| Manuel180791 | 14.08.2012 14:25 |
100 Euro Virus / IDP.Trojan.4724C1BC / AVG Anti-Virus nicht aktivierbar
Hallo liebe Helfer :)
Also ich bin neu auf dem Board. Ich hoffe ich mach alles richtig. Ich hab mir auch alles durchgelesen.
Mein System: Windows XP Professional Version 2002 Serviece Pack 3
Intel® Pentium® D CPU 3.20 GHZ 3.19 GHZ 2,00 GB RAM
Also meine Probleme sind:
-) Der 100 Euro Trojaner ist offensichtlich auf meinem PC. Tauchte einmal auf und sperrte komplett.
-) AVG fand einige Tage später den Trojaner IDP.Trojan.4724C1BC in C:\Dokumente und Einstellungen\Manuel\Lokale Einstellungen\Temp\dyprxqwhfvoodklmhi.exe und hat diesen in Quarantäne verschoben.
-) dazu kommt dass AVG Anti-Virus deaktiviert ist und nicht mehr aktivierbar ist. Fehlermeldung: Die automatische Statusreperatur konnte nicht abgeschlossen werden. Mindestens eine Komponenete konnte nicht repariert werden.
-) Der PC ist seit mehreren Tagen/Wochen sehr sehr langsam.
-) Gmer funktionierte erst beim zweiten Anlauf. Auch da gab es beim Start eine Fehlermeldung: LoadDriver („C:\DOKUME~1\Manuel\LOKALE~1\Temp\kgkyikog.sys“) error0xC0000001: Ein dauerhafter Unterschlüssel kann nicht unter einem temporärem übergeordnetem Schlüssel erstellt werden
Der Scan funktionierte dann trotzdem.
Hier die LogfilesOTL Logfile: Code:
OTL logfile created on: 14.08.2012 14:18:47 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Dokumente und Einstellungen\Manuel\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,58% Memory free
3,85 Gb Paging File | 3,09 Gb Available in Paging File | 80,30% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,82 Gb Total Space | 107,09 Gb Free Space | 46,00% Space Free | Partition Type: NTFS
Computer Name: 6E10CBE9A3034EC | User Name: Manuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.08.14 14:18:22 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Manuel\Desktop\OTL.exe
PRC - [2012.08.14 14:17:30 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Manuel\Desktop\Defogger.exe
PRC - [2012.07.04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgidsagent.exe
PRC - [2012.06.13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgnsx.exe
PRC - [2012.05.28 16:13:02 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\uTorrent\uTorrent.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Dropbox\bin\Dropbox.exe
PRC - [2012.05.04 07:37:10 | 000,021,392 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.04.26 19:16:50 | 000,577,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Programme\BlueStacks\HD-Frontend.exe
PRC - [2012.04.26 19:16:36 | 000,385,376 | ---- | M] (BlueStack Systems, Inc.) -- C:\Programme\BlueStacks\HD-LogRotatorService.exe
PRC - [2012.04.05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.10.08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.11.20 19:09:10 | 000,294,912 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe
PRC - [2002.11.20 18:48:24 | 000,299,008 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hpoevm07.exe
PRC - [2002.11.20 18:15:00 | 000,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
========== Modules (No Company Name) ==========
MOD - [2012.08.14 14:17:30 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Manuel\Desktop\Defogger.exe
MOD - [2012.06.15 13:35:23 | 001,443,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\NAudio\11e25ecbafd4b32f66da5cfc8199fc20\NAudio.ni.dll
MOD - [2012.06.15 13:35:22 | 000,635,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-Frontend\882197e99cbc77f469139ce5f0f74fdd\HD-Frontend.ni.exe
MOD - [2012.06.15 13:35:18 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.06.15 13:31:48 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 16:41:12 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.14 16:36:17 | 013,197,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\abb5bbc7e336f73dc877b0747f827f9c\System.Windows.Forms.ni.dll
MOD - [2012.06.14 16:28:24 | 018,017,792 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1a6d151ef8db9727cea5d0aaf448d606\PresentationFramework.ni.dll
MOD - [2012.06.14 16:27:57 | 011,522,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3708a02c536ebfe2f2d23e5dc7d476a7\PresentationCore.ni.dll
MOD - [2012.06.14 16:27:37 | 003,879,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\0377351c3352c786d673bddc7052288d\WindowsBase.ni.dll
MOD - [2012.06.14 16:27:34 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\479448381d9608397ec835f785f47b5e\System.Drawing.ni.dll
MOD - [2012.05.20 16:56:18 | 000,115,137 | ---- | M] () -- C:\Dokumente und Einstellungen\Manuel\Lokale Einstellungen\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
MOD - [2012.05.14 14:53:28 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\4e6cce5a219fff0b6422e0428f917673\System.Management.ni.dll
MOD - [2012.05.14 14:50:52 | 000,762,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\bf45c9b6fb396a7624de0906f1d0e04b\System.Runtime.Remoting.ni.dll
MOD - [2012.05.14 14:50:33 | 001,781,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\2ab014b9de9dae71adf19bb63e0bc07f\System.Xaml.ni.dll
MOD - [2012.05.14 14:45:59 | 000,026,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-LogRotatorService\8825681b1ad8736fb8689c42c4b3f9a0\HD-LogRotatorService.ni.exe
MOD - [2012.05.14 14:45:47 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012.05.14 14:45:46 | 000,155,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\JSON\547a9e74155655aca91195c58f354c3b\JSON.ni.dll
MOD - [2012.05.13 16:21:20 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.13 16:19:48 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.13 16:17:20 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.13 16:17:06 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.13 16:11:46 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c6ed1c98256bde4ae1f4a8e950105d75\PresentationFramework.Luna.ni.dll
MOD - [2012.05.13 16:03:28 | 007,053,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\3eba193a23ec8f0ea9c4b57e23114e68\System.Core.ni.dll
MOD - [2012.05.13 16:03:16 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\cff5b1bfa1ba21f59e9365f9db26ebe9\System.Xml.ni.dll
MOD - [2012.05.13 16:03:03 | 009,091,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\789acb152c1b859e57c96a191c347a1a\System.ni.dll
MOD - [2012.05.13 16:02:46 | 014,415,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\97d737762adec957a2d7c80fafb4703a\mscorlib.ni.dll
MOD - [2012.05.04 07:37:10 | 000,021,392 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.12.10 13:24:00 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.12.10 13:23:58 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2011.12.10 13:23:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2011.03.02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2005.05.03 13:38:42 | 000,064,512 | ---- | M] () -- C:\WINDOWS\system32\P17.dll
MOD - [2002.11.20 19:37:02 | 000,028,672 | ---- | M] () -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hpopxs07.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\sshnas21.dll -- (SSHNAS)
SRV - [2012.08.04 10:51:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.04.26 19:16:36 | 000,385,376 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Programme\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012.04.26 19:15:56 | 000,401,760 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Programme\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.10.08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2006.12.14 18:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.11.17 16:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.05.02 15:46:30 | 000,139,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012.04.26 19:16:24 | 000,066,912 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv)
DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.03.19 05:17:28 | 000,301,248 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.02.22 05:25:32 | 000,235,216 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012.01.27 21:47:57 | 000,242,240 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.01.06 14:42:00 | 000,099,840 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV06.sys -- (ACEDRV06)
DRV - [2011.12.27 22:42:16 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.12.23 13:32:00 | 000,139,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011.11.29 04:28:28 | 000,009,200 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2011.11.29 04:28:28 | 000,009,072 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2011.10.27 03:25:54 | 000,181,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011.10.27 03:25:54 | 000,078,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.09.02 08:30:58 | 000,012,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011.08.17 15:49:54 | 000,138,496 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\afd.sys -- (AFD)
DRV - [2011.07.15 15:29:31 | 000,456,320 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011.07.08 16:02:00 | 000,010,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011.07.08 01:21:30 | 000,119,656 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2011.06.14 22:36:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.06.14 22:36:11 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.04.21 15:37:43 | 000,105,472 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011.02.17 15:18:03 | 000,357,888 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010.11.02 17:17:02 | 000,040,960 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009.10.20 18:20:16 | 000,265,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009.06.24 13:18:41 | 000,092,928 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008.06.20 13:51:12 | 000,361,600 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008.04.14 04:23:26 | 000,040,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008.04.14 04:23:26 | 000,021,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008.04.14 04:23:26 | 000,012,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008.04.14 04:02:33 | 000,073,472 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008.04.14 04:02:16 | 000,120,576 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008.04.14 04:02:13 | 000,068,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008.04.14 04:02:10 | 000,080,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2008.04.14 03:58:37 | 000,014,720 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008.04.14 03:58:36 | 000,025,216 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008.04.14 03:58:18 | 000,154,112 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008.04.14 03:58:13 | 000,800,384 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008.04.14 03:58:03 | 000,037,632 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008.04.14 03:57:20 | 000,040,448 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008.04.14 03:55:34 | 000,052,992 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008.04.14 03:54:59 | 000,065,536 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008.04.14 03:52:51 | 000,057,728 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008.04.14 03:52:51 | 000,044,672 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008.04.14 03:52:02 | 000,053,760 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008.04.14 03:49:36 | 000,023,552 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008.04.14 03:49:32 | 000,030,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008.04.14 03:49:03 | 000,188,800 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008.04.13 21:28:39 | 000,175,744 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008.04.13 21:21:00 | 000,162,816 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008.04.13 21:20:42 | 000,091,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008.04.13 21:20:37 | 000,182,656 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008.04.13 21:19:48 | 000,048,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008.04.13 21:19:43 | 000,051,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008.04.13 21:19:42 | 000,075,264 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008.04.13 21:17:18 | 000,083,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008.04.13 21:15:55 | 000,060,800 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008.04.13 21:15:53 | 000,574,976 | ---- | M] () [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008.04.13 21:14:29 | 000,143,744 | ---- | M] () [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008.04.13 21:14:21 | 000,063,744 | ---- | M] () [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008.04.13 20:57:32 | 000,041,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008.04.13 20:57:27 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008.04.13 20:57:21 | 000,034,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008.04.13 20:57:15 | 000,152,832 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008.04.13 20:57:07 | 000,020,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008.04.13 20:56:38 | 000,069,120 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008.04.13 20:56:32 | 000,035,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008.04.13 20:56:02 | 000,034,688 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008.04.13 20:55:58 | 000,014,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008.04.13 20:54:28 | 000,011,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008.04.13 20:53:34 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008.04.13 20:51:25 | 000,059,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008.04.13 20:45:39 | 000,032,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008.04.13 20:45:38 | 000,026,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008.04.13 20:45:37 | 000,059,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008.04.13 20:45:35 | 000,030,208 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008.04.13 20:45:35 | 000,020,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008.04.13 20:45:34 | 000,015,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008.04.13 20:45:28 | 000,010,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2008.04.13 20:45:13 | 000,002,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008.04.13 20:45:09 | 000,172,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008.04.13 20:45:09 | 000,056,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008.04.13 20:45:07 | 000,006,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008.04.13 20:45:01 | 000,052,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008.04.13 20:44:40 | 000,020,992 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vga.sys -- (VgaSave)
DRV - [2008.04.13 20:40:58 | 000,042,112 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008.04.13 20:40:49 | 000,019,712 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008.04.13 20:40:48 | 000,011,392 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008.04.13 20:40:47 | 000,036,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008.04.13 20:40:46 | 000,062,976 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008.04.13 20:40:30 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008.04.13 20:40:25 | 000,027,392 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008.04.13 20:40:25 | 000,020,480 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008.04.13 20:39:53 | 000,004,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008.04.13 20:39:52 | 000,007,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008.04.13 20:39:51 | 000,004,992 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008.04.13 20:39:50 | 000,005,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008.04.13 20:39:46 | 000,384,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008.04.13 20:39:46 | 000,206,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dot4.sys -- (dot4)
DRV - [2008.04.13 20:39:46 | 000,042,368 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008.04.13 20:36:46 | 000,015,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008.04.13 20:32:59 | 000,129,792 | ---- | M] () [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008.04.13 20:32:51 | 000,196,224 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008.04.13 20:32:44 | 000,180,608 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008.04.13 20:32:39 | 000,030,848 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008.04.13 20:32:39 | 000,019,072 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008.04.13 20:32:36 | 000,066,048 | ---- | M] () [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008.04.13 19:45:12 | 000,060,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2008.04.13 18:39:23 | 000,142,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008.03.27 16:27:46 | 000,503,008 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000)
DRV - [2008.01.23 10:19:44 | 000,501,560 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2007.03.16 11:11:38 | 000,012,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007.03.16 11:11:38 | 000,012,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006.11.02 07:00:08 | 000,039,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006.10.18 20:00:00 | 000,038,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006.09.28 19:00:34 | 000,082,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006.09.28 18:55:50 | 000,077,568 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2005.11.16 16:36:00 | 001,047,816 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.07.07 08:14:30 | 001,389,056 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2005.01.10 10:15:30 | 000,106,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005.01.10 10:15:24 | 000,138,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004.08.04 05:00:00 | 000,126,336 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2004.08.04 05:00:00 | 000,032,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004.08.04 05:00:00 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004.08.04 05:00:00 | 000,018,688 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004.08.04 05:00:00 | 000,016,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004.08.04 05:00:00 | 000,013,952 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004.08.04 05:00:00 | 000,012,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004.08.04 05:00:00 | 000,012,160 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004.08.04 05:00:00 | 000,008,832 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004.08.04 05:00:00 | 000,007,936 | ---- | M] () [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2004.08.04 05:00:00 | 000,007,040 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004.08.04 05:00:00 | 000,005,888 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004.08.04 05:00:00 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004.08.04 05:00:00 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004.08.04 05:00:00 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004.08.04 05:00:00 | 000,002,944 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2001.08.18 05:30:42 | 000,003,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001.08.18 05:26:32 | 000,023,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dot4usb.sys -- (dot4usb)
DRV - [2001.08.18 05:22:44 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001.08.17 14:59:44 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001.08.17 14:47:32 | 000,012,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dot4Prt.sys -- (Dot4Print)
DRV - [2001.08.17 14:47:32 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dot4scan.sys -- (Dot4Scan)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.at/
IE - HKCU\..\SearchScopes,DefaultScope = {724213E1-BA69-4120-9E25-E612B069D8A7}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{724213E1-BA69-4120-9E25-E612B069D8A7}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programme\AVG\AVG2012\Firefox4\ [2012.07.17 08:12:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.01 14:05:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Programme\AVG\AVG2012\Firefox\DoNotTrack\ [2012.07.10 00:25:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.04.07 22:22:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.29 16:13:05 | 000,000,000 | ---D | M]
[2011.04.07 22:22:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Mozilla\Extensions
[2011.04.07 22:22:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Mozilla\Firefox\Profiles\rex9n3sj.default\extensions
[2012.02.04 23:28:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.04 23:28:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012.02.04 23:28:07 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.03 20:06:04 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.03.03 20:06:04 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.03 20:06:04 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.03 20:06:04 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.03 20:06:04 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004.08.04 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programme\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [sdiagnhost] C:\Dokumente und Einstellungen\Manuel\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\790\sdiagnhost.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [BlueStacks App Player] C:\Programme\BlueStacks\HD-FrontEnd.exe (BlueStack Systems, Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Programme\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Programme\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HPAiODevice(hp officejet g series) - 2.lnk = C:\Programme\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HPAiODevice(hp officejet g series) - 3.lnk = C:\Programme\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\Manuel\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8C922C73-FFFA-45A3-B2C2-BC1E30074267} hxxp://www.sony.at/bravia/RegistrationAgent.cab (WalkmanRegistrar Object)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DC252C6-25A5-4556-B132-47730D3A699E}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Manuel\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Manuel\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.11 23:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.14 14:18:22 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Manuel\Desktop\OTL.exe
[2012.08.14 13:57:27 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Dokumente und Einstellungen\Manuel\Desktop\MinecraftSP.exe
[2012.08.07 18:56:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\hellomoto
[2012.07.17 08:12:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.14 14:18:22 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Manuel\Desktop\OTL.exe
[2012.08.14 14:17:54 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\Manuel\defogger_reenable
[2012.08.14 14:17:30 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Manuel\Desktop\Defogger.exe
[2012.08.14 14:01:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.14 14:00:07 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2012.08.14 14:00:07 | 000,000,248 | -H-- | M] () -- C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2012.08.14 13:59:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.14 13:57:28 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Dokumente und Einstellungen\Manuel\Desktop\MinecraftSP.exe
[2012.08.14 13:56:29 | 000,069,120 | ---- | M] () -- C:\WINDOWS\System32\drivers\47c3aec7a2248159.sys
[2012.08.14 13:51:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.08.14 13:48:13 | 103,775,409 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012.08.08 15:23:46 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Manuel\Desktop\Microsoft Office Word 2003.lnk
[2012.08.07 18:26:09 | 000,190,237 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012.07.17 08:12:32 | 000,000,698 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2012.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.14 14:17:46 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\Manuel\defogger_reenable
[2012.08.14 14:17:29 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Manuel\Desktop\Defogger.exe
[2012.08.14 13:56:29 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\47c3aec7a2248159.sys
[2012.05.20 19:43:42 | 000,179,632 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.04.19 04:50:26 | 000,024,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2012.04.01 14:04:28 | 000,045,648 | ---- | C] () -- C:\WINDOWS\System32\drivers\PxHelp20.sys
[2012.03.19 17:37:55 | 000,000,075 | RHS- | C] () -- C:\WINDOWS\ICMET20.BIN
[2012.03.19 17:21:10 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2012.03.02 21:53:46 | 000,012,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\LBeepKE.sys
[2012.02.28 13:21:03 | 000,000,052 | ---- | C] () -- C:\WINDOWS\cddabase.ini
[2012.02.16 14:59:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.27 22:29:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.01.27 21:47:44 | 000,242,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012.01.06 14:42:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Videodeluxe.INI
[2012.01.06 14:42:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\ACEDRV06.sys
[2012.01.06 14:21:14 | 000,006,768 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2011.12.27 21:55:06 | 000,020,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2011.12.27 20:40:15 | 000,181,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssudmdm.sys
[2011.12.27 20:40:14 | 000,078,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2011.12.27 16:40:05 | 000,005,816 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2011.12.27 16:14:47 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2011.12.27 16:07:32 | 000,012,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\Dot4Prt.sys
[2011.12.27 16:07:20 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\Dot4scan.sys
[2011.12.27 16:07:14 | 000,206,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\Dot4.sys
[2011.12.27 16:07:14 | 000,023,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\Dot4usb.sys
[2011.12.23 13:32:08 | 000,017,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[2011.12.23 13:32:06 | 000,024,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgidsfilterx.sys
[2011.12.23 13:32:00 | 000,139,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys
[2011.10.29 16:43:33 | 000,060,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2011.10.22 21:43:05 | 000,119,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvhda32.sys
[2011.10.22 21:42:56 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.10.22 10:22:42 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.10.21 20:18:29 | 000,051,186 | ---- | C] () -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\room_v3.dat
[2011.10.07 07:23:48 | 000,235,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2011.09.13 07:30:10 | 000,031,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2011.09.02 08:31:28 | 000,039,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\LMouFilt.Sys
[2011.09.02 08:31:28 | 000,030,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\LUsbFilt.sys
[2011.09.02 08:31:20 | 000,041,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\LHidFilt.Sys
[2011.07.11 02:14:38 | 000,301,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2011.06.14 22:36:12 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011.06.14 22:36:11 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011.05.18 22:47:04 | 001,703,154 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-484763869-152049171-725345543-1003-0.dat
[2011.05.18 22:47:03 | 000,295,650 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.04.27 15:19:32 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011.04.27 14:19:30 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.04.27 14:19:30 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.04.27 14:19:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.04.27 14:19:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.04.07 22:22:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.04.01 14:54:58 | 000,000,152 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2011.04.01 14:54:13 | 000,000,016 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2011.04.01 14:45:54 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.04.01 14:42:19 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2011.04.01 14:42:06 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2011.04.01 14:41:59 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2011.03.19 20:28:38 | 000,015,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbscan.sys
[2011.03.19 20:16:20 | 000,009,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Manuel\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.18 19:19:12 | 000,090,518 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2011.03.16 21:43:08 | 000,025,471 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011.03.16 21:43:08 | 000,022,271 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011.03.16 21:43:08 | 000,011,935 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011.03.16 21:43:08 | 000,011,871 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011.03.16 21:43:08 | 000,011,807 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011.03.16 21:43:08 | 000,011,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011.03.16 21:43:06 | 000,404,990 | ---- | C] () -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011.03.16 21:43:06 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011.03.16 21:43:06 | 000,129,535 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011.03.16 21:43:06 | 000,095,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011.03.16 21:43:06 | 000,013,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\recagent.sys
[2011.03.16 21:43:06 | 000,013,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011.03.16 21:43:05 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011.03.16 21:43:05 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011.03.16 21:43:05 | 000,180,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011.03.16 21:43:05 | 000,126,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011.03.16 21:43:04 | 000,011,868 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdmxsdk.sys
[2011.03.16 21:43:02 | 001,041,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2011.03.16 21:43:02 | 000,685,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2011.03.16 21:43:02 | 000,220,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2011.03.16 21:42:12 | 000,701,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2011.03.16 21:42:12 | 000,327,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011.03.16 21:42:12 | 000,104,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011.03.16 21:42:12 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011.03.16 21:42:12 | 000,063,663 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011.03.16 21:42:12 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011.03.16 21:42:12 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011.03.16 21:42:12 | 000,056,623 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011.03.16 21:42:12 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011.03.16 21:42:12 | 000,036,463 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011.03.16 21:42:12 | 000,034,735 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011.03.16 21:42:12 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011.03.16 21:42:12 | 000,030,671 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011.03.16 21:42:12 | 000,029,455 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011.03.16 21:42:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011.03.16 21:42:12 | 000,026,367 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011.03.16 21:42:12 | 000,021,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011.03.16 21:42:12 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011.03.16 21:42:12 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011.03.16 21:42:12 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011.03.16 21:42:12 | 000,012,047 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011.03.16 21:42:12 | 000,011,615 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011.03.16 21:04:44 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\splitter.sys
[2011.03.16 21:04:42 | 000,083,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2011.03.16 21:04:39 | 000,052,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmusic.sys
[2011.03.16 21:04:35 | 000,056,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmidi.sys
[2011.03.16 21:04:33 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\aec.sys
[2011.03.16 21:04:31 | 000,172,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmixer.sys
[2011.03.16 21:04:30 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2011.03.16 21:04:28 | 000,060,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2011.03.16 21:04:26 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2011.03.16 21:04:24 | 000,004,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspqm.sys
[2011.03.16 21:04:22 | 000,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspclock.sys
[2011.03.16 20:57:04 | 000,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2011.03.16 20:57:04 | 000,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2011.03.16 20:40:41 | 000,060,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\drmk.sys
[2011.03.16 20:40:20 | 001,047,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sthda.sys
[2011.03.16 19:47:35 | 000,273,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthport.sys
[2011.03.16 19:43:02 | 000,012,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\TBPanel.sys
[2011.03.16 19:33:43 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.03.16 19:31:42 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.03.16 19:31:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.03.12 20:17:39 | 000,180,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\e1e5132.sys
[2011.03.12 20:17:00 | 000,026,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbstor.sys
[2011.03.11 23:17:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.03.11 23:12:36 | 000,129,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2011.03.11 23:12:35 | 000,073,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sr.sys
[2011.03.11 23:12:34 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\mnmdd.dll
[2011.03.11 23:11:50 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.03.11 23:10:31 | 000,139,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2011.03.11 23:10:31 | 000,021,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2011.03.11 23:10:31 | 000,012,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2011.03.11 23:10:15 | 000,196,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2011.03.11 23:10:15 | 000,040,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\termdd.sys
[2011.03.11 23:07:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\audstub.sys
[2011.03.11 23:07:17 | 000,057,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\redbook.sys
[2011.03.11 23:04:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.03.11 23:04:36 | 000,006,144 | R--- | C] () -- C:\WINDOWS\System32\kbdtuq.dll
[2011.03.11 23:04:36 | 000,006,144 | R--- | C] () -- C:\WINDOWS\System32\kbdtuf.dll
[2011.03.11 23:04:36 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdazel.dll
[2011.03.11 23:04:34 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbduzb.dll
[2011.03.11 23:04:34 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdtat.dll
[2011.03.11 23:04:34 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdmon.dll
[2011.03.11 23:04:34 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdkyr.dll
[2011.03.11 23:04:34 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdaze.dll
[2011.03.11 23:04:33 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdycc.dll
[2011.03.11 23:04:33 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdur.dll
[2011.03.11 23:04:33 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdru1.dll
[2011.03.11 23:04:33 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdru.dll
[2011.03.11 23:04:33 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdkaz.dll
[2011.03.11 23:04:33 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdbu.dll
[2011.03.11 23:04:33 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdblr.dll
[2011.03.11 23:04:31 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\kbdhept.dll
[2011.03.11 23:04:31 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdhela3.dll
[2011.03.11 23:04:31 | 000,006,144 | R--- | C] () -- C:\WINDOWS\System32\kbdhela2.dll
[2011.03.11 23:04:31 | 000,006,144 | R--- | C] () -- C:\WINDOWS\System32\kbdgkl.dll
[2011.03.11 23:04:31 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdhe319.dll
[2011.03.11 23:04:31 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdhe220.dll
[2011.03.11 23:04:31 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdhe.dll
[2011.03.11 23:04:30 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdlt1.dll
[2011.03.11 23:04:30 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdlt.dll
[2011.03.11 23:04:29 | 000,006,144 | R--- | C] () -- C:\WINDOWS\System32\kbdlv1.dll
[2011.03.11 23:04:29 | 000,006,144 | R--- | C] () -- C:\WINDOWS\System32\kbdlv.dll
[2011.03.11 23:04:29 | 000,006,144 | R--- | C] () -- C:\WINDOWS\System32\kbdest.dll
[2011.03.11 23:04:27 | 000,007,168 | R--- | C] () -- C:\WINDOWS\System32\kbdcz.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdycl.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdsl1.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdsl.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdpl.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdhu.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdcz2.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdcz1.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\kbdcr.dll
[2011.03.11 23:04:27 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\KBDAL.DLL
[2011.03.11 23:04:27 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdro.dll
[2011.03.11 23:04:27 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdpl1.dll
[2011.03.11 23:04:27 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\kbdhu1.dll
[2011.03.11 23:04:22 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\irenum.sys
[2011.03.11 23:03:29 | 000,308,400 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.12 09:22:16 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011.01.12 09:22:16 | 000,007,282 | ---- | C] () -- C:\WINDOWS\cadx2.ini
========== LOP Check ==========
[2012.08.14 14:01:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2012
[2012.04.28 21:27:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BlueStacks
[2012.02.04 20:29:29 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2011.12.27 23:10:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2011.10.22 19:42:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverBoost
[2011.10.22 18:53:26 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DSS
[2011.04.28 20:36:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\m2backup
[2012.03.19 17:46:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2012.08.14 13:48:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2011.04.28 20:37:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2011.10.22 10:20:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2011.12.27 21:54:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2011.10.22 19:42:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UAB
[2011.04.28 20:34:05 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{39850DC2-6343-4AE6-BC4C-63494A9C369F}
[2011.04.28 20:36:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{4843418D-E3A6-4662-842A-857DF0C650FB}
[2011.04.28 20:36:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{7FDC9DDA-8828-4A49-A615-2E0A4EE0F0E2}
[2012.02.04 22:25:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{B49A644A-1076-4A3D-B124-DAA7862F2318}
[2011.03.12 19:59:11 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{DEC678D1-B2BE-43DD-B123-21503011D8C9}
[2012.02.04 20:33:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\AVG2012
[2012.02.04 19:29:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\DAEMON Tools Lite
[2012.04.01 14:48:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\DDMSettings
[2012.08.14 14:01:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Dropbox
[2012.02.04 21:25:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\FKRMonitor
[2012.08.07 18:56:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\hellomoto
[2012.03.02 21:56:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Leadertech
[2011.10.22 18:37:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Lionhead Studios
[2012.03.19 17:47:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\MAGIX
[2011.04.28 20:36:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\mquadr.at
[2011.12.27 21:54:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Samsung
[2012.05.18 20:41:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\TS3Client
[2012.08.14 14:25:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\uTorrent
[2012.08.14 14:00:07 | 000,000,248 | -H-- | M] () -- C:\WINDOWS\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2012.08.14 14:00:07 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
========== Purity Check ==========
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 14.08.2012 14:18:47 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Dokumente und Einstellungen\Manuel\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,58% Memory free
3,85 Gb Paging File | 3,09 Gb Available in Paging File | 80,30% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,82 Gb Total Space | 107,09 Gb Free Space | 46,00% Space Free | Partition Type: NTFS
Computer Name: 6E10CBE9A3034EC | User Name: Manuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"6112:TCP" = 6112:TCP:*:Enabled:bnet
"6112:UDP" = 6112:UDP:*:Enabled:bnet2
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Garena\Garena.exe" = C:\Programme\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programme\Microsoft Games\Fable III\Fable3.exe" = C:\Programme\Microsoft Games\Fable III\Fable3.exe:*:Enabled:Fable III -- (Lionhead Studios Limited)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Steam\SteamApps\common\portal 2\portal2.exe" = C:\Programme\Steam\SteamApps\common\portal 2\portal2.exe:*:Enabled:Portal 2 -- ()
"C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Manuel\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Dokumente und Einstellungen\Manuel\Eigene Dateien\Games\Warcraft III\G Proxy\gproxy.exe" = C:\Dokumente und Einstellungen\Manuel\Eigene Dateien\Games\Warcraft III\G Proxy\gproxy.exe:*:Enabled:gproxy -- ()
"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"H:\Eigene Dateien\Games\Warcraft III\G Proxy\gproxy.exe" = H:\Eigene Dateien\Games\Warcraft III\G Proxy\gproxy.exe:*:Enabled:gproxy
"C:\Programme\Microsoft Games\Zoo Tycoon 2\zt.exe" = C:\Programme\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable -- (Microsoft Corporation)
"I:\Eigene Dateien\Games\Warcraft III\G Proxy\gproxy.exe" = I:\Eigene Dateien\Games\Warcraft III\G Proxy\gproxy.exe:*:Enabled:gproxy
"C:\Programme\Steam\SteamApps\air_kill\counter-strike source\hl2.exe" = C:\Programme\Steam\SteamApps\air_kill\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Programme\Telekom Austria\Controller\aonController.exe" = C:\Programme\Telekom Austria\Controller\aonController.exe:*:Enabled:Controller -- (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
"C:\Programme\Telekom Austria\Breitband-Internet-Installation\fixnet installer\Installer.exe" = C:\Programme\Telekom Austria\Breitband-Internet-Installation\fixnet installer\Installer.exe:*:Enabled:Breitband-Internet-Installation -- (mquadr.at software engineering & consulting GmbH - Web: hxxp://www.mquadr.at - Mail: office@mquadr.at)
"C:\Boot-TFTP\tftpd32.exe" = C:\Boot-TFTP\tftpd32.exe:*:Enabled:TFTP server -- (Ph. Jounin)
"H:\Upgrade_Wizard_2010\HIW\stInstall.exe" = H:\Upgrade_Wizard_2010\HIW\stInstall.exe:*:Enabled:Thomson Home Install Wizard
"C:\Dokumente und Einstellungen\Manuel\Lokale Einstellungen\Temp\HIW\stInstall.exe" = C:\Dokumente und Einstellungen\Manuel\Lokale Einstellungen\Temp\HIW\stInstall.exe:*:Enabled:Thomson Home Install Wizard -- (THOMSON Telecom Belgium)
"C:\Programme\AVG\AVG2012\avgmfapx.exe" = C:\Programme\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG-Installationsprogramm -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG2012\avgnsx.exe" = C:\Programme\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG2012\avgdiagex.exe" = C:\Programme\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnose 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG2012\avgemcx.exe" = C:\Programme\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal eMail-Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2BA09774-34F7-4A06-8C7E-B69E44CB9EB0}" = DriverBoost
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4767A89A-F6A5-41B1-903C-734483739882}" = Breitband-Internet-Installation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000028301}" = Fable III
"{580EC579-E476-469F-9EBF-F82D696FC67A}" = iClone SE
"{5E0C9350-250A-45B1-B77A-C18F27E256FE}" = Roxio WinOnCD 6 Power Edition
"{6B7FB3C4-E71B-478D-9E15-5AE97EAD67B8}" = aonFTP
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84A0E102-00FD-4E84-A40A-F02E9A7FEBD6}" = BlueStacks (beta-1)
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904B64C4-49D8-4941-A2B6-D13D06C5CD8B}" = Controller
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7B4C7E0-078F-42D6-90B2-001400795416}" = NWZ-S750 WALKMAN Guide
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E9132E61-295C-4377-AF36-CDBE771B7F2D}" = O&O DiskRecovery
"{EA4FA30B-7321-4428-90E9-28B088EC8DC9}" = Runtime 8.0 Libraries
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop 5.5" = Adobe Photoshop 5.5
"aonFTP" = aonFTP
"aonUpdate" = aonUpdate
"Audacity_is1" = Audacity 1.2.6
"AVG" = AVG 2012
"Breitband-Internet-Installation" = Breitband-Internet-Installation
"CCleaner" = CCleaner
"Controller" = Controller
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Everest Poker.net" = Everest Poker.net (Remove Only)
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Fraps" = Fraps
"Garena" = Garena 2010
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"hp officejet g series 1324996803" = hp officejet g series
"hp officejet g series 1329935795" = hp officejet g series - 2
"hp officejet g series 1333559900" = hp officejet g series - 3
"ie8" = Windows Internet Explorer 8
"iLivid" = iLivid
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Keycraft" = Keycraft (remove only)
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"MAGIX Foto Manager 2006 D" = MAGIX Foto Manager 2006 (D)
"MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D)
"MAGIX Fotobuch" = MAGIX Fotobuch 3.6
"MAGIX Goya burnR D" = MAGIX Goya burnR 1.3.1.3 (D)
"MAGIX Music Manager 2006 D" = MAGIX Music Manager 2006 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"MAGIX Video deluxe 2006 2007 PLUS D" = MAGIX Video deluxe 2006 2007 PLUS (D)
"MAGIX Video deluxe 2008 PLUS D" = MAGIX Video deluxe 2008 PLUS 7.5.2.10 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.24.0 (D)
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mufin MusicFinder Base D" = Mufin MusicFinder Base 1.5.3.250 (D)
"MySSID_is1" = EXPERTool 7.16
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROSet" = Intel(R) PRO Network Connections Drivers
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"sp6" = Logitech SetPoint 6.32
"Steam App 240" = Counter-Strike: Source
"Steam App 620" = Portal 2
"SyncBack_is1" = SyncBack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Ulead SmartSaver Pro 3.0" = Ulead SmartSaver Pro 3.0 Trial Version
"uTorrent" = µTorrent
"VLC media player" = VLC media player 0.9.8a
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zoo Tycoon 2" = Zoo Tycoon 2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"OnlineFestplatte" = aon Online Festplatte (entfernen)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.01.2012 18:54:28 | Computer Name = 6E10CBE9A3034EC | Source = ESENT | ID = 490
Description = svchost (1148) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 27.01.2012 15:53:48 | Computer Name = 6E10CBE9A3034EC | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung msiexec.exe, Version 3.1.4001.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 28.01.2012 05:33:18 | Computer Name = 6E10CBE9A3034EC | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{fe96a742-4c22-11e0-af04-806d6172696f},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 28.01.2012 05:33:18 | Computer Name = 6E10CBE9A3034EC | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{fe96a743-4c22-11e0-af04-806d6172696f},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 28.01.2012 05:33:18 | Computer Name = 6E10CBE9A3034EC | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{560059bb-491d-11e1-b026-0013722541d1},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 28.01.2012 05:33:41 | Computer Name = 6E10CBE9A3034EC | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager"
aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert
in 0x800423f3) fehlgeschlagen.
Error - 28.01.2012 05:48:23 | Computer Name = 6E10CBE9A3034EC | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{fe96a742-4c22-11e0-af04-806d6172696f},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 28.01.2012 05:48:23 | Computer Name = 6E10CBE9A3034EC | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{fe96a743-4c22-11e0-af04-806d6172696f},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 28.01.2012 05:48:23 | Computer Name = 6E10CBE9A3034EC | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{560059bb-491d-11e1-b026-0013722541d1},0xc0000000,0x00000003,...)".
hr = 0x80070005.
Error - 28.01.2012 05:48:49 | Computer Name = 6E10CBE9A3034EC | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager"
aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert
in 0x800423f3) fehlgeschlagen.
[ System Events ]
Error - 14.08.2012 07:58:11 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7028
Description = Der Registrierungsschlüssel "wuauserv" hat den Zugriff für SYSTEM-Kontoprogramme
verweigert. Der Dienststeuerungs-Manager hat daher den Besitz des Registrierungsschlüssels
übernommen.
Error - 14.08.2012 07:58:11 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7028
Description = Der Registrierungsschlüssel "syshost32" hat den Zugriff für SYSTEM-Kontoprogramme
verweigert. Der Dienststeuerungs-Manager hat daher den Besitz des Registrierungsschlüssels
übernommen.
Error - 14.08.2012 07:58:11 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7028
Description = Der Registrierungsschlüssel "syshost32" hat den Zugriff für SYSTEM-Kontoprogramme
verweigert. Der Dienststeuerungs-Manager hat daher den Besitz des Registrierungsschlüssels
übernommen.
Error - 14.08.2012 07:58:11 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7028
Description = Der Registrierungsschlüssel "syshost32" hat den Zugriff für SYSTEM-Kontoprogramme
verweigert. Der Dienststeuerungs-Manager hat daher den Besitz des Registrierungsschlüssels
übernommen.
Error - 14.08.2012 07:58:11 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7028
Description = Der Registrierungsschlüssel "syshost32" hat den Zugriff für SYSTEM-Kontoprogramme
verweigert. Der Dienststeuerungs-Manager hat daher den Besitz des Registrierungsschlüssels
übernommen.
Error - 14.08.2012 07:58:11 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7028
Description = Der Registrierungsschlüssel "syshost32" hat den Zugriff für SYSTEM-Kontoprogramme
verweigert. Der Dienststeuerungs-Manager hat daher den Besitz des Registrierungsschlüssels
übernommen.
Error - 14.08.2012 08:00:33 | Computer Name = 6E10CBE9A3034EC | Source = sr | ID = 1
Description =
Error - 14.08.2012 08:01:24 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "SSHNAS" wurde mit folgendem Fehler beendet: %%126
Error - 14.08.2012 08:01:35 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Avgmfx86 sptd
Error - 14.08.2012 08:01:44 | Computer Name = 6E10CBE9A3034EC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler
beendet: %%1064
< End of report >
--- --- ---GMER Logfile: Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-14 15:14:59
Windows 5.1.2600 Service Pack 3
Running: lek8225r.exe
---- Services - GMER 1.0.15 ----
Service C:\WINDOWS\System32\Drivers\47c3aec7a2248159.sys (*** hidden *** ) [BOOT] 47c3aec7a2248159 <-- ROOTKIT !!!
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\47c3aec7a2248159@ImagePath \SystemRoot\System32\Drivers\47c3aec7a2248159.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\47c3aec7a2248159@Group Boot Bus Extender
Reg HKLM\SYSTEM\CurrentControlSet\Services\47c3aec7a2248159@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\47c3aec7a2248159@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\47c3aec7a2248159@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\47c3aec7a2248159@Tag 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\47c3aec7a2248159@DisplayName syshost.exe
Reg HKLM\SYSTEM\ControlSet003\Services\47c3aec7a2248159@ImagePath \SystemRoot\System32\Drivers\47c3aec7a2248159.sys
Reg HKLM\SYSTEM\ControlSet003\Services\47c3aec7a2248159@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet003\Services\47c3aec7a2248159@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet003\Services\47c3aec7a2248159@Type 1
Reg HKLM\SYSTEM\ControlSet003\Services\47c3aec7a2248159@Start 0
Reg HKLM\SYSTEM\ControlSet003\Services\47c3aec7a2248159@Tag 1
Reg HKLM\SYSTEM\ControlSet003\Services\47c3aec7a2248159@DisplayName syshost.exe
---- EOF - GMER 1.0.15 ----
--- --- ---
Danke im Voraus
Manuel |
