 21:37:51 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011.02.22 21:37:51 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2011.02.22 21:37:51 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2011.02.22 21:37:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2011.02.22 21:37:51 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2011.02.22 21:37:51 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2011.02.22 21:37:51 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011.02.22 21:37:51 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011.02.22 21:37:51 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2011.02.22 21:37:51 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2011.02.22 21:37:50 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2011.02.22 21:37:50 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2011.02.22 21:37:50 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2011.02.22 21:37:50 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2011.02.22 21:37:50 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2011.02.22 21:37:50 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2011.02.22 21:37:50 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2011.02.22 21:37:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2011.02.22 21:37:50 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2011.02.22 21:37:50 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011.02.22 21:37:50 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2011.02.22 21:37:50 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2011.02.22 21:37:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011.02.22 21:37:50 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011.02.22 21:37:50 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2011.02.22 21:37:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011.02.22 21:37:49 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2011.02.22 21:37:49 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2011.02.22 21:37:49 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2011.02.22 21:37:49 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2011.02.22 21:37:49 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2011.02.22 21:37:49 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011.02.22 21:37:49 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2011.02.22 21:37:49 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011.02.22 21:37:49 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2011.02.22 21:37:49 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2011.02.22 21:37:49 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011.02.22 21:37:49 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2011.02.22 21:37:49 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2011.02.22 21:37:49 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2011.02.22 21:37:49 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2011.02.22 21:37:49 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2011.02.22 21:37:49 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2011.02.22 21:37:49 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2011.02.22 21:37:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011.02.22 21:37:49 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011.02.22 21:37:49 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2011.02.22 21:37:49 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2011.02.22 21:37:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011.02.22 21:37:49 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2011.02.22 21:37:49 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2011.02.22 21:37:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2011.02.22 21:37:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2011.02.22 21:37:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2011.02.22 21:37:48 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.02.22 21:37:48 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2011.02.22 21:37:48 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2011.02.22 21:37:48 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2011.02.22 21:37:48 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.02.22 21:37:48 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2011.02.22 21:37:48 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011.02.22 21:37:48 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011.02.22 21:37:48 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2011.02.22 21:37:48 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011.02.22 21:37:48 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2011.02.22 21:37:48 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2011.02.22 21:37:48 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2011.02.22 21:37:48 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2011.02.22 21:37:48 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2011.02.22 21:37:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011.02.22 21:37:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2011.02.22 21:37:48 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2011.02.22 21:37:48 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2011.02.22 21:37:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2011.02.22 21:37:48 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011.02.22 21:37:48 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2011.02.22 21:37:48 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2011.02.22 21:37:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011.02.22 21:37:48 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011.02.22 21:37:48 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2011.02.22 21:37:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011.02.22 21:37:48 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2011.02.22 21:37:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2011.02.22 21:37:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2011.02.22 21:37:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2011.02.22 21:37:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011.02.22 21:37:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2011.02.22 21:37:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011.02.22 21:37:48 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2011.02.22 21:37:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2011.02.22 21:37:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2011.02.22 21:37:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2011.02.22 21:37:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2011.02.22 21:37:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2011.02.22 21:37:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2011.02.22 21:37:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2011.02.22 21:37:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2011.02.22 21:37:47 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011.02.22 21:37:47 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2011.02.22 21:37:47 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2011.02.22 21:37:47 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2011.02.22 21:37:47 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2011.02.22 21:37:47 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2011.02.22 21:37:47 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2011.02.22 21:37:47 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2011.02.22 21:37:47 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2011.02.22 21:37:47 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2011.02.22 21:37:47 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2011.02.22 21:37:47 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2011.02.22 21:37:47 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2011.02.22 21:37:47 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2011.02.22 21:37:47 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011.02.22 21:37:47 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2011.02.22 21:37:47 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2011.02.22 21:37:47 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2011.02.22 21:37:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2011.02.22 21:37:47 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2011.02.22 21:37:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2011.02.22 21:37:47 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2011.02.22 21:37:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.02.22 21:37:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2011.02.22 21:37:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2011.02.22 21:37:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2011.02.22 21:37:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2011.02.22 21:37:47 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2011.02.22 21:37:47 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2011.02.22 21:37:47 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2011.02.22 21:37:47 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2011.02.22 21:37:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2011.02.22 21:37:47 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2011.02.22 21:37:47 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2011.02.22 21:37:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2011.02.22 21:37:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2011.02.22 21:37:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2011.02.22 21:37:46 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2011.02.22 21:37:46 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2011.02.22 21:37:46 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.02.22 21:37:46 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.02.22 21:37:46 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2011.02.22 21:37:46 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2011.02.22 21:37:46 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2011.02.22 21:37:46 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011.02.22 21:37:46 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2011.02.22 21:37:46 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2011.02.22 21:37:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.02.22 21:37:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.02.22 21:37:46 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011.02.22 21:37:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2011.02.22 21:37:46 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2011.02.22 21:37:46 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2011.02.22 21:37:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2011.02.22 21:37:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2011.02.22 21:37:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2011.02.22 21:37:46 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011.02.22 21:37:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2011.02.22 21:37:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.02.22 21:37:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2011.02.22 21:37:46 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011.02.22 21:37:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2011.02.22 21:37:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2011.02.22 21:37:46 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2011.02.22 21:37:46 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2011.02.22 21:37:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011.02.22 21:37:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2011.02.22 21:37:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011.02.22 21:37:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011.02.22 21:37:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.02.22 21:37:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2011.02.22 21:37:46 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2011.02.22 21:37:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2011.02.22 21:37:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2011.02.22 21:37:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2011.02.22 21:37:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2011.02.22 21:37:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2011.02.22 21:37:45 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2011.02.22 21:37:45 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2011.02.22 21:37:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2011.02.22 21:37:45 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2011.02.22 21:37:45 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2011.02.22 21:37:45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2011.02.22 21:37:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2011.02.22 21:37:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2011.02.22 21:37:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2011.02.22 21:37:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2011.02.22 21:37:45 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2011.02.22 21:37:45 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2011.02.22 21:37:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2011.02.22 21:37:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2011.02.22 21:37:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2011.02.22 21:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2011.02.22 21:37:45 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011.02.22 21:37:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2011.02.22 21:37:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2011.02.22 21:37:45 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2011.02.22 21:37:45 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2011.02.22 21:37:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2011.02.22 21:37:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2011.02.22 21:37:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2011.02.22 21:37:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2011.02.22 21:37:45 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2011.02.22 21:37:44 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2011.02.22 21:37:44 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2011.02.22 21:37:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011.02.22 21:37:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2011.02.22 21:37:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2011.02.22 21:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2011.02.22 21:37:44 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2011.02.22 21:37:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2011.02.22 21:37:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2011.02.22 21:37:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2011.02.22 21:37:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2011.02.22 21:37:43 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2011.02.22 21:37:43 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2011.02.22 21:37:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2011.02.22 21:37:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2011.02.22 21:37:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2011.02.22 21:37:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011.02.22 21:37:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011.02.22 21:37:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011.02.22 21:37:42 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011.02.22 21:37:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2011.02.22 21:37:41 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2011.02.22 21:37:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2011.02.22 21:37:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2011.02.22 21:37:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2011.02.22 21:37:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2011.02.22 21:37:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2011.02.22 21:37:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2011.02.22 21:37:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2011.02.22 21:37:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.02.22 21:37:22 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2011.02.22 21:37:22 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011.02.22 21:37:17 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2011.02.22 21:37:14 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011.02.22 21:37:14 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2011.02.22 21:36:57 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2011.02.22 21:36:57 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2011.02.22 21:26:39 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.02.22 21:25:51 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.02.22 21:25:51 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.01.11 07:00:11 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2011.01.11 07:00:11 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2011.01.11 07:00:11 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2011.01.11 07:00:11 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2011.01.11 07:00:11 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2011.01.11 07:00:11 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2011.01.11 07:00:11 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxczcoms.exe
[2011.01.11 07:00:11 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2011.01.11 07:00:11 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2011.01.11 07:00:11 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2011.01.11 07:00:11 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxczih.exe
[2011.01.11 07:00:11 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxczcfg.exe
[2011.01.11 07:00:11 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2011.01.11 07:00:11 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2011.01.11 07:00:11 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll
[2011.01.11 06:58:55 | 000,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll
[2011.01.11 06:58:55 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.22 15:53:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2011.03.22 15:37:09 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.22 15:37:09 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.22 15:30:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.22 15:13:22 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.22 15:12:59 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Acer\Desktop\Malwarebytes' Anti-Malware.exe
[2011.03.22 13:53:42 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.22 13:53:42 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.22 13:53:42 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.22 13:53:42 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.22 13:35:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.22 13:07:25 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.21 22:37:39 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.03.21 22:25:24 | 004,298,593 | R--- | M] () -- C:\ComboFix.exe
[2011.03.21 14:37:30 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.03.21 14:37:30 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.03.21 14:37:30 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.03.21 14:37:30 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.03.21 14:37:30 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.03.21 14:37:30 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.03.21 14:37:30 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.03.21 14:37:30 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.03.21 14:37:30 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.03.21 14:37:30 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.03.21 14:37:30 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.03.21 14:37:30 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.03.21 14:37:30 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.03.21 14:37:30 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.03.21 14:37:30 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.03.21 14:37:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.03.21 14:37:30 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.03.21 14:37:30 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.03.21 14:37:30 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.03.21 14:37:30 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.03.21 14:37:30 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.03.21 14:37:30 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.03.21 14:37:30 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.03.21 14:37:30 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.03.21 14:37:30 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.03.21 14:37:30 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.03.21 14:37:30 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.03.21 14:37:30 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.03.21 14:37:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.03.21 14:37:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.03.21 14:37:30 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.03.21 14:37:30 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.03.21 14:37:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.03.21 14:37:30 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.03.21 14:37:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.03.21 14:37:30 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.03.21 14:37:30 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.03.21 14:37:30 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.03.21 14:37:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.03.21 14:37:30 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.03.16 12:47:21 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.03.06 00:42:06 | 002,337,865 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2011.03.03 22:16:05 | 000,006,656 | ---- | M] () -- C:\Users\Acer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.02 21:15:34 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.28 09:00:00 | 000,080,896 | ---- | M] () -- C:\Windows\System32\ff_vfw.dll
[2011.02.27 22:46:59 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2011.02.26 02:07:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.02.26 02:07:53 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.02.26 02:07:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.02.26 02:07:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.02.22 21:49:34 | 000,285,712 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.22 21:44:03 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
 
========== Files Created - No Company Name ==========
 
[2011.03.22 15:13:22 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.21 22:33:34 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.21 22:33:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.21 22:33:34 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.21 22:33:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.21 22:33:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.03.21 22:24:55 | 004,298,593 | R--- | C] () -- C:\ComboFix.exe
[2011.03.21 14:37:30 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.03.06 00:15:31 | 002,337,865 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2011.02.22 21:38:20 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011.02.22 21:37:45 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011.02.22 21:37:41 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011.01.12 03:24:40 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.01.11 22:56:19 | 000,006,656 | ---- | C] () -- C:\Users\Acer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.11 08:06:47 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.01.11 08:06:46 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.01.11 08:06:45 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.01.11 08:06:45 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.01.11 08:06:45 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.01.11 07:00:31 | 000,000,092 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011.01.11 07:00:11 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll
[2011.01.11 07:00:11 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll
[2011.01.11 06:58:55 | 012,067,328 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys
[2011.01.11 06:58:55 | 000,025,472 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys
[2011.01.11 06:58:55 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2011.01.11 06:28:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.21 03:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.12.17 17:00:44 | 000,227,587 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.07.14 09:47:43 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,285,712 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.02.07 18:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007.01.22 09:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll
[2006.11.02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.06.07 14:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006.03.27 12:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006.03.07 12:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll

< End of report >


Code:
OTL Extras logfile created on: 22.03.2011 15:55:05 - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Acer\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
9,00 Gb Paging File | 8,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 6144 6144 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,78 Gb Total Space | 214,35 Gb Free Space | 92,08% Space Free | Partition Type: NTFS
 
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{0B0F132E-6E8A-934D-A839-C5C15889F12B}" = ATI Catalyst Install Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{27347834-0853-0E3A-88F0-BC6BA43D8BC1}" = CCC Help Portuguese
"{28A4F99C-F116-1AFA-513A-8D44F4070B6C}" = CCC Help Greek
"{298B2F63-B391-BFC5-4AED-660BE336DE73}" = CCC Help Hungarian
"{2F96C5A9-792A-F6ED-4679-603DED5959E1}" = ccc-utility
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B1D7CF8-2A1F-CBA1-06B0-2F89327B198B}" = CCC Help French
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51A1EE33-49D5-5D85-4A0A-91D71C390BCF}" = CCC Help Italian
"{5229C090-842B-1CB0-1676-43E421294B5C}" = AMD Drag and Drop Transcoding
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DF6A7ED-3B51-8E41-B1C9-41DAD97CC08A}" = Catalyst Control Center InstallProxy
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9023988C-4F2B-EB63-7861-33D8F21624C2}" = CCC Help English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BACEBABA-2BA2-05BC-A5DC-CF495F155A24}" = Catalyst Control Center Localization All
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3D329F9-D32A-AB91-1DD2-92B6E5F649E2}" = CCC Help Spanish
"{E497FF62-960D-D750-D14F-C5E25C7AA14F}" = ccc-core-static
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E7613DC8-35E4-E46A-2960-12610864318E}" = CCC Help Polish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2898333-ED2F-EC49-5617-A23F2636A05A}" = Catalyst Control Center Graphics Previews Common
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4F9000-04FC-11E0-85D2-001AA037B01E}" = Google Earth Plug-in
"{FFA48C9D-8B43-772C-BECE-EA29587D8DDB}" = CCC Help German
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"FileZilla Client" = FileZilla Client 3.3.5.1
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.4 (Full)
"Lexmark 1200 Series" = Lexmark 1200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Opticon USB Installer" = Opticon USB Drivers Installer
"ScanIT-Client_is1" = ScanIT-Client 3.2
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Unlocker" = Unlocker 1.9.0
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"xp-AntiSpy" = xp-AntiSpy 3.97-11
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

cosinus 22.03.2011 17:58
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Alone Wolf 22.03.2011 18:15
Code:
2011/03/22 18:15:16.0629 3176        TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/22 18:15:16.0878 3176        ================================================================================
2011/03/22 18:15:16.0878 3176        SystemInfo:
2011/03/22 18:15:16.0878 3176       
2011/03/22 18:15:16.0878 3176        OS Version: 6.1.7601 ServicePack: 1.0
2011/03/22 18:15:16.0878 3176        Product type: Workstation
2011/03/22 18:15:16.0878 3176        ComputerName: ACER-PC
2011/03/22 18:15:16.0878 3176        UserName: Acer
2011/03/22 18:15:16.0878 3176        Windows directory: C:\Windows
2011/03/22 18:15:16.0878 3176        System windows directory: C:\Windows
2011/03/22 18:15:16.0878 3176        Processor architecture: Intel x86
2011/03/22 18:15:16.0878 3176        Number of processors: 4
2011/03/22 18:15:16.0878 3176        Page size: 0x1000
2011/03/22 18:15:16.0878 3176        Boot type: Normal boot
2011/03/22 18:15:16.0878 3176        ================================================================================
2011/03/22 18:15:17.0128 3176        Initialize success
2011/03/22 18:15:20.0014 3412        ================================================================================
2011/03/22 18:15:20.0014 3412        Scan started
2011/03/22 18:15:20.0014 3412        Mode: Manual;
2011/03/22 18:15:20.0014 3412        ================================================================================
2011/03/22 18:15:20.0404 3412        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/03/22 18:15:20.0435 3412        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/03/22 18:15:20.0451 3412        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/03/22 18:15:20.0497 3412        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/03/22 18:15:20.0513 3412        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/03/22 18:15:20.0529 3412        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/03/22 18:15:20.0575 3412        AFD            (1151fd4fb0216cfed887bfde29ebd516) C:\Windows\system32\drivers\afd.sys
2011/03/22 18:15:20.0591 3412        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/03/22 18:15:20.0622 3412        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/03/22 18:15:20.0638 3412        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/03/22 18:15:20.0669 3412        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/03/22 18:15:20.0685 3412        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/03/22 18:15:20.0700 3412        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/03/22 18:15:20.0841 3412        amdkmdag        (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/22 18:15:20.0997 3412        amdkmdap        (92dc2e0ae49148f83b24d89c737b0c97) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/03/22 18:15:21.0012 3412        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/03/22 18:15:21.0043 3412        amdsata        (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
2011/03/22 18:15:21.0059 3412        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/03/22 18:15:21.0090 3412        amdxata        (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
2011/03/22 18:15:21.0121 3412        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/03/22 18:15:21.0153 3412        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/03/22 18:15:21.0168 3412        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/03/22 18:15:21.0184 3412        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/22 18:15:21.0199 3412        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/03/22 18:15:21.0355 3412        atikmdag        (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/22 18:15:21.0433 3412        avgntflt        (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/22 18:15:21.0465 3412        avipbb          (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/22 18:15:21.0480 3412        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/03/22 18:15:21.0511 3412        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/03/22 18:15:21.0543 3412        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/03/22 18:15:21.0574 3412        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/03/22 18:15:21.0589 3412        bowser          (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/22 18:15:21.0621 3412        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/03/22 18:15:21.0636 3412        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/03/22 18:15:21.0667 3412        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/03/22 18:15:21.0699 3412        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/03/22 18:15:21.0714 3412        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/03/22 18:15:21.0745 3412        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/03/22 18:15:21.0761 3412        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/22 18:15:21.0855 3412        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/22 18:15:21.0886 3412        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
2011/03/22 18:15:21.0901 3412        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/03/22 18:15:21.0948 3412        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/03/22 18:15:21.0979 3412        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/22 18:15:21.0995 3412        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/03/22 18:15:22.0026 3412        CNG            (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/03/22 18:15:22.0042 3412        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/22 18:15:22.0073 3412        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
2011/03/22 18:15:22.0089 3412        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/03/22 18:15:22.0151 3412        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/03/22 18:15:22.0182 3412        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/03/22 18:15:22.0198 3412        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/03/22 18:15:22.0245 3412        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/03/22 18:15:22.0276 3412        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/22 18:15:22.0354 3412        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/03/22 18:15:22.0432 3412        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/03/22 18:15:22.0463 3412        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/03/22 18:15:22.0494 3412        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/03/22 18:15:22.0510 3412        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/03/22 18:15:22.0541 3412        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/22 18:15:22.0572 3412        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/03/22 18:15:22.0588 3412        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/03/22 18:15:22.0603 3412        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/22 18:15:22.0635 3412        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/03/22 18:15:22.0666 3412        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/03/22 18:15:22.0697 3412        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/22 18:15:22.0713 3412        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/03/22 18:15:22.0744 3412        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/03/22 18:15:22.0759 3412        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/03/22 18:15:22.0791 3412        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/03/22 18:15:22.0822 3412        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
2011/03/22 18:15:22.0837 3412        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/03/22 18:15:22.0869 3412        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/03/22 18:15:22.0900 3412        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/03/22 18:15:22.0915 3412        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
2011/03/22 18:15:22.0947 3412        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/03/22 18:15:22.0978 3412        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/03/22 18:15:23.0009 3412        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/03/22 18:15:23.0025 3412        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
2011/03/22 18:15:23.0056 3412        iaStorV        (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
2011/03/22 18:15:23.0087 3412        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/03/22 18:15:23.0165 3412        IntcAzAudAddService (39be782f9660545a491bf42320232aea) C:\Windows\system32\drivers\RTKVHDA.sys
2011/03/22 18:15:23.0212 3412        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/03/22 18:15:23.0227 3412        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/22 18:15:23.0259 3412        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/22 18:15:23.0274 3412        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/03/22 18:15:23.0305 3412        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/03/22 18:15:23.0321 3412        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/03/22 18:15:23.0337 3412        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/03/22 18:15:23.0368 3412        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
2011/03/22 18:15:23.0399 3412        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
2011/03/22 18:15:23.0415 3412        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
2011/03/22 18:15:23.0446 3412        KSecDD          (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/22 18:15:23.0461 3412        KSecPkg        (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/03/22 18:15:23.0493 3412        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/22 18:15:23.0524 3412        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/03/22 18:15:23.0571 3412        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/03/22 18:15:23.0586 3412        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/03/22 18:15:23.0602 3412        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/03/22 18:15:23.0633 3412        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/03/22 18:15:23.0664 3412        MBAMProtector  (836e0e09ca9869be7eb39ef2cf3602c7) C:\Windows\system32\drivers\mbam.sys
2011/03/22 18:15:23.0695 3412        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/03/22 18:15:23.0727 3412        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/03/22 18:15:23.0742 3412        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/03/22 18:15:23.0773 3412        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/22 18:15:23.0805 3412        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
2011/03/22 18:15:23.0820 3412        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/22 18:15:23.0851 3412        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/03/22 18:15:23.0883 3412        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/03/22 18:15:23.0914 3412        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/22 18:15:23.0945 3412        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/03/22 18:15:23.0976 3412        mrxsmb          (b272b4c3e085ea860c12f2e4faf2ffa2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/22 18:15:24.0007 3412        mrxsmb10        (9ac33ef26c8a3ad0f117d00eb7301d03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/22 18:15:24.0039 3412        mrxsmb20        (e0abdb5ed7e199e242a7d028e76c1d3a) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/22 18:15:24.0148 3412        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/03/22 18:15:24.0179 3412        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/03/22 18:15:24.0210 3412        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/03/22 18:15:24.0226 3412        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/03/22 18:15:24.0241 3412        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/03/22 18:15:24.0273 3412        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/22 18:15:24.0288 3412        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/22 18:15:24.0304 3412        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/03/22 18:15:24.0335 3412        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/03/22 18:15:24.0351 3412        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/03/22 18:15:24.0382 3412        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/03/22 18:15:24.0397 3412        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/03/22 18:15:24.0413 3412        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/03/22 18:15:24.0444 3412        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/22 18:15:24.0491 3412        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/03/22 18:15:24.0507 3412        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/03/22 18:15:24.0538 3412        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/22 18:15:24.0569 3412        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/22 18:15:24.0600 3412        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/22 18:15:24.0616 3412        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/03/22 18:15:24.0631 3412        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/22 18:15:24.0663 3412        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/22 18:15:24.0694 3412        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/03/22 18:15:24.0741 3412        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/03/22 18:15:24.0756 3412        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/22 18:15:24.0803 3412        Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
2011/03/22 18:15:24.0834 3412        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/03/22 18:15:24.0881 3412        NVENETFD        (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
2011/03/22 18:15:24.0912 3412        NVHDA          (f3ef6cb754c908c5e79fe5bb4a7e39ba) C:\Windows\system32\drivers\nvhda32v.sys
2011/03/22 18:15:24.0943 3412        nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
2011/03/22 18:15:24.0975 3412        nvsmu          (7ec12a73067baca25a8e3e2a58ae83d8) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/03/22 18:15:25.0006 3412        nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
2011/03/22 18:15:25.0021 3412        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/03/22 18:15:25.0037 3412        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/03/22 18:15:25.0068 3412        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/03/22 18:15:25.0099 3412        partmgr        (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/03/22 18:15:25.0131 3412        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/03/22 18:15:25.0162 3412        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/03/22 18:15:25.0177 3412        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/03/22 18:15:25.0209 3412        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/22 18:15:25.0224 3412        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/03/22 18:15:25.0255 3412        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/03/22 18:15:25.0318 3412        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/22 18:15:25.0349 3412        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/03/22 18:15:25.0380 3412        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/22 18:15:25.0427 3412        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/03/22 18:15:25.0458 3412        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/03/22 18:15:25.0474 3412        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/22 18:15:25.0505 3412        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/22 18:15:25.0521 3412        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/03/22 18:15:25.0536 3412        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/22 18:15:25.0567 3412        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/22 18:15:25.0599 3412        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/22 18:15:25.0614 3412        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/22 18:15:25.0630 3412        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/03/22 18:15:25.0661 3412        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/22 18:15:25.0692 3412        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/22 18:15:25.0708 3412        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/03/22 18:15:25.0739 3412        RDPWD          (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/03/22 18:15:25.0770 3412        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/03/22 18:15:25.0817 3412        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/22 18:15:25.0848 3412        RTHDMIAzAudService (87407b31ea6ff0dc4765258164b98bea) C:\Windows\system32\drivers\RtHDMIV.sys
2011/03/22 18:15:25.0895 3412        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/03/22 18:15:25.0911 3412        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/03/22 18:15:25.0942 3412        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/22 18:15:25.0973 3412        Ser2at          (268dc6a0ea10a494b369e94525742589) C:\Windows\system32\DRIVERS\ser2at.sys
2011/03/22 18:15:26.0004 3412        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/22 18:15:26.0020 3412        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/03/22 18:15:26.0035 3412        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/03/22 18:15:26.0067 3412        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/03/22 18:15:26.0098 3412        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/22 18:15:26.0129 3412        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/22 18:15:26.0145 3412        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/22 18:15:26.0191 3412        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/03/22 18:15:26.0207 3412        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/03/22 18:15:26.0223 3412        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/03/22 18:15:26.0238 3412        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/03/22 18:15:26.0488 3412        SNP2STD        (01b4b8b721345692d53f10b584b3d5d8) C:\Windows\system32\DRIVERS\snp2sxp.sys
2011/03/22 18:15:26.0675 3412        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/03/22 18:15:26.0706 3412        srv            (112127c3b2e64d7680cc39cd0a39dd7e) C:\Windows\system32\DRIVERS\srv.sys
2011/03/22 18:15:26.0753 3412        srv2            (e5dd784a4ee5ebc72a86c677c988fcdb) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/22 18:15:26.0784 3412        srvnet          (cdbe627e16cc9e98f343d73f8e81d258) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/22 18:15:26.0831 3412        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/03/22 18:15:26.0847 3412        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/03/22 18:15:26.0878 3412        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/03/22 18:15:26.0940 3412        Tcpip          (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\drivers\tcpip.sys
2011/03/22 18:15:26.0971 3412        TCPIP6          (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/22 18:15:27.0018 3412        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/22 18:15:27.0049 3412        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/03/22 18:15:27.0065 3412        TDTCP          (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/03/22 18:15:27.0096 3412        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/22 18:15:27.0112 3412        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
2011/03/22 18:15:27.0159 3412        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/22 18:15:27.0190 3412        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/03/22 18:15:27.0205 3412        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/22 18:15:27.0237 3412        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/03/22 18:15:27.0268 3412        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/22 18:15:27.0299 3412        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/22 18:15:27.0315 3412        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
2011/03/22 18:15:27.0346 3412        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/03/22 18:15:27.0361 3412        usbccgp        (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\drivers\usbccgp.sys
2011/03/22 18:15:27.0393 3412        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/03/22 18:15:27.0424 3412        usbehci        (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/22 18:15:27.0439 3412        usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
2011/03/22 18:15:27.0471 3412        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/03/22 18:15:27.0486 3412        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/22 18:15:27.0517 3412        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/22 18:15:27.0533 3412        USBSTOR        (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\drivers\USBSTOR.SYS
2011/03/22 18:15:27.0564 3412        usbuhci        (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/22 18:15:27.0580 3412        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/03/22 18:15:27.0611 3412        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/22 18:15:27.0627 3412        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/03/22 18:15:27.0658 3412        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/03/22 18:15:27.0673 3412        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/03/22 18:15:27.0705 3412        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/03/22 18:15:27.0720 3412        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/03/22 18:15:27.0736 3412        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/03/22 18:15:27.0767 3412        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/03/22 18:15:27.0783 3412        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/03/22 18:15:27.0814 3412        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/03/22 18:15:27.0845 3412        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/03/22 18:15:27.0876 3412        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/03/22 18:15:27.0892 3412        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/22 18:15:27.0907 3412        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/22 18:15:27.0954 3412        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/03/22 18:15:27.0970 3412        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/22 18:15:28.0017 3412        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/03/22 18:15:28.0032 3412        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/03/22 18:15:28.0110 3412        WinRing0_1_2_0  (845af1ba23c8d5e64def61bcc441604c) C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys
2011/03/22 18:15:28.0157 3412        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/03/22 18:15:28.0204 3412        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/22 18:15:28.0251 3412        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/03/22 18:15:28.0266 3412        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/22 18:15:28.0313 3412        ================================================================================
2011/03/22 18:15:28.0313 3412        Scan finished
2011/03/22 18:15:28.0313 3412        ================================================================================

cosinus 22.03.2011 18:24
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

Alone Wolf 22.03.2011 18:40
Code:
GMER 1.0.15.15570 - hxxp://www.gmer.net
Rootkit scan 2011-03-22 18:34:30
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\0000005a WDC_WD50 rev.05.0
Running: gmer.exe; Driver: C:\Users\Acer\AppData\Local\Temp\kxldrpob.sys


---- Kernel code sections - GMER 1.0.15 ----

.text          ntkrnlpa.exe!ZwSaveKey + 13C1                                            8323F339 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                  83278D52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text          C:\Windows\system32\DRIVERS\atikmdag.sys                                section is writeable [0x9123B000, 0x37D761, 0xE8000020]
PAGE            peauth.sys                                                              9D41BE21 100 Bytes  CALL 4A7B4703

---- User code sections - GMER 1.0.15 ----

.text          C:\Program Files\Mozilla Firefox\firefox.exe[2316] ntdll.dll!LdrLoadDll  771922B8 5 Bytes  JMP 001013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

Device          \Driver\ACPI_HAL \Device\00000041                                        halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                  fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                  fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                  fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                  fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                  fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume6                                  fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume7                                  fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:38:36 on 22.03.2011

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.15

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"bdeadmin.cpl" - "Borland Software Corporation" - C:\Windows\system32\bdeadmin.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\Acer\AppData\Local\Temp\catchme.sys  (File not found)
"kxldrpob" (kxldrpob) - ? - C:\Users\Acer\AppData\Local\Temp\kxldrpob.sys  (Hidden registry entry, rootkit activity | File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller" (usbehci) - "Microsoft Corporation" - C:\Windows\system32\DRIVERS\usbehci.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"WinRing0_1_2_0" (WinRing0_1_2_0) - "OpenLibSys.org" - C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - C:\Program Files\Unlocker\UnlockerCOM.dll  (File found, but it contains no detailed information)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -  (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
ITBar7Position "ITBar7Position" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"ProtexisLicensing" (ProtexisLicensing) - ? - C:\Windows\system32\PSIService.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:                Windows 7 Home Premium Edition
Windows Information:                Service Pack 1 (build 7601), 32-bit
Base Board Manufacturer:        ACER
BIOS Manufacturer:                American Megatrends Inc.
System Manufacturer:                ACER
System Product Name:                M5640/M3640
Logical Drives Mask:                0x000001fc

Kernel Drivers (total 193):
  0x83201000 \SystemRoot\system32\ntkrnlpa.exe
  0x83613000 \SystemRoot\system32\halmacpi.dll
  0x80BA7000 \SystemRoot\system32\kdcom.dll
  0x8B210000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x8B295000 \SystemRoot\system32\PSHED.dll
  0x8B2A6000 \SystemRoot\system32\BOOTVID.dll
  0x8B2AE000 \SystemRoot\system32\CLFS.SYS
  0x8B2F0000 \SystemRoot\system32\CI.dll
  0x8B42E000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x8B49F000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x8B4AD000 \SystemRoot\system32\drivers\ACPI.sys
  0x8B4F5000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x8B4FE000 \SystemRoot\system32\drivers\msisadrv.sys
  0x8B506000 \SystemRoot\system32\drivers\pci.sys
  0x8B530000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x8B53B000 \SystemRoot\System32\drivers\partmgr.sys
  0x8B54C000 \SystemRoot\system32\drivers\volmgr.sys
  0x8B55C000 \SystemRoot\System32\drivers\volmgrx.sys
  0x8B5A7000 \SystemRoot\system32\drivers\nvraid.sys
  0x8B5C6000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x8B5EB000 \SystemRoot\system32\drivers\pciide.sys
  0x8B5F2000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x8B400000 \SystemRoot\System32\drivers\mountmgr.sys
  0x8B416000 \SystemRoot\system32\drivers\atapi.sys
  0x8B39B000 \SystemRoot\system32\drivers\ataport.SYS
  0x8B3BE000 \SystemRoot\system32\drivers\nvstor.sys
  0x8B611000 \SystemRoot\system32\drivers\storport.sys
  0x8B659000 \SystemRoot\system32\drivers\amdxata.sys
  0x8B662000 \SystemRoot\system32\drivers\fltmgr.sys
  0x8B696000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8B6A7000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x8B80C000 \SystemRoot\System32\Drivers\msrpc.sys
  0x8B837000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x8B84A000 \SystemRoot\System32\Drivers\cng.sys
  0x8B8A7000 \SystemRoot\System32\drivers\pcw.sys
  0x8B8B5000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x8B8BE000 \SystemRoot\system32\drivers\ndis.sys
  0x8B975000 \SystemRoot\system32\drivers\NETIO.SYS
  0x8B9B3000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x8BA0D000 \SystemRoot\System32\drivers\tcpip.sys
  0x8BB57000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x8BB88000 \SystemRoot\system32\drivers\volsnap.sys
  0x8BBC7000 \SystemRoot\System32\Drivers\spldr.sys
  0x8BBCF000 \SystemRoot\System32\drivers\rdyboost.sys
  0x8B9D8000 \SystemRoot\System32\Drivers\mup.sys
  0x8BA00000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x8BC2A000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x8BC5C000 \SystemRoot\system32\DRIVERS\disk.sys
  0x8BCBA000 \SystemRoot\system32\drivers\cdrom.sys
  0x8BCD9000 \SystemRoot\System32\Drivers\Null.SYS
  0x8BCE0000 \SystemRoot\System32\Drivers\Beep.SYS
  0x8BCE7000 \SystemRoot\System32\drivers\vga.sys
  0x8BCF3000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x8BD14000 \SystemRoot\System32\drivers\watchdog.sys
  0x8BD21000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x8BD29000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x8BD31000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x8BD39000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x8BD44000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x8BD52000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x8BD69000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x8BD75000 \SystemRoot\system32\drivers\afd.sys
  0x90839000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x9086B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x90872000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x90891000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x9089F000 \SystemRoot\system32\DRIVERS\serial.sys
  0x908B9000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x908CC000 \SystemRoot\system32\drivers\termdd.sys
  0x908DD000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
  0x908E3000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x90924000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x9092E000 \SystemRoot\system32\drivers\mssmbios.sys
  0x90938000 \SystemRoot\System32\drivers\discache.sys
  0x90944000 \SystemRoot\System32\Drivers\dfsc.sys
  0x9095C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x9096A000 \SystemRoot\system32\DRIVERS\avipbb.sys
  0x90990000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x909B1000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x909C3000 \SystemRoot\system32\DRIVERS\serenum.sys
  0x909E5000 \SystemRoot\system32\drivers\mouclass.sys
  0x909F2000 \SystemRoot\system32\DRIVERS\nvsmu.sys
  0x909F5000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x90A16000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x90A61000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x90A70000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x90A8F000 \SystemRoot\system32\drivers\1394ohci.sys
  0x90ABC000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x9123A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x90AFB000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x919C0000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x9242E000 \SystemRoot\system32\DRIVERS\nvm62x32.sys
  0x92483000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x92490000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x924A2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x924BA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x924C5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x924E7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x924FF000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x92516000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x9252D000 \SystemRoot\system32\drivers\kbdclass.sys
  0x9253A000 \SystemRoot\system32\drivers\swenum.sys
  0x9253C000 \SystemRoot\system32\drivers\ks.sys
  0x92570000 \SystemRoot\system32\drivers\umbus.sys
  0x9257E000 \SystemRoot\system32\drivers\usbhub.sys
  0x925C2000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x96A04000 \SystemRoot\system32\drivers\RTKVHDA.sys
  0x96D3E000 \SystemRoot\system32\drivers\portcls.sys
  0x96D6D000 \SystemRoot\system32\drivers\drmk.sys
  0x96D86000 \SystemRoot\system32\drivers\nvhda32v.sys
  0x96D91000 \SystemRoot\system32\drivers\RtHDMIV.sys
  0x98030000 \SystemRoot\System32\win32k.sys
  0x96DB7000 \SystemRoot\System32\drivers\Dxapi.sys

cosinus 22.03.2011 18:43
MBRCheck ist unvollständig.

Alone Wolf 22.03.2011 19:56
Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:                Windows 7 Home Premium Edition
Windows Information:                Service Pack 1 (build 7601), 32-bit
Base Board Manufacturer:        ACER
BIOS Manufacturer:                American Megatrends Inc.
System Manufacturer:                ACER
System Product Name:                M5640/M3640
Logical Drives Mask:                0x000001fc

Kernel Drivers (total 193):
  0x83201000 \SystemRoot\system32\ntkrnlpa.exe
  0x83613000 \SystemRoot\system32\halmacpi.dll
  0x80BA7000 \SystemRoot\system32\kdcom.dll
  0x8B210000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x8B295000 \SystemRoot\system32\PSHED.dll
  0x8B2A6000 \SystemRoot\system32\BOOTVID.dll
  0x8B2AE000 \SystemRoot\system32\CLFS.SYS
  0x8B2F0000 \SystemRoot\system32\CI.dll
  0x8B42E000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x8B49F000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x8B4AD000 \SystemRoot\system32\drivers\ACPI.sys
  0x8B4F5000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x8B4FE000 \SystemRoot\system32\drivers\msisadrv.sys
  0x8B506000 \SystemRoot\system32\drivers\pci.sys
  0x8B530000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x8B53B000 \SystemRoot\System32\drivers\partmgr.sys
  0x8B54C000 \SystemRoot\system32\drivers\volmgr.sys
  0x8B55C000 \SystemRoot\System32\drivers\volmgrx.sys
  0x8B5A7000 \SystemRoot\system32\drivers\nvraid.sys
  0x8B5C6000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x8B5EB000 \SystemRoot\system32\drivers\pciide.sys
  0x8B5F2000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x8B400000 \SystemRoot\System32\drivers\mountmgr.sys
  0x8B416000 \SystemRoot\system32\drivers\atapi.sys
  0x8B39B000 \SystemRoot\system32\drivers\ataport.SYS
  0x8B3BE000 \SystemRoot\system32\drivers\nvstor.sys
  0x8B611000 \SystemRoot\system32\drivers\storport.sys
  0x8B659000 \SystemRoot\system32\drivers\amdxata.sys
  0x8B662000 \SystemRoot\system32\drivers\fltmgr.sys
  0x8B696000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8B6A7000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x8B80C000 \SystemRoot\System32\Drivers\msrpc.sys
  0x8B837000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x8B84A000 \SystemRoot\System32\Drivers\cng.sys
  0x8B8A7000 \SystemRoot\System32\drivers\pcw.sys
  0x8B8B5000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x8B8BE000 \SystemRoot\system32\drivers\ndis.sys
  0x8B975000 \SystemRoot\system32\drivers\NETIO.SYS
  0x8B9B3000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x8BA0D000 \SystemRoot\System32\drivers\tcpip.sys
  0x8BB57000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x8BB88000 \SystemRoot\system32\drivers\volsnap.sys
  0x8BBC7000 \SystemRoot\System32\Drivers\spldr.sys
  0x8BBCF000 \SystemRoot\System32\drivers\rdyboost.sys
  0x8B9D8000 \SystemRoot\System32\Drivers\mup.sys
  0x8BA00000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x8BC2A000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x8BC5C000 \SystemRoot\system32\DRIVERS\disk.sys
  0x8BCBA000 \SystemRoot\system32\drivers\cdrom.sys
  0x8BCD9000 \SystemRoot\System32\Drivers\Null.SYS
  0x8BCE0000 \SystemRoot\System32\Drivers\Beep.SYS
  0x8BCE7000 \SystemRoot\System32\drivers\vga.sys
  0x8BCF3000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x8BD14000 \SystemRoot\System32\drivers\watchdog.sys
  0x8BD21000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x8BD29000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x8BD31000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x8BD39000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x8BD44000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x8BD52000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x8BD69000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x8BD75000 \SystemRoot\system32\drivers\afd.sys
  0x90839000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x9086B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x90872000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x90891000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x9089F000 \SystemRoot\system32\DRIVERS\serial.sys
  0x908B9000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x908CC000 \SystemRoot\system32\drivers\termdd.sys
  0x908DD000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
  0x908E3000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x90924000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x9092E000 \SystemRoot\system32\drivers\mssmbios.sys
  0x90938000 \SystemRoot\System32\drivers\discache.sys
  0x90944000 \SystemRoot\System32\Drivers\dfsc.sys
  0x9095C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x9096A000 \SystemRoot\system32\DRIVERS\avipbb.sys
  0x90990000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x909B1000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x909C3000 \SystemRoot\system32\DRIVERS\serenum.sys
  0x909E5000 \SystemRoot\system32\drivers\mouclass.sys
  0x909F2000 \SystemRoot\system32\DRIVERS\nvsmu.sys
  0x909F5000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x90A16000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x90A61000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x90A70000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x90A8F000 \SystemRoot\system32\drivers\1394ohci.sys
  0x90ABC000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x9123A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x90AFB000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x919C0000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x9242E000 \SystemRoot\system32\DRIVERS\nvm62x32.sys
  0x92483000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x92490000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x924A2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x924BA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x924C5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x924E7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x924FF000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x92516000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x9252D000 \SystemRoot\system32\drivers\kbdclass.sys
  0x9253A000 \SystemRoot\system32\drivers\swenum.sys
  0x9253C000 \SystemRoot\system32\drivers\ks.sys
  0x92570000 \SystemRoot\system32\drivers\umbus.sys
  0x9257E000 \SystemRoot\system32\drivers\usbhub.sys
  0x925C2000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x96A04000 \SystemRoot\system32\drivers\RTKVHDA.sys
  0x96D3E000 \SystemRoot\system32\drivers\portcls.sys
  0x96D6D000 \SystemRoot\system32\drivers\drmk.sys
  0x96D86000 \SystemRoot\system32\drivers\nvhda32v.sys
  0x96D91000 \SystemRoot\system32\drivers\RtHDMIV.sys
  0x98030000 \SystemRoot\System32\win32k.sys
  0x96DB7000 \SystemRoot\System32\drivers\Dxapi.sys
  0x96DC1000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x96DCE000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x96DD8000 \SystemRoot\System32\Drivers\dump_nvstor.sys
  0x925D3000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x925E4000 \SystemRoot\system32\DRIVERS\ser2at.sys
  0x92400000 \SystemRoot\system32\drivers\hidusb.sys
  0x9240B000 \SystemRoot\system32\drivers\HIDCLASS.SYS
  0x9241E000 \SystemRoot\system32\drivers\HIDPARSE.SYS
  0x96DFD000 \SystemRoot\system32\drivers\USBD.SYS
  0x91200000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x9120B000 \SystemRoot\system32\DRIVERS\usbscan.sys
  0x98603000 \SystemRoot\system32\DRIVERS\snp2sxp.sys
  0x99186000 \SystemRoot\system32\DRIVERS\STREAM.SYS
  0x99194000 \SystemRoot\system32\DRIVERS\SNCAMD.SYS
  0x9919B000 \SystemRoot\system32\DRIVERS\usbprint.sys
  0x991A6000 \SystemRoot\system32\drivers\usbccgp.sys
  0x991BD000 \SystemRoot\system32\drivers\kbdhid.sys
  0x991C9000 \SystemRoot\system32\drivers\USBSTOR.SYS
  0x991E0000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x98290000 \SystemRoot\System32\TSDDD.dll
  0x982C0000 \SystemRoot\System32\cdd.dll
  0x91219000 \SystemRoot\system32\drivers\luafv.sys
  0x991EB000 \SystemRoot\system32\DRIVERS\avgntflt.sys
  0x90BB2000 \SystemRoot\system32\drivers\WudfPf.sys
  0x90BCC000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x90BDC000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x90800000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x90A00000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x8BDCF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x8BC6D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x90819000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x9D410000 \SystemRoot\system32\drivers\peauth.sys
  0x9D4A7000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x9D4B1000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x9D4D2000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x9D4DF000 \??\C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys
  0x9D4E1000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x9D530000 \SystemRoot\System32\DRIVERS\srv.sys
  0xA1217000 \SystemRoot\system32\drivers\HTTP.sys
  0xA12BD000 \??\C:\Windows\system32\drivers\mbam.sys
  0xA1341000 \??\C:\Users\Acer\AppData\Local\Temp\kxldrpob.sys
  0x77130000 \Windows\System32\ntdll.dll
  0x484C0000 \Windows\System32\smss.exe
  0x77370000 \Windows\System32\apisetschema.dll
  0x00FF0000 \Windows\System32\autochk.exe
  0x772B0000 \Windows\System32\msvcrt.dll
  0x770E0000 \Windows\System32\gdi32.dll
  0x77050000 \Windows\System32\oleaut32.dll
  0x76FB0000 \Windows\System32\advapi32.dll
  0x76F50000 \Windows\System32\shlwapi.dll
  0x772A0000 \Windows\System32\psapi.dll
  0x76DF0000 \Windows\System32\ole32.dll
  0x76D90000 \Windows\System32\difxapi.dll
  0x77280000 \Windows\System32\imm32.dll
  0x76140000 \Windows\System32\shell32.dll
  0x76060000 \Windows\System32\kernel32.dll
  0x77270000 \Windows\System32\normaliz.dll
  0x76040000 \Windows\System32\sechost.dll
  0x75F70000 \Windows\System32\user32.dll
  0x75F20000 \Windows\System32\Wldap32.dll
  0x75F10000 \Windows\System32\lpk.dll
  0x75E70000 \Windows\System32\usp10.dll
  0x75D60000 \Windows\System32\urlmon.dll
  0x75CB0000 \Windows\System32\rpcrt4.dll
  0x75C80000 \Windows\System32\imagehlp.dll
  0x75BF0000 \Windows\System32\clbcatq.dll
  0x75A50000 \Windows\System32\setupapi.dll
  0x75980000 \Windows\System32\msctf.dll
  0x75940000 \Windows\System32\ws2_32.dll
  0x75820000 \Windows\System32\wininet.dll
  0x75810000 \Windows\System32\nsi.dll
  0x75650000 \Windows\System32\iertutil.dll
  0x755D0000 \Windows\System32\comdlg32.dll
  0x755A0000 \Windows\System32\wintrust.dll
  0x75580000 \Windows\System32\devobj.dll
  0x75460000 \Windows\System32\crypt32.dll
  0x753D0000 \Windows\System32\comctl32.dll
  0x753A0000 \Windows\System32\cfgmgr32.dll
  0x75350000 \Windows\System32\KernelBase.dll
  0x75340000 \Windows\System32\msasn1.dll

Processes (total 37):
      0 System Idle Process
      4 System
    284 C:\Windows\System32\smss.exe
    432 csrss.exe
    512 C:\Windows\System32\wininit.exe
    520 csrss.exe
    560 C:\Windows\System32\services.exe
    580 C:\Windows\System32\lsass.exe
    588 C:\Windows\System32\lsm.exe
    672 C:\Windows\System32\winlogon.exe
    732 C:\Windows\System32\svchost.exe
    844 C:\Windows\System32\svchost.exe
    932 C:\Windows\System32\svchost.exe
    972 C:\Windows\System32\svchost.exe
    1020 C:\Windows\System32\svchost.exe
    1168 C:\Windows\System32\svchost.exe
    1260 C:\Windows\System32\svchost.exe
    1364 C:\Program Files\Avira\AntiVir Desktop\sched.exe
    1400 C:\Windows\System32\svchost.exe
    1540 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    1612 C:\Windows\System32\svchost.exe
    1864 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    1876 C:\Windows\System32\conhost.exe
    320 C:\Windows\System32\taskhost.exe
    748 C:\Windows\System32\dwm.exe
    1152 C:\Windows\explorer.exe
    2056 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    2064 C:\Program Files\Windows Sidebar\sidebar.exe
    2452 C:\Windows\System32\svchost.exe
    3636 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    3772 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    460 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    2316 C:\Program Files\Mozilla Firefox\firefox.exe
    1308 C:\Windows\System32\audiodg.exe
    1076 C:\Users\Acer\Desktop\MBRCheck.exe
    3528 C:\Windows\System32\conhost.exe
    3960 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000003a`38600000  (NTFS)

PhysicalDrive0 Model Number: WDC WD5000AAKS-00V1A, Rev: 05.0

      Size  Device Name          MBR Status
  --------------------------------------------
    465 GB  \\.\PhysicalDrive0  MBR Code Faked!
            SHA1: A944880D6DB29DB73E8423C17FEC4364A7F69A83


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
  [1] Dump the MBR of a physical disk to file.
  [2] Restore the MBR of a physical disk with a standard boot code.
  [3] Exit.

Enter your choice:

Done!


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:22 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131