Trojaner-Board - Trojan.Agent

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Trojan.Agent (https://www.trojaner-board.de/106090-trojan-agent.html)

Hallo, Malwarebytes hat bei mir im Verzeichniss /..../Internet Explorer/ einen Trojan_Agent gefunden, natürlich wurde die Datei sofort mit Hilfe von Mbam gelöscht.Das Bizzarre, ich benutze den IE garnicht.

Jedenfalls habe ich das System neu gestartet, und wieder mit MBAM gescannt, Sauber!

Danach mit dem ESET online Scan, Sauber!

Danach mit Avast!, Sauber!

Anschliessend habe ich einen full Scan mit OTL gemacht.

Ich möchte nun wissen wie ich herausfinden kann ob er noch da ist, welche Logs braucht ihr, was muss ich machen?

MFG

Hier der OLDTIMER Log:

OTL Logfile:

Code:

OTL logfile created on: 11.12.2011 02:43:21 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\HAFX\Downloads

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 33,04% Memory free

8,00 Gb Paging File | 4,54 Gb Available in Paging File | 56,77% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 95,85 Gb Free Space | 49,10% Space Free | Partition Type: NTFS

Drive D: | 244,14 Gb Total Space | 104,04 Gb Free Space | 42,61% Space Free | Partition Type: NTFS

Drive E: | 26,31 Gb Total Space | 26,18 Gb Free Space | 99,53% Space Free | Partition Type: NTFS

 

Computer Name: HAFX-PC | User Name: HAFX | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.12.11 01:24:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\HAFX\Downloads\OTL.exe

PRC - [2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe

PRC - [2011.12.06 17:23:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2011.12.02 10:37:40 | 002,923,392 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe

PRC - [2011.11.08 20:15:50 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2011.11.08 16:14:12 | 000,129,024 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\WebKitServer.exe

PRC - [2011.11.08 16:10:42 | 002,132,480 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\LCDHost.exe

PRC - [2011.11.07 20:14:42 | 028,854,408 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe

PRC - [2011.10.22 12:06:30 | 002,533,040 | ---- | M] (Beepa P/L) -- E:\Spiele-Multimedia\Fraps\fraps.exe

PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011.10.12 16:06:14 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe

PRC - [2011.09.30 09:28:08 | 000,546,464 | ---- | M] (ESET) -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe

PRC - [2011.09.30 09:28:06 | 000,884,304 | ---- | M] () -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe

PRC - [2011.08.31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

PRC - [2011.08.23 04:34:34 | 024,182,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2011.07.06 18:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.06.06 20:05:02 | 000,858,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDYT.exe

PRC - [2011.06.06 20:05:02 | 000,850,504 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDMovieViewer.exe

PRC - [2011.06.06 20:05:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe

PRC - [2011.06.06 20:05:02 | 000,498,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDWebCam.exe

PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

PRC - [2011.04.26 13:55:58 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe

PRC - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2011.03.30 08:12:18 | 000,310,944 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

PRC - [2010.05.20 09:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

PRC - [2006.11.17 16:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTSched.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.12.10 23:39:40 | 001,482,752 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_NowPlaying.dll

MOD - [2011.12.10 23:39:32 | 000,576,512 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_DataViewer.dll

MOD - [2011.11.18 15:06:44 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

MOD - [2011.11.08 20:15:49 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2011.11.08 16:15:40 | 000,112,128 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_LgLcdMan.dll

MOD - [2011.11.08 16:15:26 | 000,110,592 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_LgBacklight.dll

MOD - [2011.11.08 16:14:50 | 000,355,328 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_WebKit.dll

MOD - [2011.11.08 16:14:12 | 000,129,024 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\WebKitServer.exe

MOD - [2011.11.08 16:14:02 | 000,094,208 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_VirtualLCD.dll

MOD - [2011.11.08 16:13:54 | 000,286,208 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Text.dll

MOD - [2011.11.08 16:13:20 | 000,298,496 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Mailcount.dll

MOD - [2011.11.08 16:12:58 | 001,353,728 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Lua.dll

MOD - [2011.11.08 16:11:44 | 000,103,936 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Decor.dll

MOD - [2011.11.08 16:11:44 | 000,009,728 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Image.dll

MOD - [2011.11.08 16:11:34 | 000,264,192 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Bar.dll

MOD - [2011.11.08 16:10:42 | 002,132,480 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\LCDHost.exe

MOD - [2011.11.07 20:12:12 | 016,827,392 | R--- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll

MOD - [2011.11.07 20:05:36 | 000,312,320 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll

MOD - [2011.11.07 20:05:34 | 000,264,192 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll

MOD - [2011.11.07 20:05:34 | 000,211,456 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll

MOD - [2011.11.07 20:05:34 | 000,032,256 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll

MOD - [2011.11.07 20:05:34 | 000,028,672 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll

MOD - [2011.11.07 20:05:32 | 000,172,544 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qjpcodecs4.dll

MOD - [2011.11.07 20:05:32 | 000,158,208 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qtwcodecs4.dll

MOD - [2011.11.07 20:05:32 | 000,079,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qkrcodecs4.dll

MOD - [2011.11.07 20:05:28 | 000,143,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qcncodecs4.dll

MOD - [2011.11.07 20:04:10 | 000,327,680 | R--- | M] () -- C:\Program Files (x86)\Origin\phonon4.dll

MOD - [2011.11.07 20:04:08 | 001,152,512 | R--- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll

MOD - [2011.11.07 20:04:08 | 000,413,184 | R--- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll

MOD - [2011.11.07 20:04:06 | 009,440,256 | R--- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll

MOD - [2011.11.07 20:04:04 | 002,694,144 | R--- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll

MOD - [2011.10.12 16:06:14 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe

MOD - [2011.09.30 09:28:06 | 000,884,304 | ---- | M] () -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe

MOD - [2011.07.09 10:12:52 | 000,377,344 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Weather.dll

MOD - [2011.07.09 10:12:44 | 000,173,568 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Dial.dll

MOD - [2011.07.09 10:12:34 | 000,206,336 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Graph.dll

MOD - [2011.07.09 10:12:30 | 000,755,712 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Monitoring.dll

MOD - [2011.07.09 10:12:22 | 000,442,368 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Cursor.dll

MOD - [2011.06.16 09:00:00 | 003,715,584 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax

MOD - [2011.05.04 12:35:04 | 002,552,320 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtCore4.dll

MOD - [2011.05.04 12:34:56 | 000,399,360 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtXml4.dll

MOD - [2011.05.04 12:34:54 | 017,333,760 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtWebKit4.dll

MOD - [2011.05.04 12:34:44 | 001,209,344 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtNetwork4.dll

MOD - [2011.05.04 12:34:44 | 000,379,392 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qtiff4.dll

MOD - [2011.05.04 12:34:36 | 009,849,856 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtGui4.dll

MOD - [2011.05.04 12:34:22 | 000,351,744 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qmng4.dll

MOD - [2011.05.04 12:34:22 | 000,344,576 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\phonon4.dll

MOD - [2011.05.04 12:34:22 | 000,287,232 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qjpeg4.dll

MOD - [2011.05.04 12:34:22 | 000,083,456 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qico4.dll

MOD - [2011.05.04 12:34:22 | 000,083,456 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qgif4.dll

MOD - [2011.05.04 12:34:22 | 000,043,008 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\libgcc_s_dw2-1.dll

MOD - [2011.05.04 12:34:22 | 000,011,362 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\mingwm10.dll

MOD - [2011.04.26 13:55:58 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.6\lib\shellext32.dll

MOD - [2011.02.14 22:02:58 | 002,417,664 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll

MOD - [2010.03.07 04:31:36 | 000,024,110 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll

MOD - [2010.02.10 17:36:20 | 009,565,184 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll

MOD - [2010.02.10 17:11:00 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll

MOD - [2010.02.10 17:08:16 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll

MOD - [2009.06.22 19:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll

MOD - [2008.06.10 18:07:56 | 000,129,536 | ---- | M] () -- C:\Program Files (x86)\LcdStudio\WmpNative.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2011.11.23 14:17:26 | 000,094,992 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)

SRV:64bit: - [2011.10.26 03:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2011.10.25 21:14:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2011.06.17 08:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)

SRV:64bit: - [2011.06.09 19:55:13 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)

SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV:64bit: - [2008.08.14 23:41:22 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\RpcAgentSrv.exe -- (SandraAgentSrv)

SRV - [2011.12.10 15:05:47 | 000,234,536 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)

SRV - [2011.12.06 17:23:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2011.12.02 10:37:40 | 002,923,392 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)

SRV - [2011.11.18 14:22:14 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)

SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011.09.22 17:04:36 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011.08.15 09:02:12 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2011.07.06 18:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.06.07 13:45:18 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2011.06.07 13:45:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)

SRV - [2011.04.26 13:55:58 | 000,216,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe -- (statuscached)

SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2010.07.08 11:50:20 | 000,450,560 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) [Auto | Running] -- C:\Windows\SysWOW64\STGRAMDiskHandler64.exe -- (Steganos Volatile Disk)

SRV - [2010.05.20 09:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2005.03.09 19:50:18 | 000,018,944 | ---- | M] (libusb-Win32) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)

DRV:64bit: - [2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2011.11.23 14:17:24 | 000,158,336 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)

DRV:64bit: - [2011.11.10 18:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)

DRV:64bit: - [2011.10.26 04:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011.10.26 02:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.07.13 20:07:13 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)

DRV:64bit: - [2011.06.24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)

DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.06.06 23:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2011.06.06 20:05:02 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)

DRV:64bit: - [2011.06.06 20:05:02 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)

DRV:64bit: - [2011.06.06 20:05:02 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)

DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.04.30 12:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2011.04.30 12:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.10 14:44:16 | 002,725,376 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)

DRV:64bit: - [2011.02.11 22:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)

DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010.09.03 15:45:08 | 000,028,576 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt.com) [Driver] [Kernel | System | Running] -- C:\Windows\SysNative\drivers\STGMFEngine64.sys -- (STGMFEngine64)

DRV:64bit: - [2010.08.19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2010.03.19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009.12.03 15:48:32 | 000,716,872 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)

DRV:64bit: - [2009.11.04 04:03:56 | 000,020,032 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPJoyBus64.sys -- (PPJoyBus)

DRV:64bit: - [2009.09.28 01:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)

DRV:64bit: - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\Sandra.sys -- (SANDRA)

DRV:64bit: - [2009.07.31 10:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2008.12.26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV:64bit: - [2005.03.29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)

DRV - [2009.08.22 19:25:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2005.03.09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\URLSearchHook:  - No CLSID value found

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Hotmail und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 21 BC 3D 58 42 CC 01  [binary data]

IE - HKCU\..\URLSearchHook:  - No CLSID value found

IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "google.de"

FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.6&q="

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.01 14:32:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.08 20:15:51 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.16 13:21:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.16 13:21:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

 

[2011.09.30 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Extensions

[2011.09.30 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2011.12.07 21:57:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions

[2011.10.16 20:17:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.11.20 19:37:03 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2011.07.18 11:46:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\battlefieldplay4free@ea.com

[2011.07.11 17:56:14 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\engine@conduit.com

[2011.12.05 18:07:11 | 000,001,056 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Mozilla\Firefox\Profiles\yk9ok6on.default\searchplugins\icqplugin.xml

[2011.11.08 20:16:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

() (No name found) -- C:\USERS\HAFX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YK9OK6ON.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI

() (No name found) -- C:\USERS\HAFX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YK9OK6ON.DEFAULT\EXTENSIONS\ADMIN@PROXY-LISTEN.DE.XPI

[2011.11.08 20:15:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

 

O1 HOSTS File: ([2011.08.01 18:11:25 | 000,001,195 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost ::1 localhost 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com 127.0.0.1 adobe-dns-5.adobe.com 127.0.0.1 hh-software.com 127.0.0.1 127.0.0.1 activate.adobe.de 127.0.0.1 practivate.adobe.de 127.0.0.1 ereg.adobe.de 127.0.0.1 activate.wip3.adobe.de 127.0.0.1 wip3.adobe.de 127.0.0.1 3dns-3.adobe.de 127.0.0.1 3dns-2.adobe.de 127.0.0.1 adobe-dns.adobe.de 127.0.0.1 adobe-dns-2.adobe.de 127.0.0.1 adobe-dns-3.adobe.de 127.0.0.1 ereg.wip3.adobe.de 127.0.0.1 activate-sea.adobe.de 127.0.0.1 wwis-dubc1-vip60.adobe.de 127.0.0.1 activate-sjc0.adobe.de 127.0.0.1 wwis-dubc1-vip60.adobe.de 127.0.0.1 hl2rcv.adobe.de

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)

O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKCU..\Run: [AdobeBridge]  File not found

O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)

O4 - HKCU..\Run: [CreativeTaskScheduler] C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)

O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)

O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()

O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)

O4 - HKCU..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe ()

O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-V8MN4.exe ()

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - Startup: C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk = C:\Users\HAFX\Documents\LCDHost\LCDHost.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06C84457-AE19-4A2B-94B0-6C7567D79A33}: NameServer = 192.168.116.250

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{5496e40c-9046-11e0-a20f-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{5496e40c-9046-11e0-a20f-806e6f6e6963}\Shell\AutoRun\command - "" = J:\AutoRunCD.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.12.11 02:35:38 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Wireshark

[2011.12.11 02:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireshark

[2011.12.11 01:24:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011.12.10 23:32:15 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LCDHost

[2011.12.10 23:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LcdStudio

[2011.12.10 23:22:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LcdStudio

[2011.12.10 23:12:12 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timisoft

[2011.12.10 23:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Timisoft

[2011.12.10 22:31:42 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Desktop\Programme

[2011.12.09 19:58:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011.12.09 19:58:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011.12.09 19:58:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011.12.09 19:58:05 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011.12.09 19:58:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011.12.09 19:58:05 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011.12.09 19:58:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011.12.09 19:58:05 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011.12.09 19:58:05 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011.12.09 19:58:05 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011.12.09 19:58:05 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011.12.09 19:58:05 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011.12.09 19:58:05 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011.12.09 19:58:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011.12.09 19:58:05 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011.12.09 19:58:05 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011.12.09 19:58:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011.12.09 19:58:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011.12.09 19:58:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011.12.09 19:58:05 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011.12.09 19:58:05 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011.12.09 19:58:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011.12.09 19:58:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011.12.09 19:58:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011.12.09 19:58:05 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011.12.09 19:58:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011.12.09 19:58:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011.12.09 19:58:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011.12.09 19:58:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011.12.09 19:58:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011.12.09 19:58:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011.12.09 19:58:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011.12.09 19:58:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011.12.09 19:58:05 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011.12.09 19:58:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011.12.09 19:58:05 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011.12.09 19:58:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011.12.09 19:58:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011.12.09 19:58:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011.12.09 19:58:05 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011.12.09 19:58:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011.12.09 19:58:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011.12.09 19:58:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011.12.09 19:58:05 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011.12.09 19:58:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011.12.09 19:58:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011.12.09 19:58:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2011.12.09 19:58:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011.12.09 19:58:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011.12.09 19:58:05 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011.12.09 19:58:05 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011.12.09 19:58:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011.12.09 19:58:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011.12.09 19:58:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011.12.09 19:58:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2011.12.09 19:58:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011.12.09 19:58:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011.12.09 19:58:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011.12.09 19:58:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011.12.09 19:58:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011.12.09 19:58:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011.12.09 19:58:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011.12.09 19:58:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011.12.09 19:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011.12.09 19:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011.12.09 19:58:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011.12.09 19:58:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011.12.09 19:58:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011.12.09 19:58:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011.12.09 19:58:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011.12.09 19:58:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011.12.09 19:58:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011.12.08 20:13:57 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Documents\Battlefield 2

[2011.12.08 14:52:02 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2011.12.08 14:52:02 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2011.12.08 14:52:02 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2011.12.08 14:52:02 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2011.12.08 14:52:02 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2011.12.08 14:52:01 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2011.12.08 14:52:01 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2011.12.08 14:52:01 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2011.12.08 14:52:01 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2011.12.08 14:52:01 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2011.12.08 14:52:01 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2011.12.08 14:52:01 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2011.12.08 14:52:01 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2011.12.08 14:52:01 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2011.12.08 14:52:01 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2011.12.08 14:29:45 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2011.12.08 14:29:44 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2011.12.08 14:29:44 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2011.12.08 14:29:44 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2011.12.08 14:29:44 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll

[2011.12.08 14:29:44 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2011.12.08 14:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011.12.07 13:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

[2011.12.07 13:34:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2011.12.07 13:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony

[2011.12.06 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Vidalia

[2011.12.06 00:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle

[2011.12.06 00:20:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bundle

[2011.12.05 11:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster

[2011.12.05 11:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects

[2011.12.04 22:18:16 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Documents\Adobe

[2011.12.04 16:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON

[2011.12.03 20:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET

[2011.12.03 20:05:40 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Local\Paint.NET

[2011.12.03 12:42:10 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps

[2011.12.03 12:14:59 | 000,000,000 | R--D | C] -- C:\Sandbox

[2011.12.03 11:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie

[2011.12.03 11:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie

[2011.11.30 14:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story

[2011.11.30 14:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2011.11.26 13:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant

[2011.11.22 20:27:43 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll

[2011.11.22 20:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy

[2011.11.22 20:27:42 | 000,115,272 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys

[2011.11.22 16:52:13 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center

[2011.11.22 16:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI

[2011.11.22 16:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP

[2011.11.22 16:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.12.11 02:26:13 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347250277-935107026-2126249694-1000UA.job

[2011.12.11 01:54:01 | 000,092,241 | ---- | M] () -- C:\Users\HAFX\Desktop\1.jpg

[2011.12.11 01:08:11 | 000,709,968 | ---- | M] () -- C:\Windows\is-V8MN4.exe

[2011.12.11 01:08:11 | 000,012,782 | ---- | M] () -- C:\Windows\is-V8MN4.msg

[2011.12.11 01:08:11 | 000,000,374 | ---- | M] () -- C:\Windows\is-V8MN4.lst

[2011.12.11 01:05:29 | 000,007,605 | ---- | M] () -- C:\Users\HAFX\AppData\Local\Resmon.ResmonCfg

[2011.12.10 23:32:15 | 000,000,920 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk

[2011.12.10 17:25:00 | 000,001,806 | ---- | M] () -- C:\Windows\Sandboxie.ini

[2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.12.10 14:02:28 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2011.12.10 13:29:39 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.12.10 13:29:39 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.12.10 13:21:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.12.10 13:21:03 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys

[2011.12.09 19:58:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011.12.09 19:58:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011.12.09 19:58:05 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011.12.09 19:58:05 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011.12.09 19:58:05 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011.12.09 19:58:05 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011.12.09 19:58:05 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011.12.09 19:58:05 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011.12.09 19:58:05 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011.12.09 19:58:05 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011.12.09 19:58:05 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011.12.09 19:58:05 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011.12.09 19:58:05 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011.12.09 19:58:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011.12.09 19:58:05 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011.12.09 19:58:05 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011.12.09 19:58:05 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011.12.09 19:58:05 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011.12.09 19:58:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011.12.09 19:58:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011.12.09 19:58:05 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011.12.09 19:58:05 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011.12.09 19:58:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011.12.09 19:58:05 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011.12.09 19:58:05 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011.12.09 19:58:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011.12.09 19:58:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011.12.09 19:58:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011.12.09 19:58:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011.12.09 19:58:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011.12.09 19:58:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011.12.09 19:58:05 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011.12.09 19:58:05 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011.12.09 19:58:05 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011.12.09 19:58:05 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011.12.09 19:58:05 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011.12.09 19:58:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011.12.09 19:58:05 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011.12.09 19:58:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011.12.09 19:58:05 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011.12.09 19:58:05 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011.12.09 19:58:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011.12.09 19:58:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011.12.09 19:58:05 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011.12.09 19:58:05 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011.12.09 19:58:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011.12.09 19:58:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2011.12.09 19:58:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011.12.09 19:58:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011.12.09 19:58:05 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011.12.09 19:58:05 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011.12.09 19:58:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011.12.09 19:58:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011.12.09 19:58:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011.12.09 19:58:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2011.12.09 19:58:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011.12.09 19:58:05 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011.12.09 19:58:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2011.12.09 19:58:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2011.12.09 19:58:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011.12.09 19:58:05 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011.12.09 19:58:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011.12.09 19:58:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011.12.09 19:58:05 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011.12.09 19:58:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011.12.09 19:58:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011.12.09 19:58:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011.12.09 19:58:05 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011.12.09 19:58:05 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011.12.09 19:58:05 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011.12.09 19:58:05 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011.12.09 19:58:05 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011.12.09 19:58:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011.12.09 19:58:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011.12.06 17:23:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.12.05 18:01:16 | 004,863,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.12.05 11:26:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347250277-935107026-2126249694-1000Core.job

[2011.12.04 22:18:29 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI

[2011.12.01 14:32:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2011.11.28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys

[2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2011.11.27 03:00:11 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Crysis Wars(R) Updates.job

[2011.11.26 01:23:25 | 000,001,456 | ---- | M] () -- C:\Users\HAFX\AppData\Local\Adobe Für Web speichern 12.0 Prefs

[2011.11.18 15:06:44 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011.11.13 22:51:17 | 000,000,132 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Adobe PNG Format CS5 Prefs

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.12.11 01:54:00 | 000,092,241 | ---- | C] () -- C:\Users\HAFX\Desktop\1.jpg

[2011.12.11 01:08:11 | 000,709,968 | ---- | C] () -- C:\Windows\is-V8MN4.exe

[2011.12.11 01:08:11 | 000,012,782 | ---- | C] () -- C:\Windows\is-V8MN4.msg

[2011.12.11 01:08:11 | 000,000,374 | ---- | C] () -- C:\Windows\is-V8MN4.lst

[2011.12.11 01:05:29 | 000,007,605 | ---- | C] () -- C:\Users\HAFX\AppData\Local\Resmon.ResmonCfg

[2011.12.09 19:58:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2011.12.09 19:58:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2011.12.09 19:51:57 | 000,001,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk

[2011.12.04 19:25:55 | 000,001,973 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk

[2011.12.04 19:25:55 | 000,001,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk

[2011.12.04 19:25:55 | 000,001,931 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk

[2011.12.03 20:06:22 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk

[2011.12.03 11:59:59 | 000,001,806 | ---- | C] () -- C:\Windows\Sandboxie.ini

[2011.11.30 14:38:01 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk

[2011.11.30 14:36:17 | 000,001,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk

[2011.11.30 14:34:08 | 000,001,558 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk

[2011.11.26 13:09:45 | 000,001,050 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk

[2011.11.09 14:20:55 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe GIF Format CS5 Prefs

[2011.10.29 21:00:05 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe

[2011.10.26 02:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2011.10.26 02:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll

[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll

[2011.10.19 16:28:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011.10.18 09:15:08 | 000,104,072 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2011.09.25 19:03:44 | 000,011,959 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\PStrip.bak

[2011.09.25 19:03:35 | 000,013,501 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\PStrip.ini

[2011.09.25 09:01:11 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe

[2011.09.25 09:01:11 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll

[2011.09.25 09:01:11 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini

[2011.09.25 09:01:09 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl

[2011.09.25 09:00:49 | 000,000,925 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi

[2011.09.25 09:00:46 | 000,004,967 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg

[2011.09.25 08:36:14 | 000,000,558 | ---- | C] () -- C:\Windows\cmudaxp.ini

[2011.09.22 11:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2011.09.19 09:47:34 | 011,296,768 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Sandra.mdb

[2011.09.16 17:50:31 | 000,001,456 | ---- | C] () -- C:\Users\HAFX\AppData\Local\Adobe Für Web speichern 12.0 Prefs

[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2011.09.09 12:54:45 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe AIFF Format CS5 Prefs

[2011.07.15 13:57:05 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys

[2011.07.13 15:43:16 | 000,000,297 | ---- | C] () -- C:\Windows\game.ini

[2011.07.04 02:03:04 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI

[2011.07.04 01:05:44 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2011.07.04 01:05:43 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2011.07.04 01:05:41 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2011.07.04 01:05:41 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2011.07.04 01:05:41 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2011.06.17 14:31:21 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe

[2011.06.12 20:58:39 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011.06.09 19:47:15 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.06.08 18:26:55 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe Targa Format CS5 Prefs

[2011.06.08 12:46:20 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.06.08 12:46:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.06.08 12:46:17 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[2011.06.07 13:45:24 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini

[2011.06.07 13:45:23 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2011.06.07 13:45:23 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2011.06.06 17:34:14 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2011.03.31 07:59:24 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini

[2011.02.11 22:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 1367 bytes -> C:\ProgramData\Microsoft:U2iV3me43NFza2XPUx820

@Alternate Data Stream - 1357 bytes -> C:\Program Files\Common Files\Microsoft Shared:xxUmOKn2CIFF7ncJAr9bWbC

@Alternate Data Stream - 1306 bytes -> C:\ProgramData\Microsoft:yy695qjNbyqWGs5ty4DukRgN

@Alternate Data Stream - 1193 bytes -> C:\ProgramData\Microsoft:hARchZB5SPhtfYzcjeXGu
 

< End of report >

--- --- ---

Hi,

zur Sicherheit:
Bitte folgende Files prüfen:

Dateien Online überprüfen lassen:

Als erstes versteckte Dateien anzeigen lassen! (nur Punkt 1 durchführen!)

Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:

Code:

C:\Windows\is-V8MN4.exe

C:\Windows\SysWow64\ieuinit.inf

Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)

Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.

Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

Ein paar Alternate Data Streams, wir prüfen noch Bootblock und auf TDSS...

MBR-Check
Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.

Vista und Win7 User mit Rechtsklick "als Administrator starten"

Das Tool braucht nur eine Sekunde.

Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste bitte den Inhalt des .txt Dokumentes

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris

EDIT: KANN C:\Windows\is-V8MN4.exe NICHT FINDEN! Was soll ich nun tun?

Danke für die Hilfe! Hier der erste LOG:

Code:

File name:

ieuinit.inf

Submission date:

2011-11-24 03:31:55 (UTC)

Current status:

finished

Result:

0 /43 (0.0%)

        

VT Community
 

not reviewed

 Safety score: - 

Compact

Print results

Antivirus         Version         Last Update         Result

AhnLab-V3         2011.11.23.00         2011.11.23         -

AntiVir         7.11.18.25         2011.11.24         -

Antiy-AVL         2.0.3.7         2011.11.24         -

Avast         6.0.1289.0         2011.11.23         -

AVG         10.0.0.1190         2011.11.24         -

BitDefender         7.2         2011.11.24         -

ByteHero         1.0.0.1         2011.11.14         -

CAT-QuickHeal         12.00         2011.11.22         -

ClamAV         0.97.3.0         2011.11.24         -

Commtouch         5.3.2.6         2011.11.24         -

Comodo         10784         2011.11.23         -

DrWeb         5.0.2.03300         2011.11.24         -

Emsisoft         5.1.0.11         2011.11.24         -

eSafe         7.0.17.0         2011.11.24         -

eTrust-Vet         37.0.9584         2011.11.23         -

F-Prot         4.6.5.141         2011.11.23         -

F-Secure         9.0.16440.0         2011.11.24         -

Fortinet         4.3.370.0         2011.11.23         -

GData         22         2011.11.24         -

Ikarus         T3.1.1.109.0         2011.11.24         -

Jiangmin         13.0.900         2011.11.23         -

K7AntiVirus         9.119.5525         2011.11.23         -

Kaspersky         9.0.0.837         2011.11.23         -

McAfee         5.400.0.1158         2011.11.24         -

McAfee-GW-Edition         2010.1D         2011.11.23         -

Microsoft         1.7801         2011.11.23         -

NOD32         6654         2011.11.24         -

Norman         6.07.13         2011.11.23         -

nProtect         2011-11-23.01         2011.11.23         -

Panda         10.0.3.5         2011.11.23         -

PCTools         8.0.0.5         2011.11.24         -

Prevx         3.0         2011.11.24         -

Rising         23.85.02.01         2011.11.23         -

Sophos         4.71.0         2011.11.24         -

SUPERAntiSpyware         4.40.0.1006         2011.11.24         -

Symantec         20111.2.0.82         2011.11.24         -

TheHacker         6.7.0.1.347         2011.11.23         -

TrendMicro         9.500.0.1008         2011.11.24         -

TrendMicro-HouseCall         9.500.0.1008         2011.11.24         -

VBA32         3.12.16.4         2011.11.23         -

VIPRE         11132         2011.11.24         -

ViRobot         2011.11.24.4790         2011.11.24         -

VirusBuster         14.1.81.1         2011.11.23         -

Additional information

MD5   : 4b333d3cc96ae66bd754329fd2989ee2

SHA1  : cb710b1fdc4f5bf9cbd1c4843aeeb510ee5af1af

SHA256: f7a607c372126429105a3f540452d1cc93c5cb306d772bbd607ee7f5308b496d

ssdeep: 768:/QDJcHQm3bfG9FSwOqbRiAG3Jsrhjy1z1+wYRIPQyg0MTZAE7Bac:/QDJcHetci

File size : 72822 bytes

First seen: 2011-04-22 18:17:04

Last seen : 2011-11-24 03:31:55

Magic: Non-ISO extended-ASCII English text, with very long lines, with CRLF line terminators

TrID:

Unknown!

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

PEiD: -

Androguard:

-

ExifTool:

-
 

VT Community

Hier das Log von MBRCheck:

Code:

MBRCheck, version 1.2.3

(c) 2010, AD
 

Command-line:                        

Windows Version:                Windows 7 Ultimate Edition

Windows Information:                Service Pack 1 (build 7601), 64-bit

Base Board Manufacturer:        ASUSTeK Computer INC.

BIOS Manufacturer:                American Megatrends Inc.

System Manufacturer:                System manufacturer

System Product Name:                System Product Name

Logical Drives Mask:                0x0000001c
 

Kernel Drivers (total 171):

  0x0365D000 \SystemRoot\system32\ntoskrnl.exe

  0x03614000 \SystemRoot\system32\hal.dll

  0x00BA2000 \SystemRoot\system32\kdcom.dll

  0x00CF2000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll

  0x00CFF000 \SystemRoot\system32\PSHED.dll

  0x00D13000 \SystemRoot\system32\CLFS.SYS

  0x00C00000 \SystemRoot\system32\CI.dll

  0x00E02000 \SystemRoot\system32\drivers\Wdf01000.sys

  0x00EA6000 \SystemRoot\system32\drivers\WDFLDR.SYS

  0x00EB5000 \SystemRoot\system32\drivers\ACPI.sys

  0x00F0C000 \SystemRoot\system32\drivers\WMILIB.SYS

  0x00F15000 \SystemRoot\system32\drivers\msisadrv.sys

  0x00F1F000 \SystemRoot\system32\drivers\pci.sys

  0x00F52000 \SystemRoot\system32\drivers\vdrvroot.sys

  0x00F5F000 \SystemRoot\System32\drivers\partmgr.sys

  0x00F74000 \SystemRoot\system32\drivers\volmgr.sys

  0x00F89000 \SystemRoot\System32\drivers\volmgrx.sys

  0x00FE5000 \SystemRoot\system32\drivers\pciide.sys

  0x00FEC000 \SystemRoot\system32\drivers\PCIIDEX.SYS

  0x00CC0000 \SystemRoot\System32\drivers\mountmgr.sys

  0x00D71000 \SystemRoot\system32\drivers\vmbus.sys

  0x00DAD000 \SystemRoot\system32\drivers\winhv.sys

  0x00DC1000 \SystemRoot\system32\drivers\atapi.sys

  0x00DCA000 \SystemRoot\system32\drivers\ataport.SYS

  0x00DF4000 \SystemRoot\system32\drivers\amdxata.sys

  0x010A5000 \SystemRoot\system32\drivers\fltmgr.sys

  0x010F1000 \SystemRoot\system32\drivers\fileinfo.sys

  0x01105000 \SystemRoot\System32\Drivers\PxHlpa64.sys

  0x01245000 \SystemRoot\System32\Drivers\Ntfs.sys

  0x01112000 \SystemRoot\System32\Drivers\msrpc.sys

  0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys

  0x01170000 \SystemRoot\System32\Drivers\cng.sys

  0x0121B000 \SystemRoot\System32\drivers\pcw.sys

  0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys

  0x01448000 \SystemRoot\system32\drivers\ndis.sys

  0x0153B000 \SystemRoot\system32\drivers\NETIO.SYS

  0x0159B000 \SystemRoot\System32\Drivers\ksecpkg.sys

  0x016BD000 \SystemRoot\System32\drivers\tcpip.sys

  0x018C1000 \SystemRoot\System32\drivers\fwpkclnt.sys

  0x0190B000 \SystemRoot\system32\drivers\vmstorfl.sys

  0x0191B000 \SystemRoot\system32\drivers\volsnap.sys

  0x01967000 \SystemRoot\System32\Drivers\spldr.sys

  0x0196F000 \SystemRoot\SysWOW64\speedfan.sys

  0x01979000 \SystemRoot\System32\drivers\rdyboost.sys

  0x019B3000 \SystemRoot\System32\Drivers\mup.sys

  0x019C5000 \SystemRoot\System32\drivers\hwpolicy.sys

  0x01600000 \SystemRoot\System32\DRIVERS\fvevol.sys

  0x0163A000 \SystemRoot\system32\DRIVERS\disk.sys

  0x01650000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS

  0x01000000 \SystemRoot\System32\Drivers\aswSnx.SYS

  0x019CE000 \SystemRoot\System32\Drivers\Null.SYS

  0x019D7000 \SystemRoot\System32\Drivers\Beep.SYS

  0x019DE000 \SystemRoot\System32\drivers\vga.sys

  0x015C6000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

  0x019EC000 \SystemRoot\System32\drivers\watchdog.sys

  0x015EB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys

  0x015F4000 \SystemRoot\system32\drivers\rdpencdd.sys

  0x01400000 \SystemRoot\system32\drivers\rdprefmp.sys

  0x01409000 \SystemRoot\System32\Drivers\Msfs.SYS

  0x01414000 \SystemRoot\System32\Drivers\Npfs.SYS

  0x01425000 \SystemRoot\system32\DRIVERS\tdx.sys

  0x01236000 \SystemRoot\system32\DRIVERS\TDI.SYS

  0x013E8000 \SystemRoot\System32\Drivers\aswTdi.SYS

  0x04246000 \SystemRoot\system32\drivers\afd.sys

  0x042CF000 \SystemRoot\System32\Drivers\aswRdr.SYS

  0x042DC000 \SystemRoot\System32\DRIVERS\netbt.sys

  0x04321000 \SystemRoot\system32\DRIVERS\wfplwf.sys

  0x0432A000 \SystemRoot\system32\DRIVERS\pacer.sys

  0x04350000 \SystemRoot\system32\DRIVERS\netbios.sys

  0x0435F000 \SystemRoot\system32\DRIVERS\serial.sys

  0x0437C000 \SystemRoot\system32\DRIVERS\wanarp.sys

  0x04397000 \SystemRoot\System32\drivers\truecrypt.sys

  0x043D8000 \SystemRoot\system32\drivers\termdd.sys

  0x043EC000 \??\C:\Windows\system32\drivers\STGMFEngine64.sys

  0x04021000 \SystemRoot\system32\DRIVERS\rdbss.sys

  0x04072000 \SystemRoot\system32\drivers\nsiproxy.sys

  0x0407E000 \SystemRoot\system32\drivers\mssmbios.sys

  0x04089000 \SystemRoot\System32\drivers\discache.sys

  0x04098000 \SystemRoot\system32\drivers\csc.sys

  0x0411B000 \SystemRoot\System32\Drivers\dfsc.sys

  0x04139000 \SystemRoot\system32\DRIVERS\blbdrive.sys

  0x0414A000 \SystemRoot\System32\Drivers\aswSP.SYS

  0x0419B000 \SystemRoot\system32\DRIVERS\tunnel.sys

  0x041C1000 \SystemRoot\system32\DRIVERS\amdppm.sys

  0x13011000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys

  0x13C88000 \SystemRoot\System32\drivers\dxgkrnl.sys

  0x13D7C000 \SystemRoot\System32\drivers\dxgmms1.sys

  0x13DC2000 \SystemRoot\system32\drivers\1394ohci.sys

  0x13000000 \SystemRoot\system32\DRIVERS\usbohci.sys

  0x04A8D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS

  0x04AE3000 \SystemRoot\system32\DRIVERS\usbehci.sys

  0x04AF4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

  0x04B18000 \SystemRoot\system32\DRIVERS\ASACPI.sys

  0x04B20000 \SystemRoot\system32\DRIVERS\serenum.sys

  0x04C81000 \SystemRoot\system32\drivers\cmudaxp.sys

  0x04FAC000 \SystemRoot\system32\drivers\portcls.sys

  0x04C00000 \SystemRoot\system32\drivers\drmk.sys

  0x04C22000 \SystemRoot\system32\drivers\ks.sys

  0x04C65000 \SystemRoot\system32\drivers\ksthunk.sys

  0x04B2C000 \SystemRoot\system32\DRIVERS\Rt64win7.sys

  0x04C6B000 \SystemRoot\system32\drivers\wmiacpi.sys

  0x04FE9000 \SystemRoot\system32\drivers\CompositeBus.sys

  0x04C74000 \SystemRoot\system32\DRIVERS\vcsvad.sys

  0x04BB1000 \SystemRoot\system32\DRIVERS\AgileVpn.sys

  0x04BC7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

  0x04BEB000 \SystemRoot\system32\DRIVERS\ndistapi.sys

  0x04A00000 \SystemRoot\system32\DRIVERS\ndiswan.sys

  0x04A2F000 \SystemRoot\system32\DRIVERS\raspppoe.sys

  0x04A4A000 \SystemRoot\system32\DRIVERS\raspptp.sys

  0x04A6B000 \SystemRoot\system32\DRIVERS\rassstp.sys

  0x041D6000 \SystemRoot\system32\DRIVERS\rdpbus.sys

  0x041E1000 \SystemRoot\system32\DRIVERS\kbdclass.sys

  0x041F0000 \SystemRoot\system32\DRIVERS\mouclass.sys

  0x04C7E000 \SystemRoot\system32\drivers\swenum.sys

  0x04FF9000 \SystemRoot\system32\drivers\LGBusEnum.sys

  0x04000000 \SystemRoot\system32\DRIVERS\amdiox64.sys

  0x04231000 \SystemRoot\system32\drivers\umbus.sys

  0x05217000 \SystemRoot\system32\DRIVERS\usbhub.sys

  0x05271000 \SystemRoot\System32\Drivers\NDProxy.SYS

  0x05286000 \SystemRoot\system32\drivers\HdAudio.sys

  0x052E2000 \SystemRoot\system32\DRIVERS\usbccgp.sys

  0x052FF000 \SystemRoot\system32\DRIVERS\USBD.SYS

  0x05301000 \SystemRoot\system32\DRIVERS\hidusb.sys

  0x0530F000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

  0x05328000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

  0x05331000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys

  0x05347000 \SystemRoot\system32\DRIVERS\mouhid.sys

  0x05354000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys

  0x05368000 \SystemRoot\system32\DRIVERS\kbdhid.sys

  0x05376000 \SystemRoot\System32\Drivers\crashdmp.sys

  0x05384000 \SystemRoot\System32\Drivers\dump_dumpata.sys

  0x05390000 \SystemRoot\System32\Drivers\dump_atapi.sys

  0x05399000 \SystemRoot\System32\Drivers\dump_dumpfve.sys

  0x053AC000 \SystemRoot\System32\Drivers\LGPBTDD.sys

  0x053B7000 \SystemRoot\system32\DRIVERS\MijXfilt.sys

  0x053D8000 \SystemRoot\system32\DRIVERS\xusb21.sys

  0x000D0000 \SystemRoot\System32\win32k.sys

  0x053E9000 \SystemRoot\System32\drivers\Dxapi.sys

  0x04200000 \SystemRoot\system32\drivers\usbaudio.sys

  0x05200000 \SystemRoot\system32\drivers\XENfiltv.sys

  0x0421B000 \SystemRoot\system32\DRIVERS\monitor.sys

  0x00580000 \SystemRoot\System32\TSDDD.dll

  0x00610000 \SystemRoot\System32\cdd.dll

  0x00810000 \SystemRoot\System32\ATMFD.DLL

  0x01680000 \SystemRoot\system32\drivers\luafv.sys

  0x02218000 \??\C:\Windows\system32\drivers\aswMonFlt.sys

  0x02254000 \SystemRoot\System32\Drivers\aswFsBlk.SYS

  0x0225D000 \SystemRoot\system32\drivers\WudfPf.sys

  0x0227E000 \??\C:\Program Files\Sandboxie\SbieDrv.sys

  0x022A8000 \SystemRoot\system32\DRIVERS\WUDFRd.sys

  0x022D9000 \SystemRoot\system32\DRIVERS\lltdio.sys

  0x022EE000 \SystemRoot\system32\DRIVERS\rspndr.sys

  0x02306000 \SystemRoot\system32\drivers\HTTP.sys

  0x023CF000 \SystemRoot\system32\DRIVERS\bowser.sys

  0x02200000 \SystemRoot\System32\drivers\mpsdrv.sys

  0x06C29000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

  0x06C56000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

  0x06CA4000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

  0x06CC8000 \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

  0x06CF9000 \SystemRoot\system32\drivers\LGVirHid.sys

  0x06CFC000 \SystemRoot\system32\drivers\peauth.sys

  0x06DA2000 \SystemRoot\System32\Drivers\secdrv.SYS

  0x06DAD000 \SystemRoot\System32\DRIVERS\srvnet.sys

  0x06DDE000 \SystemRoot\System32\drivers\tcpipreg.sys

  0x07CC9000 \SystemRoot\System32\DRIVERS\srv2.sys

  0x07D32000 \SystemRoot\System32\DRIVERS\srv.sys

  0x07DCA000 \??\C:\Users\HAFX\AppData\Local\Temp\ALSysIO64.sys

  0x07DDE000 \??\C:\Windows\system32\drivers\mbam.sys

  0x774C0000 \Windows\System32\ntdll.dll

  0x47B70000 \Windows\System32\smss.exe

  0xFF7E0000 \Windows\System32\apisetschema.dll
 

Processes (total 93):

       0 System Idle Process

       4 System

     360 C:\Windows\System32\smss.exe

     448 csrss.exe

     520 C:\Windows\System32\wininit.exe

     548 csrss.exe

     584 C:\Windows\System32\services.exe

     608 C:\Windows\System32\lsass.exe

     616 C:\Windows\System32\lsm.exe

     716 C:\Windows\System32\svchost.exe

     784 C:\Windows\System32\winlogon.exe

     840 C:\Windows\System32\nvvsvc.exe

     880 C:\Windows\System32\svchost.exe

     940 C:\Windows\System32\atiesrxx.exe

    1008 C:\Windows\System32\svchost.exe

     404 C:\Windows\System32\svchost.exe

     428 C:\Windows\System32\svchost.exe

    1072 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

    1132 C:\Windows\System32\svchost.exe

    1204 C:\Program Files\Sandboxie\SbieSvc.exe

    1304 WUDFHost.exe

    1312 C:\Windows\System32\atieclxx.exe

    1344 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

    1356 C:\Windows\System32\nvvsvc.exe

    1468 WUDFHost.exe

    1532 C:\Windows\System32\svchost.exe

    1588 C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    1908 C:\Windows\System32\dwm.exe

    1948 C:\Windows\explorer.exe

    2220 C:\Windows\System32\spoolsv.exe

    2232 C:\Windows\System32\taskhost.exe

    2264 C:\Windows\System32\svchost.exe

    2416 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    2460 C:\Windows\SysWOW64\svchost.exe

    2552 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

    2560 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

    2572 C:\Windows\System32\taskeng.exe

    2664 C:\Program Files\Logitech Gaming Software\LCore.exe

    2816 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    2836 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

    2888 C:\Program Files\Core Temp\Core Temp.exe

    3040 C:\Program Files (x86)\RocketDock\RocketDock.exe

    1852 C:\Program Files\Bonjour\mDNSResponder.exe

    2120 C:\Windows\SysWOW64\PnkBstrA.exe

    2116 C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe

    2672 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDClock.exe

    2636 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe

    2404 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x64\LCDPictureViewer.exe

    2768 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDRSS.exe

    2292 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDMovieViewer.exe

    2080 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDWebCam.exe

    2512 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDYT.exe

    2508 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDCountdown.exe

    3016 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDPop3.exe

    2904 C:\Windows\SysWOW64\STGRAMDiskHandler64.exe

    1384 C:\Windows\System32\svchost.exe

    3116 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

    3144 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

    3384 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

    3488 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    3616 C:\Program Files\Windows Media Player\WMPSideShowGadget.exe

    3640 C:\Program Files\Logitech\SetPointG\SetPointII.exe

    3960 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

    3548 C:\Program Files (x86)\Windows Media Player\wmplayer.exe

    1968 C:\Windows\System32\SearchIndexer.exe

    3692 taskhost.exe

    4312 C:\Windows\System32\svchost.exe

    4424 C:\Windows\System32\svchost.exe

    4488 C:\Program Files (x86)\Origin\Origin.exe

    4604 C:\Program Files (x86)\Creative\Shared Files\CTSched.exe

    4496 C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe

    4704 C:\Program Files\Sandboxie\SbieCtrl.exe

    1992 C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe

    4824 C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe

    4884 C:\Program Files\AVAST Software\Avast\AvastUI.exe

    5016 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

    4172 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

    5116 C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe

    4416 C:\Users\HAFX\Documents\LCDHost\LCDHost.exe

    4764 C:\Program Files\Windows Media Player\wmpnetwk.exe

    5380 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

    1512 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

    5224 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

    3744 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    4780 C:\Windows\System32\svchost.exe

    5848 C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    3284 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

    5576 C:\Windows\System32\SearchProtocolHost.exe

    1560 C:\Windows\System32\SearchFilterHost.exe

    5248 C:\Windows\explorer.exe

    3280 C:\Users\HAFX\Desktop\MBRCheck.exe

    2472 C:\Windows\System32\conhost.exe

    3600 C:\Windows\System32\dllhost.exe
 

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000  (NTFS)

\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000030`d4100000  (NTFS)

\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000006d`dd100000  (NTFS)
 

PhysicalDrive0 Model Number: HitachiHDP725050GLA360, Rev: GM4OA5CA
 

      Size  Device Name          MBR Status

  --------------------------------------------

    465 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected

            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
 
 

Done!

TDSS Killer hat nichts gefunden, hier der LOG:

Code:

12:48:03.0995 4628        TDSS rootkit removing tool 2.6.22.0 Dec  7 2011 13:21:06

12:48:04.0488 4628        ============================================================

12:48:04.0489 4628        Current date / time: 2011/12/11 12:48:04.0488

12:48:04.0489 4628        SystemInfo:

12:48:04.0489 4628        

12:48:04.0489 4628        OS Version: 6.1.7601 ServicePack: 1.0

12:48:04.0489 4628        Product type: Workstation

12:48:04.0489 4628        ComputerName: HAFX-PC

12:48:04.0489 4628        UserName: HAFX

12:48:04.0489 4628        Windows directory: C:\Windows

12:48:04.0489 4628        System windows directory: C:\Windows

12:48:04.0489 4628        Running under WOW64

12:48:04.0489 4628        Processor architecture: Intel x64

12:48:04.0489 4628        Number of processors: 6

12:48:04.0489 4628        Page size: 0x1000

12:48:04.0489 4628        Boot type: Normal boot

12:48:04.0489 4628        ============================================================

12:48:05.0399 4628        Initialize success

12:48:12.0197 5500        ============================================================

12:48:12.0197 5500        Scan started

12:48:12.0197 5500        Mode: Manual; 

12:48:12.0197 5500        ============================================================

12:48:13.0315 5500        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

12:48:13.0319 5500        1394ohci - ok

12:48:13.0345 5500        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

12:48:13.0349 5500        ACPI - ok

12:48:13.0363 5500        AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

12:48:13.0364 5500        AcpiPmi - ok

12:48:13.0465 5500        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

12:48:13.0472 5500        adp94xx - ok

12:48:13.0503 5500        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

12:48:13.0507 5500        adpahci - ok

12:48:13.0525 5500        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

12:48:13.0528 5500        adpu320 - ok

12:48:13.0567 5500        AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

12:48:13.0573 5500        AFD - ok

12:48:13.0643 5500        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

12:48:13.0645 5500        agp440 - ok

12:48:13.0702 5500        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

12:48:13.0703 5500        aliide - ok

12:48:13.0784 5500        ALSysIO - ok

12:48:13.0891 5500        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

12:48:13.0892 5500        amdide - ok

12:48:13.0934 5500        amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

12:48:13.0935 5500        amdiox64 - ok

12:48:13.0980 5500        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

12:48:13.0982 5500        AmdK8 - ok

12:48:14.0200 5500        amdkmdag        (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys

12:48:14.0360 5500        amdkmdag - ok

12:48:14.0428 5500        amdkmdap        (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys

12:48:14.0430 5500        amdkmdap - ok

12:48:14.0469 5500        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

12:48:14.0470 5500        AmdPPM - ok

12:48:14.0498 5500        amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

12:48:14.0500 5500        amdsata - ok

12:48:14.0515 5500        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

12:48:14.0518 5500        amdsbs - ok

12:48:14.0545 5500        amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

12:48:14.0546 5500        amdxata - ok

12:48:14.0596 5500        AODDriver4.01   (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

12:48:14.0597 5500        AODDriver4.01 - ok

12:48:14.0676 5500        AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

12:48:14.0678 5500        AppID - ok

12:48:14.0734 5500        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

12:48:14.0736 5500        arc - ok

12:48:14.0753 5500        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

12:48:14.0755 5500        arcsas - ok

12:48:14.0866 5500        aswFsBlk        (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys

12:48:14.0867 5500        aswFsBlk - ok

12:48:14.0888 5500        aswMonFlt       (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys

12:48:14.0889 5500        aswMonFlt - ok

12:48:14.0904 5500        aswRdr          (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys

12:48:14.0904 5500        aswRdr - ok

12:48:14.0930 5500        aswSnx          (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys

12:48:14.0933 5500        aswSnx - ok

12:48:14.0953 5500        aswSP           (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys

12:48:14.0955 5500        aswSP - ok

12:48:14.0971 5500        aswTdi          (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys

12:48:14.0971 5500        aswTdi - ok

12:48:14.0988 5500        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

12:48:14.0989 5500        AsyncMac - ok

12:48:15.0049 5500        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

12:48:15.0050 5500        atapi - ok

12:48:15.0093 5500        AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys

12:48:15.0095 5500        AtiHDAudioService - ok

12:48:15.0164 5500        atillk64 - ok

12:48:15.0231 5500        ATSwpWDF        (ea512f43f4a28d18b52cafe8c93984fb) C:\Windows\system32\Drivers\ATSwpWDF.sys

12:48:15.0235 5500        ATSwpWDF - ok

12:48:15.0291 5500        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

12:48:15.0296 5500        b06bdrv - ok

12:48:15.0333 5500        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

12:48:15.0337 5500        b57nd60a - ok

12:48:15.0382 5500        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

12:48:15.0383 5500        Beep - ok

12:48:15.0414 5500        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

12:48:15.0416 5500        blbdrive - ok

12:48:15.0470 5500        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

12:48:15.0472 5500        bowser - ok

12:48:15.0518 5500        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

12:48:15.0519 5500        BrFiltLo - ok

12:48:15.0573 5500        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

12:48:15.0574 5500        BrFiltUp - ok

12:48:15.0596 5500        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

12:48:15.0600 5500        Brserid - ok

12:48:15.0616 5500        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

12:48:15.0617 5500        BrSerWdm - ok

12:48:15.0628 5500        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

12:48:15.0629 5500        BrUsbMdm - ok

12:48:15.0636 5500        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

12:48:15.0637 5500        BrUsbSer - ok

12:48:15.0664 5500        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

12:48:15.0666 5500        BTHMODEM - ok

12:48:15.0699 5500        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

12:48:15.0701 5500        cdfs - ok

12:48:15.0768 5500        cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

12:48:15.0771 5500        cdrom - ok

12:48:15.0795 5500        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

12:48:15.0796 5500        circlass - ok

12:48:15.0826 5500        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

12:48:15.0831 5500        CLFS - ok

12:48:15.0885 5500        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

12:48:15.0886 5500        CmBatt - ok

12:48:15.0947 5500        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

12:48:15.0948 5500        cmdide - ok

12:48:16.0058 5500        cmudaxp         (0367f029425cbd5506e8db2757ff3a8f) C:\Windows\system32\drivers\cmudaxp.sys

12:48:16.0076 5500        cmudaxp - ok

12:48:16.0147 5500        CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

12:48:16.0153 5500        CNG - ok

12:48:16.0176 5500        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

12:48:16.0177 5500        Compbatt - ok

12:48:16.0268 5500        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

12:48:16.0269 5500        CompositeBus - ok

12:48:16.0324 5500        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

12:48:16.0325 5500        crcdisk - ok

12:48:16.0384 5500        CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

12:48:16.0390 5500        CSC - ok

12:48:16.0427 5500        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

12:48:16.0429 5500        DfsC - ok

12:48:16.0447 5500        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

12:48:16.0449 5500        discache - ok

12:48:16.0516 5500        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

12:48:16.0517 5500        Disk - ok

12:48:16.0548 5500        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

12:48:16.0549 5500        drmkaud - ok

12:48:16.0579 5500        DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

12:48:16.0589 5500        DXGKrnl - ok

12:48:16.0652 5500        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

12:48:16.0682 5500        ebdrv - ok

12:48:16.0756 5500        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

12:48:16.0762 5500        elxstor - ok

12:48:16.0784 5500        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

12:48:16.0785 5500        ErrDev - ok

12:48:16.0822 5500        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

12:48:16.0825 5500        exfat - ok

12:48:16.0844 5500        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

12:48:16.0847 5500        fastfat - ok

12:48:16.0877 5500        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

12:48:16.0878 5500        fdc - ok

12:48:16.0940 5500        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

12:48:16.0941 5500        FileInfo - ok

12:48:16.0952 5500        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

12:48:16.0953 5500        Filetrace - ok

12:48:16.0979 5500        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

12:48:16.0981 5500        flpydisk - ok

12:48:17.0014 5500        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

12:48:17.0018 5500        FltMgr - ok

12:48:17.0040 5500        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

12:48:17.0041 5500        FsDepends - ok

12:48:17.0058 5500        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

12:48:17.0059 5500        Fs_Rec - ok

12:48:17.0158 5500        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

12:48:17.0162 5500        fvevol - ok

12:48:17.0196 5500        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

12:48:17.0197 5500        gagp30kx - ok

12:48:17.0213 5500        GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

12:48:17.0214 5500        GEARAspiWDM - ok

12:48:17.0231 5500        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

12:48:17.0232 5500        hcw85cir - ok

12:48:17.0275 5500        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

12:48:17.0277 5500        HdAudAddService - ok

12:48:17.0334 5500        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

12:48:17.0335 5500        HDAudBus - ok

12:48:17.0349 5500        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

12:48:17.0350 5500        HidBatt - ok

12:48:17.0375 5500        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

12:48:17.0377 5500        HidBth - ok

12:48:17.0389 5500        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

12:48:17.0390 5500        HidIr - ok

12:48:17.0418 5500        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

12:48:17.0418 5500        HidUsb - ok

12:48:17.0438 5500        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

12:48:17.0440 5500        HpSAMD - ok

12:48:17.0473 5500        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

12:48:17.0481 5500        HTTP - ok

12:48:17.0544 5500        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

12:48:17.0545 5500        hwpolicy - ok

12:48:17.0590 5500        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

12:48:17.0592 5500        i8042prt - ok

12:48:17.0623 5500        iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

12:48:17.0628 5500        iaStorV - ok

12:48:17.0725 5500        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

12:48:17.0726 5500        iirsp - ok

12:48:17.0753 5500        IntcAzAudAddService - ok

12:48:17.0783 5500        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

12:48:17.0784 5500        intelide - ok

12:48:17.0801 5500        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

12:48:17.0803 5500        intelppm - ok

12:48:17.0826 5500        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:48:17.0828 5500        IpFilterDriver - ok

12:48:17.0851 5500        IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

12:48:17.0853 5500        IPMIDRV - ok

12:48:17.0914 5500        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

12:48:17.0916 5500        IPNAT - ok

12:48:17.0956 5500        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

12:48:17.0957 5500        IRENUM - ok

12:48:17.0975 5500        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

12:48:17.0976 5500        isapnp - ok

12:48:17.0996 5500        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

12:48:18.0000 5500        iScsiPrt - ok

12:48:18.0066 5500        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

12:48:18.0067 5500        kbdclass - ok

12:48:18.0114 5500        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

12:48:18.0115 5500        kbdhid - ok

12:48:18.0141 5500        KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

12:48:18.0143 5500        KSecDD - ok

12:48:18.0171 5500        KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

12:48:18.0173 5500        KSecPkg - ok

12:48:18.0193 5500        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

12:48:18.0194 5500        ksthunk - ok

12:48:18.0296 5500        LGBusEnum       (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys

12:48:18.0297 5500        LGBusEnum - ok

12:48:18.0309 5500        LGPBTDD         (f705a641c18df31b48b5dbda94b425e4) C:\Windows\system32\Drivers\LGPBTDD.sys

12:48:18.0310 5500        LGPBTDD - ok

12:48:18.0334 5500        LGVirHid        (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys

12:48:18.0335 5500        LGVirHid - ok

12:48:18.0362 5500        LHidFilt        (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys

12:48:18.0363 5500        LHidFilt - ok

12:48:18.0376 5500        libusb0 - ok

12:48:18.0411 5500        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

12:48:18.0413 5500        lltdio - ok

12:48:18.0466 5500        LMouFilt        (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys

12:48:18.0467 5500        LMouFilt - ok

12:48:18.0489 5500        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

12:48:18.0491 5500        LSI_FC - ok

12:48:18.0499 5500        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

12:48:18.0501 5500        LSI_SAS - ok

12:48:18.0513 5500        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

12:48:18.0514 5500        LSI_SAS2 - ok

12:48:18.0523 5500        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

12:48:18.0525 5500        LSI_SCSI - ok

12:48:18.0543 5500        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

12:48:18.0545 5500        luafv - ok

12:48:18.0607 5500        MBAMProtector   (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

12:48:18.0608 5500        MBAMProtector - ok

12:48:18.0676 5500        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

12:48:18.0678 5500        megasas - ok

12:48:18.0697 5500        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

12:48:18.0701 5500        MegaSR - ok

12:48:18.0728 5500        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

12:48:18.0730 5500        Modem - ok

12:48:18.0746 5500        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

12:48:18.0747 5500        monitor - ok

12:48:18.0775 5500        MotioninJoyXFilter (5fec1ff5bb9a1fa5c9cf4544d19d6d5d) C:\Windows\system32\DRIVERS\MijXfilt.sys

12:48:18.0776 5500        MotioninJoyXFilter - ok

12:48:18.0843 5500        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

12:48:18.0844 5500        mouclass - ok

12:48:18.0881 5500        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

12:48:18.0882 5500        mouhid - ok

12:48:18.0911 5500        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

12:48:18.0913 5500        mountmgr - ok

12:48:18.0941 5500        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

12:48:18.0944 5500        mpio - ok

12:48:18.0961 5500        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

12:48:18.0963 5500        mpsdrv - ok

12:48:19.0034 5500        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

12:48:19.0036 5500        MRxDAV - ok

12:48:19.0060 5500        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

12:48:19.0063 5500        mrxsmb - ok

12:48:19.0095 5500        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:48:19.0097 5500        mrxsmb10 - ok

12:48:19.0108 5500        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:48:19.0110 5500        mrxsmb20 - ok

12:48:19.0135 5500        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

12:48:19.0136 5500        msahci - ok

12:48:19.0165 5500        msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

12:48:19.0167 5500        msdsm - ok

12:48:19.0238 5500        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

12:48:19.0239 5500        Msfs - ok

12:48:19.0257 5500        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

12:48:19.0258 5500        mshidkmdf - ok

12:48:19.0271 5500        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

12:48:19.0272 5500        msisadrv - ok

12:48:19.0299 5500        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

12:48:19.0300 5500        MSKSSRV - ok

12:48:19.0316 5500        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

12:48:19.0317 5500        MSPCLOCK - ok

12:48:19.0327 5500        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

12:48:19.0328 5500        MSPQM - ok

12:48:19.0356 5500        MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

12:48:19.0360 5500        MsRPC - ok

12:48:19.0424 5500        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

12:48:19.0425 5500        mssmbios - ok

12:48:19.0453 5500        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

12:48:19.0454 5500        MSTEE - ok

12:48:19.0466 5500        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

12:48:19.0467 5500        MTConfig - ok

12:48:19.0496 5500        MTsensor        (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys

12:48:19.0497 5500        MTsensor - ok

12:48:19.0509 5500        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

12:48:19.0510 5500        Mup - ok

12:48:19.0570 5500        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

12:48:19.0574 5500        NativeWifiP - ok

12:48:19.0618 5500        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

12:48:19.0628 5500        NDIS - ok

12:48:19.0651 5500        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

12:48:19.0653 5500        NdisCap - ok

12:48:19.0675 5500        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

12:48:19.0676 5500        NdisTapi - ok

12:48:19.0693 5500        Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

12:48:19.0695 5500        Ndisuio - ok

12:48:19.0755 5500        NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

12:48:19.0757 5500        NdisWan - ok

12:48:19.0784 5500        NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

12:48:19.0785 5500        NDProxy - ok

12:48:19.0812 5500        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

12:48:19.0814 5500        NetBIOS - ok

12:48:19.0841 5500        NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

12:48:19.0845 5500        NetBT - ok

12:48:19.0953 5500        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

12:48:19.0955 5500        nfrd960 - ok

12:48:19.0988 5500        npf             (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys

12:48:19.0989 5500        npf - ok

12:48:20.0005 5500        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

12:48:20.0007 5500        Npfs - ok

12:48:20.0021 5500        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

12:48:20.0022 5500        nsiproxy - ok

12:48:20.0081 5500        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

12:48:20.0096 5500        Ntfs - ok

12:48:20.0159 5500        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

12:48:20.0160 5500        Null - ok

12:48:20.0184 5500        NVHDA - ok

12:48:20.0412 5500        nvlddmkm        (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:48:20.0608 5500        nvlddmkm - ok

12:48:20.0670 5500        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

12:48:20.0673 5500        nvraid - ok

12:48:20.0691 5500        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

12:48:20.0694 5500        nvstor - ok

12:48:20.0740 5500        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

12:48:20.0742 5500        nv_agp - ok

12:48:20.0771 5500        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

12:48:20.0773 5500        ohci1394 - ok

12:48:20.0845 5500        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

12:48:20.0847 5500        Parport - ok

12:48:20.0869 5500        partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

12:48:20.0870 5500        partmgr - ok

12:48:20.0947 5500        pbfilter        (55223eefabfdb84a926515febab50d9a) C:\Program Files\PeerBlock\pbfilter.sys

12:48:20.0948 5500        pbfilter - ok

12:48:21.0017 5500        pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

12:48:21.0019 5500        pci - ok

12:48:21.0035 5500        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

12:48:21.0037 5500        pciide - ok

12:48:21.0067 5500        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

12:48:21.0070 5500        pcmcia - ok

12:48:21.0089 5500        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

12:48:21.0090 5500        pcw - ok

12:48:21.0107 5500        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

12:48:21.0115 5500        PEAUTH - ok

12:48:21.0207 5500        PPJoyBus        (610183c42efb6a9a0e3f31dbcabb6a58) C:\Windows\system32\DRIVERS\PPJoyBus64.sys

12:48:21.0208 5500        PPJoyBus - ok

12:48:21.0241 5500        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

12:48:21.0244 5500        PptpMiniport - ok

12:48:21.0271 5500        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

12:48:21.0273 5500        Processor - ok

12:48:21.0317 5500        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

12:48:21.0320 5500        Psched - ok

12:48:21.0410 5500        PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

12:48:21.0412 5500        PxHlpa64 - ok

12:48:21.0461 5500        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

12:48:21.0476 5500        ql2300 - ok

12:48:21.0495 5500        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

12:48:21.0498 5500        ql40xx - ok

12:48:21.0516 5500        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

12:48:21.0518 5500        QWAVEdrv - ok

12:48:21.0536 5500        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

12:48:21.0537 5500        RasAcd - ok

12:48:21.0589 5500        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

12:48:21.0590 5500        RasAgileVpn - ok

12:48:21.0618 5500        Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

12:48:21.0620 5500        Rasl2tp - ok

12:48:21.0641 5500        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

12:48:21.0643 5500        RasPppoe - ok

12:48:21.0658 5500        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

12:48:21.0660 5500        RasSstp - ok

12:48:21.0680 5500        rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

12:48:21.0684 5500        rdbss - ok

12:48:21.0699 5500        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

12:48:21.0700 5500        rdpbus - ok

12:48:21.0710 5500        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

12:48:21.0711 5500        RDPCDD - ok

12:48:21.0738 5500        RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

12:48:21.0741 5500        RDPDR - ok

12:48:21.0794 5500        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

12:48:21.0796 5500        RDPENCDD - ok

12:48:21.0805 5500        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

12:48:21.0806 5500        RDPREFMP - ok

12:48:21.0845 5500        RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

12:48:21.0846 5500        RdpVideoMiniport - ok

12:48:21.0890 5500        RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

12:48:21.0893 5500        RDPWD - ok

12:48:21.0921 5500        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

12:48:21.0924 5500        rdyboost - ok

12:48:21.0978 5500        RivaTuner64     (9b29bbd1427f71a854c2b400f3bbcf55) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys

12:48:21.0979 5500        RivaTuner64 - ok

12:48:22.0041 5500        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

12:48:22.0043 5500        rspndr - ok

12:48:22.0077 5500        RTL8167         (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys

12:48:22.0080 5500        RTL8167 - ok

12:48:22.0101 5500        s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

12:48:22.0103 5500        s3cap - ok

12:48:22.0181 5500        SANDRA          (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\Sandra.sys

12:48:22.0182 5500        SANDRA - ok

12:48:22.0254 5500        SbieDrv         (1fc5d553f8ec9779702fb8264863e3a2) C:\Program Files\Sandboxie\SbieDrv.sys

12:48:22.0255 5500        SbieDrv - ok

12:48:22.0329 5500        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

12:48:22.0332 5500        sbp2port - ok

12:48:22.0355 5500        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

12:48:22.0356 5500        scfilter - ok

12:48:22.0403 5500        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

12:48:22.0405 5500        secdrv - ok

12:48:22.0423 5500        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

12:48:22.0425 5500        Serenum - ok

12:48:22.0454 5500        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

12:48:22.0456 5500        Serial - ok

12:48:22.0519 5500        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

12:48:22.0521 5500        sermouse - ok

12:48:22.0551 5500        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

12:48:22.0552 5500        sffdisk - ok

12:48:22.0563 5500        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

12:48:22.0565 5500        sffp_mmc - ok

12:48:22.0577 5500        sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

12:48:22.0579 5500        sffp_sd - ok

12:48:22.0603 5500        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

12:48:22.0604 5500        sfloppy - ok

12:48:22.0631 5500        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

12:48:22.0632 5500        SiSRaid2 - ok

12:48:22.0645 5500        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

12:48:22.0647 5500        SiSRaid4 - ok

12:48:22.0706 5500        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

12:48:22.0708 5500        Smb - ok

12:48:22.0732 5500        speedfan - ok

12:48:22.0749 5500        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

12:48:22.0750 5500        spldr - ok

12:48:22.0782 5500        srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

12:48:22.0789 5500        srv - ok

12:48:22.0821 5500        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

12:48:22.0826 5500        srv2 - ok

12:48:22.0881 5500        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

12:48:22.0884 5500        srvnet - ok

12:48:22.0948 5500        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

12:48:22.0950 5500        stexstor - ok

12:48:23.0027 5500        STGMFEngine64   (70d9e406a1170a801b0d9ccecf9d6914) C:\Windows\system32\drivers\STGMFEngine64.sys

12:48:23.0028 5500        STGMFEngine64 - ok

12:48:23.0057 5500        storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

12:48:23.0059 5500        storflt - ok

12:48:23.0074 5500        storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

12:48:23.0076 5500        storvsc - ok

12:48:23.0090 5500        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

12:48:23.0092 5500        swenum - ok

12:48:23.0168 5500        Synth3dVsc - ok

12:48:23.0227 5500        Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

12:48:23.0239 5500        Tcpip - ok

12:48:23.0275 5500        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

12:48:23.0283 5500        TCPIP6 - ok

12:48:23.0304 5500        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

12:48:23.0306 5500        tcpipreg - ok

12:48:23.0330 5500        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

12:48:23.0332 5500        TDPIPE - ok

12:48:23.0343 5500        TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

12:48:23.0344 5500        TDTCP - ok

12:48:23.0411 5500        tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

12:48:23.0413 5500        tdx - ok

12:48:23.0488 5500        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

12:48:23.0490 5500        TermDD - ok

12:48:23.0593 5500        truecrypt       (ea43de1743c1ba0d2d17b8db90c91d88) C:\Windows\system32\drivers\truecrypt.sys

12:48:23.0595 5500        truecrypt - ok

12:48:23.0621 5500        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

12:48:23.0623 5500        tssecsrv - ok

12:48:23.0664 5500        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

12:48:23.0666 5500        TsUsbFlt - ok

12:48:23.0674 5500        tsusbhub - ok

12:48:23.0711 5500        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

12:48:23.0714 5500        tunnel - ok

12:48:23.0781 5500        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

12:48:23.0783 5500        uagp35 - ok

12:48:23.0807 5500        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

12:48:23.0811 5500        udfs - ok

12:48:23.0853 5500        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

12:48:23.0855 5500        uliagpkx - ok

12:48:23.0897 5500        umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

12:48:23.0899 5500        umbus - ok

12:48:23.0915 5500        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

12:48:23.0916 5500        UmPass - ok

12:48:23.0987 5500        USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

12:48:23.0988 5500        USBAAPL64 - ok

12:48:24.0019 5500        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

12:48:24.0021 5500        usbaudio - ok

12:48:24.0041 5500        usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

12:48:24.0042 5500        usbccgp - ok

12:48:24.0071 5500        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

12:48:24.0074 5500        usbcir - ok

12:48:24.0101 5500        usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

12:48:24.0103 5500        usbehci - ok

12:48:24.0168 5500        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

12:48:24.0170 5500        usbhub - ok

12:48:24.0191 5500        usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

12:48:24.0193 5500        usbohci - ok

12:48:24.0226 5500        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

12:48:24.0226 5500        usbprint - ok

12:48:24.0252 5500        usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

12:48:24.0253 5500        usbscan - ok

12:48:24.0318 5500        USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:48:24.0319 5500        USBSTOR - ok

12:48:24.0378 5500        usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

12:48:24.0379 5500        usbuhci - ok

12:48:24.0418 5500        VCSVADHWSer     (3a4b01c2bdb07dfef29b0b369487503a) C:\Windows\system32\DRIVERS\vcsvad.sys

12:48:24.0419 5500        VCSVADHWSer - ok

12:48:24.0451 5500        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

12:48:24.0453 5500        vdrvroot - ok

12:48:24.0483 5500        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

12:48:24.0484 5500        vga - ok

12:48:24.0502 5500        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

12:48:24.0504 5500        VgaSave - ok

12:48:24.0551 5500        VGPU - ok

12:48:24.0582 5500        vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

12:48:24.0585 5500        vhdmp - ok

12:48:24.0599 5500        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

12:48:24.0600 5500        viaide - ok

12:48:24.0617 5500        vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

12:48:24.0620 5500        vmbus - ok

12:48:24.0640 5500        VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

12:48:24.0641 5500        VMBusHID - ok

12:48:24.0663 5500        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

12:48:24.0665 5500        volmgr - ok

12:48:24.0695 5500        volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

12:48:24.0700 5500        volmgrx - ok

12:48:24.0768 5500        volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

12:48:24.0770 5500        volsnap - ok

12:48:24.0797 5500        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

12:48:24.0800 5500        vsmraid - ok

12:48:24.0818 5500        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

12:48:24.0820 5500        vwifibus - ok

12:48:24.0853 5500        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

12:48:24.0855 5500        WacomPen - ok

12:48:24.0888 5500        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

12:48:24.0890 5500        WANARP - ok

12:48:24.0893 5500        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

12:48:24.0894 5500        Wanarpv6 - ok

12:48:24.0948 5500        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

12:48:24.0949 5500        Wd - ok

12:48:24.0975 5500        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

12:48:24.0982 5500        Wdf01000 - ok

12:48:25.0018 5500        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

12:48:25.0020 5500        WfpLwf - ok

12:48:25.0034 5500        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

12:48:25.0036 5500        WIMMount - ok

12:48:25.0100 5500        WinRing0_1_2_0 - ok

12:48:25.0186 5500        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

12:48:25.0187 5500        WinUsb - ok

12:48:25.0217 5500        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

12:48:25.0218 5500        WmiAcpi - ok

12:48:25.0241 5500        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

12:48:25.0243 5500        ws2ifsl - ok

12:48:25.0273 5500        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

12:48:25.0275 5500        WudfPf - ok

12:48:25.0312 5500        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

12:48:25.0315 5500        WUDFRd - ok

12:48:25.0386 5500        XENfiltv        (754c8bf43f0dd4b54865f174a62761e9) C:\Windows\system32\drivers\XENfiltv.sys

12:48:25.0387 5500        XENfiltv - ok

12:48:25.0423 5500        xusb21          (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

12:48:25.0424 5500        xusb21 - ok

12:48:25.0448 5500        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

12:48:25.0459 5500        \Device\Harddisk0\DR0 - ok

12:48:25.0461 5500        Boot (0x1200)   (2c47691fab4a791053ddcfa7e6719f83) \Device\Harddisk0\DR0\Partition0

12:48:25.0461 5500        \Device\Harddisk0\DR0\Partition0 - ok

12:48:25.0467 5500        Boot (0x1200)   (76faf5b6d05eddb92d51a2ba7570c6a5) \Device\Harddisk0\DR0\Partition1

12:48:25.0467 5500        \Device\Harddisk0\DR0\Partition1 - ok

12:48:25.0492 5500        Boot (0x1200)   (4285d2dc86ee7941a070931a0e774d2b) \Device\Harddisk0\DR0\Partition2

12:48:25.0493 5500        \Device\Harddisk0\DR0\Partition2 - ok

12:48:25.0516 5500        Boot (0x1200)   (4c1c337402cf0c9bbe97c60a32db1dc2) \Device\Harddisk0\DR0\Partition3

12:48:25.0517 5500        \Device\Harddisk0\DR0\Partition3 - ok

12:48:25.0517 5500        ============================================================

12:48:25.0517 5500        Scan finished

12:48:25.0517 5500        ============================================================

12:48:25.0524 5732        Detected object count: 0

12:48:25.0524 5732        Actual detected object count: 0

Sorry für den Doppelpost, aber...

Ich kann die Datei C:\Windows\is-V8MN4.exe nicht finden, auch nicht wenn ich unhide.exe benutzt habe und sogar den Pfad kopiert habe.

Habe nochmal einen OTL Scan gemacht, komischerweise Existiert die Datei nicht mehr.

Hier :

OTL Logfile:

Code:

OTL logfile created on: 11.12.2011 13:59:42 - Run 2

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\HAFX\Downloads

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 33,92% Memory free

8,00 Gb Paging File | 5,33 Gb Available in Paging File | 66,64% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 96,52 Gb Free Space | 49,44% Space Free | Partition Type: NTFS

Drive D: | 244,14 Gb Total Space | 104,04 Gb Free Space | 42,61% Space Free | Partition Type: NTFS

Drive E: | 26,31 Gb Total Space | 26,18 Gb Free Space | 99,53% Space Free | Partition Type: NTFS

 

Computer Name: HAFX-PC | User Name: HAFX | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.12.11 01:24:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\HAFX\Downloads\OTL.exe

PRC - [2011.12.06 17:23:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2011.12.02 10:37:40 | 002,923,392 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe

PRC - [2011.11.08 20:15:50 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2011.11.08 16:10:42 | 002,132,480 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\LCDHost.exe

PRC - [2011.11.07 20:14:42 | 028,854,408 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe

PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011.10.12 16:06:14 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe

PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.08.23 04:34:34 | 024,182,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2011.06.06 20:05:02 | 000,858,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDYT.exe

PRC - [2011.06.06 20:05:02 | 000,850,504 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDMovieViewer.exe

PRC - [2011.06.06 20:05:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe

PRC - [2011.06.06 20:05:02 | 000,498,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDWebCam.exe

PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

PRC - [2011.04.26 13:55:58 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe

PRC - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

PRC - [2010.05.20 09:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

PRC - [2006.11.17 16:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTSched.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.12.10 23:39:32 | 000,576,512 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_DataViewer.dll

MOD - [2011.11.18 15:06:44 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

MOD - [2011.11.08 20:15:49 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2011.11.08 16:15:40 | 000,112,128 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_LgLcdMan.dll

MOD - [2011.11.08 16:15:26 | 000,110,592 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_LgBacklight.dll

MOD - [2011.11.08 16:14:50 | 000,355,328 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_WebKit.dll

MOD - [2011.11.08 16:14:02 | 000,094,208 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_VirtualLCD.dll

MOD - [2011.11.08 16:13:54 | 000,286,208 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Text.dll

MOD - [2011.11.08 16:13:20 | 000,298,496 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Mailcount.dll

MOD - [2011.11.08 16:12:58 | 001,353,728 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Lua.dll

MOD - [2011.11.08 16:11:44 | 000,103,936 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Decor.dll

MOD - [2011.11.08 16:11:44 | 000,009,728 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Image.dll

MOD - [2011.11.08 16:11:34 | 000,264,192 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Bar.dll

MOD - [2011.11.08 16:10:42 | 002,132,480 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\LCDHost.exe

MOD - [2011.11.07 20:12:12 | 016,827,392 | R--- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll

MOD - [2011.11.07 20:05:36 | 000,312,320 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll

MOD - [2011.11.07 20:05:34 | 000,264,192 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll

MOD - [2011.11.07 20:05:34 | 000,211,456 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll

MOD - [2011.11.07 20:05:34 | 000,032,256 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll

MOD - [2011.11.07 20:05:34 | 000,028,672 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll

MOD - [2011.11.07 20:05:32 | 000,172,544 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qjpcodecs4.dll

MOD - [2011.11.07 20:05:32 | 000,158,208 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qtwcodecs4.dll

MOD - [2011.11.07 20:05:32 | 000,079,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qkrcodecs4.dll

MOD - [2011.11.07 20:05:28 | 000,143,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qcncodecs4.dll

MOD - [2011.11.07 20:04:10 | 000,327,680 | R--- | M] () -- C:\Program Files (x86)\Origin\phonon4.dll

MOD - [2011.11.07 20:04:08 | 001,152,512 | R--- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll

MOD - [2011.11.07 20:04:08 | 000,413,184 | R--- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll

MOD - [2011.11.07 20:04:06 | 009,440,256 | R--- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll

MOD - [2011.11.07 20:04:04 | 002,694,144 | R--- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll

MOD - [2011.10.12 16:06:14 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe

MOD - [2011.07.09 10:12:52 | 000,377,344 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Weather.dll

MOD - [2011.07.09 10:12:44 | 000,173,568 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Dial.dll

MOD - [2011.07.09 10:12:34 | 000,206,336 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Graph.dll

MOD - [2011.07.09 10:12:30 | 000,755,712 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Monitoring.dll

MOD - [2011.07.09 10:12:22 | 000,442,368 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Cursor.dll

MOD - [2011.05.04 12:35:04 | 002,552,320 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtCore4.dll

MOD - [2011.05.04 12:34:56 | 000,399,360 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtXml4.dll

MOD - [2011.05.04 12:34:44 | 001,209,344 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtNetwork4.dll

MOD - [2011.05.04 12:34:44 | 000,379,392 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qtiff4.dll

MOD - [2011.05.04 12:34:36 | 009,849,856 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtGui4.dll

MOD - [2011.05.04 12:34:22 | 000,351,744 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qmng4.dll

MOD - [2011.05.04 12:34:22 | 000,287,232 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qjpeg4.dll

MOD - [2011.05.04 12:34:22 | 000,083,456 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qico4.dll

MOD - [2011.05.04 12:34:22 | 000,083,456 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qgif4.dll

MOD - [2011.05.04 12:34:22 | 000,043,008 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\libgcc_s_dw2-1.dll

MOD - [2011.05.04 12:34:22 | 000,011,362 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\mingwm10.dll

MOD - [2011.04.26 13:55:58 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.6\lib\shellext32.dll

MOD - [2011.02.14 22:02:58 | 002,417,664 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll

MOD - [2010.03.07 04:31:36 | 000,024,110 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll

MOD - [2010.02.10 17:36:20 | 009,565,184 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll

MOD - [2010.02.10 17:11:00 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll

MOD - [2010.02.10 17:08:16 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll

MOD - [2009.06.22 19:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll

MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2011.11.23 14:17:26 | 000,094,992 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)

SRV:64bit: - [2011.10.26 03:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2011.10.25 21:14:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2011.06.17 08:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)

SRV:64bit: - [2011.06.09 19:55:13 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)

SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV:64bit: - [2008.08.14 23:41:22 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\RpcAgentSrv.exe -- (SandraAgentSrv)

SRV - [2011.12.06 17:23:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2011.12.02 10:37:40 | 002,923,392 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)

SRV - [2011.11.18 14:22:14 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)

SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011.09.22 17:04:36 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.08.15 09:02:12 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2011.06.07 13:45:18 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2011.06.07 13:45:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)

SRV - [2011.04.26 13:55:58 | 000,216,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe -- (statuscached)

SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2010.11.20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)

SRV - [2010.07.08 11:50:20 | 000,450,560 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) [Auto | Running] -- C:\Windows\SysWOW64\STGRAMDiskHandler64.exe -- (Steganos Volatile Disk)

SRV - [2010.05.20 09:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2005.03.09 19:50:18 | 000,018,944 | ---- | M] (libusb-Win32) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)

DRV:64bit: - [2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2011.11.23 14:17:24 | 000,158,336 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)

DRV:64bit: - [2011.11.10 18:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)

DRV:64bit: - [2011.10.26 04:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011.10.26 02:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.07.13 20:07:13 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)

DRV:64bit: - [2011.06.24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)

DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.06.06 23:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2011.06.06 20:05:02 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)

DRV:64bit: - [2011.06.06 20:05:02 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)

DRV:64bit: - [2011.06.06 20:05:02 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)

DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.04.30 12:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2011.04.30 12:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.10 14:44:16 | 002,725,376 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)

DRV:64bit: - [2011.02.11 22:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)

DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010.09.03 15:45:08 | 000,028,576 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt.com) [Driver] [Kernel | System | Running] -- C:\Windows\SysNative\drivers\STGMFEngine64.sys -- (STGMFEngine64)

DRV:64bit: - [2010.08.19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2010.03.19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009.12.03 15:48:32 | 000,716,872 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)

DRV:64bit: - [2009.11.04 04:03:56 | 000,020,032 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPJoyBus64.sys -- (PPJoyBus)

DRV:64bit: - [2009.09.28 01:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)

DRV:64bit: - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\Sandra.sys -- (SANDRA)

DRV:64bit: - [2009.07.31 10:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2008.12.26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV:64bit: - [2005.03.29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)

DRV - [2009.08.22 19:25:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2005.03.09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\URLSearchHook:  - No CLSID value found

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Hotmail und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 21 BC 3D 58 42 CC 01  [binary data]

IE - HKCU\..\URLSearchHook:  - No CLSID value found

IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "google.de"

FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.6&q="

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.01 14:32:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.08 20:15:51 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.16 13:21:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.16 13:21:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

 

[2011.09.30 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Extensions

[2011.09.30 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2011.12.07 21:57:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions

[2011.10.16 20:17:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.11.20 19:37:03 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2011.07.18 11:46:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\battlefieldplay4free@ea.com

[2011.07.11 17:56:14 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\engine@conduit.com

[2011.12.05 18:07:11 | 000,001,056 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Mozilla\Firefox\Profiles\yk9ok6on.default\searchplugins\icqplugin.xml

[2011.11.08 20:16:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

() (No name found) -- C:\USERS\HAFX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YK9OK6ON.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI

() (No name found) -- C:\USERS\HAFX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YK9OK6ON.DEFAULT\EXTENSIONS\ADMIN@PROXY-LISTEN.DE.XPI

[2011.11.08 20:15:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

 

O1 HOSTS File: ([2011.08.01 18:11:25 | 000,001,195 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost ::1 localhost 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com 127.0.0.1 adobe-dns-5.adobe.com 127.0.0.1 hh-software.com 127.0.0.1 127.0.0.1 activate.adobe.de 127.0.0.1 practivate.adobe.de 127.0.0.1 ereg.adobe.de 127.0.0.1 activate.wip3.adobe.de 127.0.0.1 wip3.adobe.de 127.0.0.1 3dns-3.adobe.de 127.0.0.1 3dns-2.adobe.de 127.0.0.1 adobe-dns.adobe.de 127.0.0.1 adobe-dns-2.adobe.de 127.0.0.1 adobe-dns-3.adobe.de 127.0.0.1 ereg.wip3.adobe.de 127.0.0.1 activate-sea.adobe.de 127.0.0.1 wwis-dubc1-vip60.adobe.de 127.0.0.1 activate-sjc0.adobe.de 127.0.0.1 wwis-dubc1-vip60.adobe.de 127.0.0.1 hl2rcv.adobe.de

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)

O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKCU..\Run: [AdobeBridge]  File not found

O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)

O4 - HKCU..\Run: [CreativeTaskScheduler] C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)

O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)

O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()

O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)

O4 - HKCU..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe ()

O4 - Startup: C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk = C:\Users\HAFX\Documents\LCDHost\LCDHost.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06C84457-AE19-4A2B-94B0-6C7567D79A33}: NameServer = 192.168.116.250

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O29:64bit: - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{5496e40c-9046-11e0-a20f-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{5496e40c-9046-11e0-a20f-806e6f6e6963}\Shell\AutoRun\command - "" = J:\AutoRunCD.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.12.11 12:47:13 | 000,000,000 | ---D | C] -- C:\TDSS

[2011.12.11 02:35:38 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Wireshark

[2011.12.11 02:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireshark

[2011.12.10 23:32:15 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LCDHost

[2011.12.10 23:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LcdStudio

[2011.12.10 23:22:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LcdStudio

[2011.12.10 23:12:12 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timisoft

[2011.12.10 23:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Timisoft

[2011.12.10 22:31:42 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Desktop\Programme

[2011.12.09 19:58:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011.12.09 19:58:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011.12.09 19:58:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011.12.09 19:58:05 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011.12.09 19:58:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011.12.09 19:58:05 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011.12.09 19:58:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011.12.09 19:58:05 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011.12.09 19:58:05 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011.12.09 19:58:05 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011.12.09 19:58:05 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011.12.09 19:58:05 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011.12.09 19:58:05 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011.12.09 19:58:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011.12.09 19:58:05 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011.12.09 19:58:05 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011.12.09 19:58:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011.12.09 19:58:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011.12.09 19:58:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011.12.09 19:58:05 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011.12.09 19:58:05 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011.12.09 19:58:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011.12.09 19:58:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011.12.09 19:58:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011.12.09 19:58:05 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011.12.09 19:58:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011.12.09 19:58:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011.12.09 19:58:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011.12.09 19:58:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011.12.09 19:58:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011.12.09 19:58:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011.12.09 19:58:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011.12.09 19:58:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011.12.09 19:58:05 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011.12.09 19:58:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011.12.09 19:58:05 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011.12.09 19:58:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011.12.09 19:58:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011.12.09 19:58:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011.12.09 19:58:05 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011.12.09 19:58:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011.12.09 19:58:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011.12.09 19:58:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011.12.09 19:58:05 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011.12.09 19:58:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011.12.09 19:58:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011.12.09 19:58:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2011.12.09 19:58:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011.12.09 19:58:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011.12.09 19:58:05 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011.12.09 19:58:05 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011.12.09 19:58:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011.12.09 19:58:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011.12.09 19:58:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011.12.09 19:58:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2011.12.09 19:58:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011.12.09 19:58:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011.12.09 19:58:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011.12.09 19:58:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011.12.09 19:58:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011.12.09 19:58:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011.12.09 19:58:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011.12.09 19:58:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011.12.09 19:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011.12.09 19:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011.12.09 19:58:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011.12.09 19:58:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011.12.09 19:58:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011.12.09 19:58:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011.12.09 19:58:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011.12.09 19:58:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011.12.09 19:58:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011.12.08 20:13:57 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Documents\Battlefield 2

[2011.12.08 14:52:02 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2011.12.08 14:52:02 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2011.12.08 14:52:02 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2011.12.08 14:52:02 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2011.12.08 14:52:02 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2011.12.08 14:52:01 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2011.12.08 14:52:01 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2011.12.08 14:52:01 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2011.12.08 14:52:01 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2011.12.08 14:52:01 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2011.12.08 14:52:01 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2011.12.08 14:52:01 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2011.12.08 14:52:01 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2011.12.08 14:52:01 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2011.12.08 14:52:01 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2011.12.08 14:29:45 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2011.12.08 14:29:44 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2011.12.08 14:29:44 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2011.12.08 14:29:44 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2011.12.08 14:29:44 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll

[2011.12.08 14:29:44 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2011.12.08 14:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011.12.07 13:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

[2011.12.07 13:34:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2011.12.07 13:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony

[2011.12.06 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Vidalia

[2011.12.06 00:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle

[2011.12.06 00:20:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bundle

[2011.12.05 11:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster

[2011.12.05 11:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects

[2011.12.04 22:18:16 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Documents\Adobe

[2011.12.04 16:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON

[2011.12.03 20:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET

[2011.12.03 20:05:40 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Local\Paint.NET

[2011.12.03 12:42:10 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps

[2011.12.03 12:14:59 | 000,000,000 | R--D | C] -- C:\Sandbox

[2011.12.03 11:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie

[2011.12.03 11:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie

[2011.11.30 14:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story

[2011.11.30 14:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2011.11.26 13:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant

[2011.11.22 20:27:43 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll

[2011.11.22 20:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy

[2011.11.22 20:27:42 | 000,115,272 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys

[2011.11.22 16:52:13 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center

[2011.11.22 16:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI

[2011.11.22 16:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP

[2011.11.22 16:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.12.11 13:26:06 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347250277-935107026-2126249694-1000UA.job

[2011.12.11 12:42:43 | 000,080,384 | ---- | M] () -- C:\Users\HAFX\Desktop\MBRCheck.exe

[2011.12.11 12:16:24 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.12.11 12:16:24 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.12.11 12:08:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.12.11 12:08:28 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys

[2011.12.11 03:00:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Crysis Wars(R) Updates.job

[2011.12.11 01:05:29 | 000,007,605 | ---- | M] () -- C:\Users\HAFX\AppData\Local\Resmon.ResmonCfg

[2011.12.10 23:32:15 | 000,000,920 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk

[2011.12.10 17:25:00 | 000,001,806 | ---- | M] () -- C:\Windows\Sandboxie.ini

[2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.12.10 14:02:28 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2011.12.09 19:58:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011.12.09 19:58:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011.12.09 19:58:05 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011.12.09 19:58:05 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011.12.09 19:58:05 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011.12.09 19:58:05 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011.12.09 19:58:05 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011.12.09 19:58:05 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011.12.09 19:58:05 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011.12.09 19:58:05 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011.12.09 19:58:05 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011.12.09 19:58:05 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011.12.09 19:58:05 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011.12.09 19:58:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011.12.09 19:58:05 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011.12.09 19:58:05 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011.12.09 19:58:05 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011.12.09 19:58:05 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011.12.09 19:58:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011.12.09 19:58:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011.12.09 19:58:05 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011.12.09 19:58:05 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011.12.09 19:58:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011.12.09 19:58:05 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011.12.09 19:58:05 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011.12.09 19:58:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011.12.09 19:58:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011.12.09 19:58:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011.12.09 19:58:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011.12.09 19:58:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011.12.09 19:58:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011.12.09 19:58:05 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011.12.09 19:58:05 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011.12.09 19:58:05 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011.12.09 19:58:05 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011.12.09 19:58:05 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011.12.09 19:58:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011.12.09 19:58:05 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011.12.09 19:58:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011.12.09 19:58:05 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011.12.09 19:58:05 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011.12.09 19:58:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011.12.09 19:58:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011.12.09 19:58:05 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011.12.09 19:58:05 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011.12.09 19:58:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011.12.09 19:58:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2011.12.09 19:58:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011.12.09 19:58:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011.12.09 19:58:05 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011.12.09 19:58:05 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011.12.09 19:58:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011.12.09 19:58:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011.12.09 19:58:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011.12.09 19:58:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2011.12.09 19:58:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011.12.09 19:58:05 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011.12.09 19:58:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2011.12.09 19:58:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2011.12.09 19:58:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011.12.09 19:58:05 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011.12.09 19:58:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011.12.09 19:58:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011.12.09 19:58:05 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011.12.09 19:58:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011.12.09 19:58:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011.12.09 19:58:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011.12.09 19:58:05 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011.12.09 19:58:05 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011.12.09 19:58:05 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011.12.09 19:58:05 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011.12.09 19:58:05 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011.12.09 19:58:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011.12.09 19:58:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011.12.06 17:23:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.12.05 18:01:16 | 004,863,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.12.05 11:26:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347250277-935107026-2126249694-1000Core.job

[2011.12.04 22:18:29 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI

[2011.12.01 14:32:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2011.11.28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys

[2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2011.11.26 01:23:25 | 000,001,456 | ---- | M] () -- C:\Users\HAFX\AppData\Local\Adobe Für Web speichern 12.0 Prefs

[2011.11.18 15:06:44 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011.11.13 22:51:17 | 000,000,132 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Adobe PNG Format CS5 Prefs

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.12.11 12:42:35 | 000,080,384 | ---- | C] () -- C:\Users\HAFX\Desktop\MBRCheck.exe

[2011.12.11 01:05:29 | 000,007,605 | ---- | C] () -- C:\Users\HAFX\AppData\Local\Resmon.ResmonCfg

[2011.12.09 19:58:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2011.12.09 19:58:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2011.12.09 19:51:57 | 000,001,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk

[2011.12.04 19:25:55 | 000,001,973 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk

[2011.12.04 19:25:55 | 000,001,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk

[2011.12.04 19:25:55 | 000,001,931 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk

[2011.12.03 20:06:22 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk

[2011.12.03 11:59:59 | 000,001,806 | ---- | C] () -- C:\Windows\Sandboxie.ini

[2011.11.30 14:38:01 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk

[2011.11.30 14:36:17 | 000,001,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk

[2011.11.30 14:34:08 | 000,001,558 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk

[2011.11.26 13:09:45 | 000,001,050 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk

[2011.11.09 14:20:55 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe GIF Format CS5 Prefs

[2011.10.29 21:00:05 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe

[2011.10.26 02:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2011.10.26 02:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll

[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll

[2011.10.19 16:28:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011.10.18 09:15:08 | 000,104,072 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2011.09.25 19:03:44 | 000,011,959 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\PStrip.bak

[2011.09.25 19:03:35 | 000,013,501 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\PStrip.ini

[2011.09.25 09:01:11 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe

[2011.09.25 09:01:11 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll

[2011.09.25 09:01:11 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini

[2011.09.25 09:01:09 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl

[2011.09.25 09:00:49 | 000,000,925 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi

[2011.09.25 09:00:46 | 000,004,967 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg

[2011.09.25 08:36:14 | 000,000,558 | ---- | C] () -- C:\Windows\cmudaxp.ini

[2011.09.22 11:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2011.09.19 09:47:34 | 011,296,768 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Sandra.mdb

[2011.09.16 17:50:31 | 000,001,456 | ---- | C] () -- C:\Users\HAFX\AppData\Local\Adobe Für Web speichern 12.0 Prefs

[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2011.09.09 12:54:45 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe AIFF Format CS5 Prefs

[2011.07.15 13:57:05 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys

[2011.07.13 15:43:16 | 000,000,297 | ---- | C] () -- C:\Windows\game.ini

[2011.07.04 02:03:04 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI

[2011.07.04 01:05:44 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2011.07.04 01:05:43 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2011.07.04 01:05:41 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2011.07.04 01:05:41 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2011.07.04 01:05:41 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2011.06.17 14:31:21 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe

[2011.06.12 20:58:39 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011.06.09 19:47:15 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.06.08 18:26:55 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe Targa Format CS5 Prefs

[2011.06.08 12:46:20 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.06.08 12:46:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.06.08 12:46:17 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[2011.06.07 13:45:24 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini

[2011.06.07 13:45:23 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2011.06.07 13:45:23 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2011.06.06 17:34:14 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2011.03.31 07:59:24 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini

[2011.02.11 22:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 1367 bytes -> C:\ProgramData\Microsoft:U2iV3me43NFza2XPUx820

@Alternate Data Stream - 1357 bytes -> C:\Program Files\Common Files\Microsoft Shared:xxUmOKn2CIFF7ncJAr9bWbC

@Alternate Data Stream - 1306 bytes -> C:\ProgramData\Microsoft:yy695qjNbyqWGs5ty4DukRgN

@Alternate Data Stream - 1193 bytes -> C:\ProgramData\Microsoft:hARchZB5SPhtfYzcjeXGu
 

< End of report >

--- --- ---

Hi,

sieht soweit ok aus, allerdings ist jetzt auch schluß...
Du setzt eine gecrackte Adobe-Version ein, es sind typische Einträge zu finden..

chris&Out

Ja, bitte nicht falsch verstehen, ich habe Adobe Photoshop CS5 legal erworben, da letzte woche mein Netzteil durchgeschmort ist, und ich nun ein notdürftiges im Rechner habe, kann ich nicht meine zweite Festplatte anschliessen (SATA) , auf der Platte ist Photoshop installiert, da ich photoshop zum arbeiten brauche, habe ich kurzerhand eine Portable photoshop Version bezogen, die ich natürlich auch löschen werde, wenn ich wieder Zugriff auf meine zweite Festplatte habe, es ist ein Missverständniss!

Ausserdem habe ich gerade erfahren dass mein Rechner manchmal Daten sendet und Herunterläd, wie kann ich überprüfen ob es ein Schadprogramm ist?, habe bereits alle Programme inklusive Origin geschlossen, trotzdem kommt es vor dass z.b. alle 5 sekunde, 6 ... 7 sekunden bisschen was gesendet wird (1-2kb)?