Trojaner-Board - TR/BHO.Zwangi/321

Code:

Logfile of random's system information tool 1.06 (written by random/random)

Run by *** at 2010-05-21 14:33:58

Microsoft Windows 7 Home Premium  Service Pack 3

System drive C: has 169 GB (71%) free of 238 GB

Total RAM: 2047 MB (56% free)
 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:19:45, on 21.05.2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal
 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Users\***\AppData\Local\Apps\2.0\WZPPD0EK.P2B\DRB0OTRT.AXE\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe

C:\Program Files\trend micro\***.exe

C:\Users\***\Desktop\RSIT.exe
 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.myheritage.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.myheritage.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Celebrity Toolbar\tbhelper.dll

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Celebrity Toolbar\tbcore3.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SEARCH~1\SPYBOT~1\SDHelper.dll

O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: MyHeritage New Tab - {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: Celebrity Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Celebrity Toolbar\tbcore3.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')

O4 - Startup: CurseClientStartup.ccip

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: RF - Formular ausfüllen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: RF - Formular speichern - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: RF - Menü anpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SEARCH~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SEARCH~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix: 

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{592B6B2C-EA66-4124-9DDB-0A5459BA3474}: NameServer = 213.191.92.87 62.109.123.6

O18 - Protocol: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Search&Destroy\Spybot - Search & Destroy\SDWinSec.exe
 

--

End of file - 9245 bytes
 

======Registry dump======
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]

MHTBPos00 Class - C:\Program Files\Celebrity Toolbar\tbcore3.dll [2009-05-07 2642432]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~1\SEARCH~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]

C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2010-05-09 6021696]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2009-11-03 556432]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E}]

CMySite Class - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll [2010-02-18 221184]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]

SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - Celebrity Toolbar - C:\Program Files\Celebrity Toolbar\tbcore3.dll [2009-05-07 2642432]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2010-05-09 6021696]
 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-09-27 83312]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]

"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2010-05-09 160328]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lion]

C:\Program Files\Lion\Lion.exe []
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

C:\Program Files\Search&Destroy\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

C:\PROGRA~1\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE []
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OOo-dev 3.3.lnk]

C:\PROGRA~1\OOO-DE~1\program\QUICKS~1.EXE [2010-01-06 384000]
 

C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

CurseClientStartup.ccip
 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1
 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91e772ea-f92b-11de-8998-806e6f6e6963}]

shell\AutoRun\command - D:\pcwstart.exe
 
 

======File associations======
 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*
 

======List of files/folders created in the last 1 months======
 

2010-05-20 11:20:53 ----SHD---- C:\Config.Msi

2010-05-19 20:14:41 ----A---- C:\mbam-error.txt

2010-05-13 11:20:10 ----A---- C:\Windows\system32\inetcomm.dll

2010-05-12 20:08:58 ----D---- C:\Program Files\TeamSpeak 3 Client

2010-05-12 20:04:44 ----D---- C:\ProgramData\boost_interprocess

2010-05-09 21:56:47 ----D---- C:\ProgramData\RoboForm

2010-05-09 21:56:34 ----D---- C:\Program Files\Siber Systems

2010-05-09 18:20:04 ----D---- C:\.jagex_cache_32

2010-05-08 14:42:12 ----D---- C:\Program Files\S.A.D

2010-05-06 15:47:06 ----D---- C:\ProgramData\Yahoo! Companion

2010-05-06 15:46:07 ----D---- C:\Windows\pss

2010-05-06 15:17:22 ----D---- C:\Windows\system32\Futuremark

2010-05-06 15:17:22 ----D---- C:\Program Files\Common Files\Futuremark Shared

2010-05-06 15:15:44 ----D---- C:\Program Files\Futuremark

2010-05-06 15:15:28 ----D---- C:\Windows\system32\AGEIA

2010-05-06 15:15:27 ----D---- C:\Program Files\AGEIA Technologies

2010-05-06 15:14:59 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2010-05-06 15:14:57 ----A---- C:\Windows\system32\XAudio2_0.dll

2010-05-06 15:14:57 ----A---- C:\Windows\system32\xactengine3_0.dll

2010-05-06 15:14:57 ----A---- C:\Windows\system32\X3DAudio1_3.dll

2010-05-06 15:14:57 ----A---- C:\Windows\system32\d3dx10_37.dll

2010-05-06 15:14:57 ----A---- C:\Windows\system32\D3DCompiler_37.dll

2010-05-06 15:14:56 ----A---- C:\Windows\system32\xactengine2_9.dll

2010-05-06 15:14:56 ----A---- C:\Windows\system32\xactengine2_10.dll

2010-05-06 15:14:56 ----A---- C:\Windows\system32\D3DX9_37.dll

2010-05-06 15:14:56 ----A---- C:\Windows\system32\d3dx9_36.dll

2010-05-06 15:14:56 ----A---- C:\Windows\system32\d3dx10_36.dll

2010-05-06 15:14:56 ----A---- C:\Windows\system32\d3dx10_35.dll

2010-05-06 15:14:56 ----A---- C:\Windows\system32\D3DCompiler_36.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\xinput1_3.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\xactengine2_8.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\xactengine2_7.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\X3DAudio1_2.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\d3dx9_35.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\d3dx9_34.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\d3dx10_34.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\d3dx10_33.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\D3DCompiler_35.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\D3DCompiler_34.dll

2010-05-06 15:14:55 ----A---- C:\Windows\system32\D3DCompiler_33.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\xinput1_2.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\xactengine2_6.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\xactengine2_5.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\xactengine2_4.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\xactengine2_3.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\x3daudio1_1.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\d3dx9_33.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\d3dx9_32.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\d3dx9_31.dll

2010-05-06 15:14:54 ----A---- C:\Windows\system32\d3dx10.dll

2010-05-06 15:14:53 ----A---- C:\Windows\system32\xinput1_1.dll

2010-05-06 15:14:53 ----A---- C:\Windows\system32\xactengine2_2.dll

2010-05-06 15:14:53 ----A---- C:\Windows\system32\xactengine2_1.dll

2010-05-06 15:14:49 ----A---- C:\Windows\system32\xactengine2_0.dll

2010-05-06 15:14:49 ----A---- C:\Windows\system32\x3daudio1_0.dll

2010-05-06 15:14:49 ----A---- C:\Windows\system32\d3dx9_30.dll

2010-05-06 15:14:49 ----A---- C:\Windows\system32\d3dx9_29.dll

2010-05-06 15:14:49 ----A---- C:\Windows\system32\d3dx9_28.dll

2010-05-06 15:14:48 ----A---- C:\Windows\system32\d3dx9_27.dll

2010-05-06 15:14:48 ----A---- C:\Windows\system32\d3dx9_26.dll

2010-05-06 15:14:48 ----A---- C:\Windows\system32\d3dx9_25.dll

2010-05-06 15:14:48 ----A---- C:\Windows\system32\d3dx9_24.dll

2010-05-06 15:14:25 ----HD---- C:\Program Files\InstallShield Installation Information

2010-05-06 15:14:02 ----D---- C:\Users\***\AppData\Roaming\InstallShield

2010-05-06 15:06:45 ----D---- C:\ProgramData\expLauncher

2010-04-30 17:06:00 ----D---- C:\ProgramData\McAfee

2010-04-28 15:20:55 ----A---- C:\Windows\system32\shell32.dll

2010-04-28 15:20:55 ----A---- C:\Windows\system32\lsasrv.dll

2010-04-24 22:50:36 ----D---- C:\Program Files\Common Files\Adobe

2010-04-24 22:50:36 ----D---- C:\Program Files\Adobe

2010-04-24 22:49:08 ----D---- C:\Users\***\AppData\Roaming\Google

2010-04-24 22:48:32 ----D---- C:\ProgramData\Google

2010-04-24 22:48:32 ----D---- C:\Program Files\Google
 

======List of files/folders modified in the last 1 months======
 

2010-05-21 14:34:02 ----D---- C:\Windows\Temp

2010-05-21 14:33:23 ----D---- C:\Program Files\Trend Micro

2010-05-21 14:19:45 ----D---- C:\rsit

2010-05-21 14:10:31 ----D---- C:\Windows\Prefetch

2010-05-21 13:21:30 ----D---- C:\Windows\system32\config

2010-05-21 12:19:56 ----SHD---- C:\System Volume Information

2010-05-21 10:58:08 ----D---- C:\Windows\System32

2010-05-21 10:58:08 ----D---- C:\Windows\inf

2010-05-21 10:58:08 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-05-21 10:54:37 ----D---- C:\Windows\tracing

2010-05-20 11:27:30 ----D---- C:\Windows

2010-05-20 11:21:05 ----SHD---- C:\Windows\Installer

2010-05-20 11:19:22 ----D---- C:\ProgramData\Spybot - Search & Destroy

2010-05-19 20:14:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-05-19 20:14:35 ----D---- C:\Windows\system32\drivers

2010-05-18 11:41:50 ----D---- C:\Windows\system32\catroot2

2010-05-16 12:39:27 ----D---- C:\Windows\debug

2010-05-13 14:05:58 ----D---- C:\Program Files\Windows Mail

2010-05-13 12:15:06 ----D---- C:\Windows\Tasks

2010-05-13 12:15:06 ----D---- C:\Windows\system32\wfp

2010-05-13 12:15:06 ----D---- C:\Windows\system32\wbem

2010-05-13 12:15:06 ----D---- C:\Windows\system32\Tasks

2010-05-13 12:15:06 ----D---- C:\Windows\system32\DriverStore

2010-05-13 12:15:05 ----D---- C:\Windows\system32\CodeIntegrity

2010-05-13 12:15:05 ----D---- C:\Users\***\AppData\Roaming\TS3Client

2010-05-13 12:15:03 ----D---- C:\Windows\registration

2010-05-13 12:14:57 ----RD---- C:\Program Files

2010-05-13 12:14:57 ----HD---- C:\ProgramData

2010-05-12 11:21:16 ----N---- C:\Windows\system32\MpSigStub.exe

2010-05-12 10:04:01 ----D---- C:\Windows\system32\catroot

2010-05-12 10:03:59 ----D---- C:\Windows\winsxs

2010-05-06 15:58:49 ----D---- C:\ProgramData\WinZip

2010-05-06 15:58:12 ----D---- C:\Program Files\Common Files\DVDVideoSoft

2010-05-06 15:47:05 ----D---- C:\Program Files\Yahoo!

2010-05-06 15:47:02 ----D---- C:\Program Files\CCleaner

2010-05-06 15:17:22 ----D---- C:\Program Files\Common Files

2010-05-06 15:14:53 ----RSD---- C:\Windows\assembly

2010-05-06 15:14:50 ----D---- C:\Windows\Microsoft.NET

2010-04-30 21:05:02 ----D---- C:\Windows\Downloaded Program Files

2010-04-30 20:51:06 ----A---- C:\Windows\system32\MRT.exe

2010-04-30 17:07:12 ----D---- C:\ProgramData\Adobe
 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-07-14 35328]

R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-07-14 78336]

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]

R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-07-14 16896]

R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]

R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-07-14 74240]

R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-07-14 63488]

R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]

R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-07-14 48128]

R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-07-14 86528]

R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-07-14 586752]

R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-07-14 60928]

R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-07-14 34816]

R3 AmdK8;AMD K8-Prozessortreiber; C:\Windows\system32\DRIVERS\amdk8.sys [2009-07-14 55296]

R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]

R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-07-14 69632]

R3 CompositeBus;Busenumeratortreiber für Verbundgeräte; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]

R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-10-02 728648]

R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]

R3 HDAudBus;Microsoft-UAA-Bustreiber für High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-07-14 108544]

R3 HidUsb;Microsoft HID Class-Treiber; C:\Windows\system32\DRIVERS\hidusb.sys [2009-07-14 24064]

R3 kbdhid;Tastatur-HID-Treiber; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-07-14 28160]

R3 monitor;Microsoft Monitor-Klassenfunktionstreiber-Dienst; C:\Windows\system32\DRIVERS\monitor.sys [2009-07-14 23552]

R3 mouhid;Maus-HID-Treiber; C:\Windows\system32\DRIVERS\mouhid.sys [2009-07-14 26112]

R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-07-14 60416]

R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2010-02-27 221696]

R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2010-02-27 95744]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]

R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]

R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-07-14 75264]

R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-07-14 306688]

R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-12-08 113664]

R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-02-25 25216]

R3 tunnel;Microsoft-Tunnelminiport-Adaptertreiber; C:\Windows\system32\DRIVERS\tunnel.sys [2009-07-14 108544]

R3 umbus;UMBusenumerator-Treiber; C:\Windows\system32\DRIVERS\umbus.sys [2009-07-14 39936]

R3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-07-14 80640]

R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-07-14 75264]

R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\Windows\system32\DRIVERS\usbehci.sys [2009-07-14 41472]

R3 usbhub;Microsoft USB-Standardhubtreiber; C:\Windows\system32\DRIVERS\usbhub.sys [2009-07-14 258560]

R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\Windows\system32\DRIVERS\usbohci.sys [2009-07-14 20480]

R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]

S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]

S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]

S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]

S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]

S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-07-14 146512]

S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-07-14 53312]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]

S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-07-14 14912]

S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]

S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]

S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]

S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-07-14 76368]

S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]

S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-07-14 13568]

S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-07-14 5248]

S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-07-14 272128]

S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-07-14 62336]

S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-07-14 12160]

S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-07-14 11904]

S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-07-14 56320]

S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-07-14 37888]

S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]

S3 Compbatt;Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [2009-07-14 19024]

S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160]

S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]

S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-07-14 142336]

S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-07-14 28160]

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]

S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys [2009-07-14 57936]

S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624]

S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]

S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys [2009-07-14 91136]

S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-07-14 37888]

S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]

S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-07-14 332352]

S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-07-14 41040]

S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys [2009-07-14 15424]

S3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2009-07-14 53760]

S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-07-14 65536]

S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-07-14 46656]

S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-07-14 186960]

S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]

S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]

S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]

S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]

S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]

S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]

S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-07-14 130624]

S3 msahci;msahci; C:\Windows\system32\DRIVERS\msahci.sys [2009-07-14 27712]

S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-07-14 115792]

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]

S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-07-14 162896]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]

S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]

S3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-07-14 267264]

S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]

S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]

S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-07-14 105024]

S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-07-14 117312]

S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [2009-07-14 142416]

S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-07-14 62464]

S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]

S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]

S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-07-14 31744]

S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]

S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-07-14 85568]

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]

S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-07-14 19968]

S3 sffdisk;SFF-Speicherklassentreiber; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-07-14 11264]

S3 sffp_mmc;SFF-Speicherprotokolltreiber für MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-07-14 12288]

S3 sffp_sd;SFF-Speicherprotokolltreiber für SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-10-10 12800]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]

S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 40016]

S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]

S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-07-14 71168]

S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]

S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-07-14 1285712]

S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-07-14 30208]

S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-07-14 55888]

S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-07-14 57424]

S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]

S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-07-14 86016]

S3 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\DRIVERS\usbprint.sys [2009-07-14 19968]

S3 USBSTOR;USB-Massenspeichertreiber; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-07-14 74752]

S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-07-14 24064]

S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-07-14 26112]

S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]

S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]

S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-07-14 21632]

S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-07-14 19024]

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]

S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-07-14 22096]

S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2009-07-14 16384]
 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]

R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 CGVPNCliSrvc;CyberGhost VPN Client; C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2010-05-05 2398344]

R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Search&Destroy\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]

R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-07-14 1121280]

S2 clr_optimization_v4.0.30128_32;Microsoft .NET Framework NGEN v4.0.30128_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30128\mscorsvw.exe [2010-01-28 130384]

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]

S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30128\aspnet_state.exe [2010-01-28 35160]

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]

S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-07-14 557056]

S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 94720]

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42856]

S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 878416]

S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-07-14 22528]

S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]

S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-07-14 12800]

S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 204800]

S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-07-14 35840]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]

S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-07-14 452608]

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30128\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30128\WPF\WPFFontCache_v0400.exe [2010-01-28 738656]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]

S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30128\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe [2010-01-28 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30128\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe [2010-01-28 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30128\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe [2010-01-28 124240]

S4 NetTcpPortSharing;@C:\Windows\Microsoft.NET\Framework\v4.0.30128\\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe [2010-01-28 124240]
 

-----------------EOF-----------------

Code:

 

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

                        º                                    º 

                                    hjtscanlist v2.0              

                        º                                    º 

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
 

Microsoft Windows [Version 6.1.7600]

 

 

C:
 

  25.05.2010 14:42     C:\System Volume Information --------- 24576   

  25.05.2010 14:12     C:\Windows --------- 16384   

       C:\pagefile.sys ---------    

       C:\hiberfil.sys ---------    

  23.05.2010 19:12     C:\Program Files --------- 20480   

  23.05.2010 19:10     C:\ProgramData --------- 8192   

  21.05.2010 14:19     C:\rsit --------- 0   

  19.05.2010 20:14     C:\mbam-error.txt --------- 158   

  09.05.2010 18:20     C:\.jagex_cache_32 --------- 0   

  23.03.2010 16:23     C:\found.000 --------- 0   

  12.03.2010 17:29     C:\Testream --------- 0   

  08.03.2010 14:15     C:\PerfLogs --------- 0   

  07.03.2010 14:45     C:\805867644c81e52244 --------- 0   

  20.01.2010 18:29     C:\FILES --------- 0   

  15.01.2010 21:57     C:\MSOCache --------- 0   

  04.01.2010 14:28     C:\$Recycle.Bin --------- 0   

  04.01.2010 14:28     C:\Users --------- 4096   

  04.01.2010 14:27     C:\Recovery --------- 0   

  04.01.2010 14:27     C:\Programme --------- 0   

  04.01.2010 14:27     C:\Dokumente und Einstellungen --------- 0   

  04.01.2010 14:19     C:\BOOTSECT.BAK --------- 8192   

  04.01.2010 14:19     C:\Boot --------- 4096   

  14.07.2009 06:53     C:\Documents and Settings --------- 0   

  14.07.2009 03:38     C:\bootmgr --------- 383562   

  10.06.2009 23:42     C:\config.sys --------- 10   

  10.06.2009 23:42     C:\autoexec.bat --------- 24   

----------------------------------------
 

 

C:\Windows
 

  25.05.2010 15:38     C:\Windows\WindowsUpdate.log --------- 1974744   

  25.05.2010 14:12     C:\Windows\setuperr.log --------- 0   

  25.05.2010 14:12     C:\Windows\setupact.log --------- 56   

  25.05.2010 14:12     C:\Windows\bootstat.dat --------- 67584   

  15.01.2010 21:59     C:\Windows\win.ini --------- 478   

  04.01.2010 14:23     C:\Windows\ativpsrm.bin --------- 0   

  31.10.2009 07:45     C:\Windows\explorer.exe --------- 2614272   

  14.07.2009 06:41     C:\Windows\WindowsShell.Manifest --------- 749   

  14.07.2009 03:16     C:\Windows\twain_32.dll --------- 51200   

  14.07.2009 03:14     C:\Windows\write.exe --------- 9216   

  14.07.2009 03:14     C:\Windows\winhlp32.exe --------- 9728   

  14.07.2009 03:14     C:\Windows\twunk_32.exe --------- 31232   

  14.07.2009 03:14     C:\Windows\regedit.exe --------- 398336   

  14.07.2009 03:14     C:\Windows\notepad.exe --------- 179712   

  14.07.2009 03:14     C:\Windows\hh.exe --------- 15360   

  14.07.2009 03:14     C:\Windows\HelpPane.exe --------- 497152   

  14.07.2009 03:14     C:\Windows\fveupdate.exe --------- 13824   

  14.07.2009 03:14     C:\Windows\bfsvc.exe --------- 65024   

  14.07.2009 00:58     C:\Windows\mib.bin --------- 43131   

  17.06.2009 08:53     C:\Windows\atiogl.xml --------- 18333   

  10.06.2009 23:46     C:\Windows\system.ini --------- 219   

  10.06.2009 23:42     C:\Windows\_default.pif --------- 707   

  10.06.2009 23:42     C:\Windows\winhelp.exe --------- 256192   

  10.06.2009 23:41     C:\Windows\twunk_16.exe --------- 49680   

  10.06.2009 23:41     C:\Windows\twain.dll --------- 94784   

  10.06.2009 23:34     C:\Windows\WMSysPr9.prx --------- 316640   

  10.06.2009 23:19     C:\Windows\msdfmap.ini --------- 1405   

  10.06.2009 23:14     C:\Windows\Starter.xml --------- 48201   

  10.06.2009 23:14     C:\Windows\HomePremium.xml --------- 48265   

----------------------------------------
 

 

C:\Windows\System
 

 13.07.2009 23:41      C:\Windows\System\OLESVR.DLL --------- 24064 

 13.07.2009 23:41      C:\Windows\System\WFWNET.DRV --------- 12704 

 13.07.2009 23:41      C:\Windows\System\COMMDLG.DLL --------- 32816 

 13.07.2009 23:41      C:\Windows\System\TIMER.DRV --------- 4048 

 13.07.2009 23:41      C:\Windows\System\MMSYSTEM.DLL --------- 68992 

 13.07.2009 23:41      C:\Windows\System\mmtask.tsk --------- 1152 

 13.07.2009 23:41      C:\Windows\System\mouse.drv --------- 2032 

 13.07.2009 23:41      C:\Windows\System\vga.drv --------- 2176 

 13.07.2009 23:41      C:\Windows\System\sound.drv --------- 1744 

 13.07.2009 23:41      C:\Windows\System\keyboard.drv --------- 2000 

 13.07.2009 23:41      C:\Windows\System\SHELL.DLL --------- 5120 

 13.07.2009 23:41      C:\Windows\System\system.drv --------- 3360 

 10.06.2009 23:42      C:\Windows\System\ver.dll --------- 9008 

 10.06.2009 23:42      C:\Windows\System\olecli.dll --------- 82944 

 10.06.2009 23:42      C:\Windows\System\lzexpand.dll --------- 9936 

 10.06.2009 23:25      C:\Windows\System\stdole.tlb --------- 5532 

 10.06.2009 23:21      C:\Windows\System\msvideo.dll --------- 126912 

 10.06.2009 23:21      C:\Windows\System\mciwave.drv --------- 28160 

 10.06.2009 23:21      C:\Windows\System\mciseq.drv --------- 25264 

 10.06.2009 23:21      C:\Windows\System\mciavi.drv --------- 73376 

 10.06.2009 23:21      C:\Windows\System\avifile.dll --------- 109456 

 10.06.2009 23:21      C:\Windows\System\avicap.dll --------- 69584 

----------------------------------------
 

 

C:\Windows\System32
 

 25.05.2010 14:30     C:\Windows\system32\config --------- 40960  

 25.05.2010 14:20     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 13056  

 25.05.2010 14:20     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 13056  

 25.05.2010 14:12     C:\Windows\system32\Ikeext.etl --------- 65536  

 24.05.2010 17:57     C:\Windows\system32\perfc007.dat --------- 147764  

 24.05.2010 17:57     C:\Windows\system32\perfc009.dat --------- 120718  

 24.05.2010 17:57     C:\Windows\system32\perfh009.dat --------- 651890  

 24.05.2010 17:57     C:\Windows\system32\perfh007.dat --------- 696572  

 24.05.2010 17:57     C:\Windows\system32\PerfStringBackup.INI --------- 1612752  

 19.05.2010 20:14     C:\Windows\system32\drivers --------- 65536  

 18.05.2010 11:41     C:\Windows\system32\catroot2 --------- 12288  

 13.05.2010 12:15     C:\Windows\system32\wfp --------- 0  

 13.05.2010 12:15     C:\Windows\system32\DriverStore --------- 4096  

 13.05.2010 12:15     C:\Windows\system32\wbem --------- 65536  

 13.05.2010 12:15     C:\Windows\system32\Tasks --------- 4096  

 13.05.2010 12:15     C:\Windows\system32\CodeIntegrity --------- 0  

 12.05.2010 11:21     C:\Windows\system32\MpSigStub.exe --------- 221568  

 12.05.2010 10:04     C:\Windows\system32\catroot --------- 4096  

 06.05.2010 15:17     C:\Windows\system32\Futuremark --------- 0  

 06.05.2010 15:15     C:\Windows\system32\AGEIA --------- 0  

 30.04.2010 20:51     C:\Windows\system32\MRT.exe --------- 32058312  

 10.03.2010 14:18     C:\Windows\system32\LogFiles --------- 4096  

 08.03.2010 23:33     C:\Windows\system32\vbscript.dll --------- 427520  

 07.03.2010 14:38     C:\Windows\system32\en-US --------- 4096  

 04.03.2010 09:33     C:\Windows\system32\inetcomm.dll --------- 740864  

 27.02.2010 14:07     C:\Windows\system32\ntkrnlpa.exe --------- 3954568  

 27.02.2010 14:07     C:\Windows\system32\ntoskrnl.exe --------- 3899280  

 24.02.2010 16:21     C:\Windows\system32\de-DE --------- 327680  

 23.02.2010 09:56     C:\Windows\system32\wininet.dll --------- 977920  

 23.02.2010 09:55     C:\Windows\system32\urlmon.dll --------- 1225216  

 23.02.2010 09:55     C:\Windows\system32\mstime.dll --------- 606208  

 23.02.2010 09:55     C:\Windows\system32\mshtml.dll --------- 5964800  

 23.02.2010 09:55     C:\Windows\system32\msfeedsbs.dll --------- 64512  

 23.02.2010 09:55     C:\Windows\system32\ieframe.dll --------- 10978816  

 23.02.2010 09:55     C:\Windows\system32\iedkcs32.dll --------- 381440  

 18.02.2010 09:34     C:\Windows\system32\shell32.dll --------- 12867072  

 11.02.2010 09:10     C:\Windows\system32\browserchoice.exe --------- 293376  

 02.02.2010 17:43     C:\Windows\system32\wdi --------- 4096  

 02.02.2010 09:45     C:\Windows\system32\tzres.dll --------- 2048  

 31.01.2010 22:06     C:\Windows\system32\lhacm.acm --------- 34064  

 28.01.2010 06:01     C:\Windows\system32\aspnet_counters.dll --------- 17760  

 28.01.2010 02:51     C:\Windows\system32\msvcr100_clr0400.dll --------- 771936  

 21.01.2010 16:13     C:\Windows\system32\NDF --------- 0  

 19.01.2010 01:29     C:\Windows\system32\secproc_ssp_isv.dll --------- 85504  

 19.01.2010 01:29     C:\Windows\system32\secproc_ssp.dll --------- 85504  

 19.01.2010 01:29     C:\Windows\system32\secproc_isv.dll --------- 365568  

 19.01.2010 01:29     C:\Windows\system32\secproc.dll --------- 369152  

 19.01.2010 01:28     C:\Windows\system32\RMActivate_ssp_isv.exe --------- 277504  

 19.01.2010 01:28     C:\Windows\system32\RMActivate_isv.exe --------- 324608  

 19.01.2010 01:28     C:\Windows\system32\RMActivate_ssp.exe --------- 280064  

 19.01.2010 01:28     C:\Windows\system32\RMActivate.exe --------- 320512  

 16.01.2010 12:18     C:\Windows\system32\FNTCACHE.DAT --------- 431712  

 11.01.2010 21:28     C:\Windows\system32\javaws.exe --------- 149280  

 11.01.2010 21:28     C:\Windows\system32\javaw.exe --------- 145184  

 11.01.2010 21:28     C:\Windows\system32\java.exe --------- 145184  

 11.01.2010 21:28     C:\Windows\system32\deploytk.dll --------- 411368  

 09.01.2010 08:52     C:\Windows\system32\cabview.dll --------- 132608  

 05.01.2010 20:02     C:\Windows\system32\Boot --------- 0  

 04.01.2010 15:38     C:\Windows\system32\Macromed --------- 0  

 04.01.2010 15:12     C:\Windows\system32\restore --------- 0  

 04.01.2010 14:24     C:\Windows\system32\license.rtf --------- 56735  

 04.01.2010 14:24     C:\Windows\system32\sysprep --------- 0  

 29.12.2009 08:55     C:\Windows\system32\wintrust.dll --------- 172032  

 19.12.2009 11:02     C:\Windows\system32\tsbyuv.dll --------- 12288  

 19.12.2009 11:02     C:\Windows\system32\quartz.dll --------- 1328640  

 19.12.2009 11:02     C:\Windows\system32\msyuv.dll --------- 22016  

 19.12.2009 11:02     C:\Windows\system32\msvidc32.dll --------- 31744  

 19.12.2009 11:02     C:\Windows\system32\msrle32.dll --------- 13312  

 19.12.2009 11:02     C:\Windows\system32\mciavi32.dll --------- 84480  

 19.12.2009 11:02     C:\Windows\system32\iyuv_32.dll --------- 50176  

 19.12.2009 11:02     C:\Windows\system32\avifil32.dll --------- 91648  

 13.12.2009 11:30     C:\Windows\system32\psisdecd.dll --------- 465408  

 13.12.2009 11:30     C:\Windows\system32\CPFilters.dll --------- 641536  

 13.12.2009 11:29     C:\Windows\system32\msdri.dll --------- 417792  

 13.12.2009 11:25     C:\Windows\system32\MSNP.ax --------- 204288  

 11.12.2009 09:38     C:\Windows\system32\lsasrv.dll --------- 1037312  

 08.12.2009 13:33     C:\Windows\system32\kernel32.dll --------- 857088  

 08.12.2009 13:32     C:\Windows\system32\apphelp.dll --------- 292864  

 02.12.2009 10:17     C:\Windows\system32\jscript.dll --------- 716800  

 08.11.2009 10:55     C:\Windows\system32\PresentationHost.exe --------- 295264  

 08.11.2009 10:55     C:\Windows\system32\PresentationHostProxy.dll --------- 99176  

 08.11.2009 10:55     C:\Windows\system32\dfshim.dll --------- 1130824  

 08.11.2009 10:55     C:\Windows\system32\netfxperf.dll --------- 49472  

 08.11.2009 10:55     C:\Windows\system32\mscoree.dll --------- 297808  

 28.10.2009 08:17     C:\Windows\system32\winlogon.exe --------- 285696  

 19.10.2009 16:10     C:\Windows\system32\t2embed.dll --------- 108544  

 19.10.2009 16:10     C:\Windows\system32\fontsub.dll --------- 70656  

 26.09.2009 21:53     C:\Windows\system32\FM20DEU.DLL --------- 35704  

 26.09.2009 04:32     C:\Windows\system32\FM20.DLL --------- 1205080  

 26.09.2009 04:32     C:\Windows\system32\FM20ENU.DLL --------- 31600  

 10.09.2009 07:52     C:\Windows\system32\msv1_0.dll --------- 257024  

 03.09.2009 09:04     C:\Windows\system32\CertEnroll.dll --------- 1320960  

 29.08.2009 08:59     C:\Windows\system32\wmp.dll --------- 11406336  

 29.08.2009 08:57     C:\Windows\system32\msasn1.dll --------- 34816  

 29.08.2009 08:54     C:\Windows\system32\wmploc.DLL --------- 12625408  

 19.08.2009 09:20     C:\Windows\system32\winresume.exe --------- 442920  

 19.08.2009 09:20     C:\Windows\system32\winload.exe --------- 507568  

 18.08.2009 03:37     C:\Windows\system32\ATIDEMGX.dll --------- 442368  

 18.08.2009 03:36     C:\Windows\system32\atieclxx.exe --------- 348160  

 18.08.2009 03:36     C:\Windows\system32\atiesrxx.exe --------- 176128  

----------------------------------------
 

 

C:\Windows\Prefetch
 

----------------------------------------
 

 

C:\Windows\Tasks
 

 25.05.2010 14:12     C:\Windows\Tasks\SA.DAT --------- 6  

 05.05.2010 17:29     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32640  

----------------------------------------
 

 

C:\Windows\Temp
 

 25.05.2010 14:53     C:\Windows\Temp\MpCmdRun.log --------- 1678  

 25.05.2010 14:20     C:\Windows\Temp\MpSigStub.log --------- 3290  

 24.05.2010 23:00     C:\Windows\Temp\TMP000000FAE8B7593FE05CC706 --------- 524288  

----------------------------------------
 

 

C:\Users\CANGAB~1\AppData\Local\Temp
 

 25.05.2010 18:54     C:\Users\CANGAB~1\AppData\Local\Temp\~DF12EFFE2479043670.TMP --------- 45056  

 25.05.2010 18:53     C:\Users\CANGAB~1\AppData\Local\Temp\~DFA9AB6013E007729C.TMP --------- 512  

 25.05.2010 18:53     C:\Users\CANGAB~1\AppData\Local\Temp\~DFA9F9D918190EBB00.TMP --------- 16384  

 25.05.2010 18:50     C:\Users\CANGAB~1\AppData\Local\Temp\Low --------- 20480  

 25.05.2010 18:54     C:\Users\CANGAB~1\AppData\Local\Temp\hsperfdata_*** --------- 0  

 25.05.2010 18:41     C:\Users\CANGAB~1\AppData\Local\Temp\~DFF6429A3A6238DA50.TMP --------- 512  

 25.05.2010 18:41     C:\Users\CANGAB~1\AppData\Local\Temp\~DFB5E1FCB0EC4369F4.TMP --------- 524288  

 25.05.2010 18:41     C:\Users\CANGAB~1\AppData\Local\Temp\~DFFF6DEFA2103AD50F.TMP --------- 512  

 25.05.2010 18:41     C:\Users\CANGAB~1\AppData\Local\Temp\~DF7D680D4A4DA6FB69.TMP --------- 32768  

 25.05.2010 18:26     C:\Users\CANGAB~1\AppData\Local\Temp\Deployment --------- 0  

 25.05.2010 18:24     C:\Users\CANGAB~1\AppData\Local\Temp\jar_cache1771929489892508935.tmp --------- 9841  

 25.05.2010 18:24     C:\Users\CANGAB~1\AppData\Local\Temp\jar_cache6953131931498903089.tmp --------- 10314  

 25.05.2010 18:24     C:\Users\CANGAB~1\AppData\Local\Temp\AdobeARM.log --------- 1724  

 25.05.2010 18:23     C:\Users\CANGAB~1\AppData\Local\Temp\java_install_reg.log --------- 790  

 25.05.2010 16:16     C:\Users\CANGAB~1\AppData\Local\Temp\MessengerCache --------- 4096  

 25.05.2010 14:45     C:\Users\CANGAB~1\AppData\Local\Temp\Curse --------- 0  

 25.05.2010 14:44     C:\Users\CANGAB~1\AppData\Local\Temp\~DF8F3A2236E109CEB3.TMP --------- 512  

 25.05.2010 14:44     C:\Users\CANGAB~1\AppData\Local\Temp\~DFF9A849B3169DC993.TMP --------- 49152  

 25.05.2010 14:44     C:\Users\CANGAB~1\AppData\Local\Temp\~DF9E45D7B0E8F02A16.TMP --------- 16384  

 25.05.2010 14:13     C:\Users\CANGAB~1\AppData\Local\Temp\WPDNSE --------- 0  

 24.05.2010 23:00     C:\Users\CANGAB~1\AppData\Local\Temp\wmplog00.sqm --------- 1550  

 24.05.2010 15:47     C:\Users\CANGAB~1\AppData\Local\Temp\wmsetup.log --------- 406  

 24.05.2010 13:09     C:\Users\CANGAB~1\AppData\Local\Temp\jusched.log --------- 151  

 23.05.2010 22:55     C:\Users\CANGAB~1\AppData\Local\Temp\gsiwebiu.out --------- 712  

 23.05.2010 22:55     C:\Users\CANGAB~1\AppData\Local\Temp\gsiwebiu.dll --------- 8192  

 23.05.2010 22:55     C:\Users\CANGAB~1\AppData\Local\Temp\gsiwebiu.err --------- 0  

 23.05.2010 22:55     C:\Users\CANGAB~1\AppData\Local\Temp\gsiwebiu.cmdline --------- 425  

 23.05.2010 22:55     C:\Users\CANGAB~1\AppData\Local\Temp\gsiwebiu.0.cs --------- 11095  

 23.05.2010 22:55     C:\Users\CANGAB~1\AppData\Local\Temp\gsiwebiu.tmp --------- 0  

 04.01.2010 14:28     C:\Users\CANGAB~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  

----------------------------------------
 

 

C:\Program Files
 

 23.05.2010 19:12     C:\Program Files\OOo-dev 3 --------- 0  

 23.05.2010 19:10     C:\Program Files\Yahoo --------- 0  

 23.05.2010 19:10     C:\Program Files\OpenOffice.org 3 --------- 0  

 21.05.2010 14:33     C:\Program Files\Trend Micro --------- 0  

 19.05.2010 20:14     C:\Program Files\Malwarebytes' Anti-Malware --------- 4096  

 14.05.2010 20:04     C:\Program Files\TeamSpeak 3 Client --------- 4096  

 13.05.2010 14:05     C:\Program Files\Windows Mail --------- 0  

 09.05.2010 21:56     C:\Program Files\Siber Systems --------- 0  

 08.05.2010 14:42     C:\Program Files\S.A.D --------- 0  

 06.05.2010 17:43     C:\Program Files\Google --------- 0  

 06.05.2010 15:47     C:\Program Files\CCleaner --------- 0  

 06.05.2010 15:17     C:\Program Files\Common Files --------- 4096  

 06.05.2010 15:17     C:\Program Files\InstallShield Installation Information --------- 0  

 06.05.2010 15:15     C:\Program Files\Futuremark --------- 0  

 06.05.2010 15:15     C:\Program Files\AGEIA Technologies --------- 0  

 24.04.2010 22:50     C:\Program Files\Adobe --------- 0  

 09.04.2010 21:04     C:\Program Files\TuneUp Utilities 2010 --------- 0  

 03.04.2010 20:59     C:\Program Files\Mozilla Firefox --------- 32768  

 03.04.2010 18:39     C:\Program Files\Celebrity Toolbar --------- 65536  

 03.04.2010 16:55     C:\Program Files\MessengerDiscovery 2 --------- 4096  

 31.03.2010 20:55     C:\Program Files\Internet Explorer --------- 4096  

 13.03.2010 11:40     C:\Program Files\Trojan Remover --------- 0  

 07.03.2010 14:38     C:\Program Files\Microsoft.NET --------- 0  

 16.02.2010 19:47     C:\Program Files\Windows Live --------- 4096  

 14.02.2010 22:28     C:\Program Files\WinRAR --------- 4096  

 29.01.2010 11:07     C:\Program Files\Search&Destroy --------- 0  

 28.01.2010 14:55     C:\Program Files\DVDVideoSoft --------- 0  

 28.01.2010 14:55     C:\Program Files\Youtube Converter --------- 0  

 21.01.2010 08:07     C:\Program Files\Microsoft Silverlight --------- 4096  

 17.01.2010 00:25     C:\Program Files\Microsoft Games --------- 0  

 15.01.2010 22:01     C:\Program Files\Microsoft Synchronization Services --------- 0  

 15.01.2010 22:01     C:\Program Files\Microsoft Office --------- 4096  

 15.01.2010 22:01     C:\Program Files\Microsoft SQL Server Compact Edition --------- 0  

 15.01.2010 21:59     C:\Program Files\Microsoft Analysis Services --------- 0  

 11.01.2010 21:28     C:\Program Files\Java --------- 0  

 11.01.2010 21:27     C:\Program Files\oppenofice --------- 0  

 10.01.2010 13:09     C:\Program Files\World of Warcraft --------- 0  

 05.01.2010 21:07     C:\Program Files\OppenOffice --------- 0  

 05.01.2010 20:02     C:\Program Files\Windows Media Player --------- 4096  

 04.01.2010 16:18     C:\Program Files\WarCraft 3 --------- 4096  

 04.01.2010 15:22     C:\Program Files\Microsoft --------- 0  

 04.01.2010 15:21     C:\Program Files\Windows Live SkyDrive --------- 0  

 04.01.2010 15:16     C:\Program Files\Avira --------- 0  

 04.01.2010 14:27     C:\Program Files\Gemeinsame Dateien --------- 0  

 04.01.2010 14:27     C:\Program Files\Windows NT --------- 4096  

 14.07.2009 10:56     C:\Program Files\DVD Maker --------- 0  

 14.07.2009 10:56     C:\Program Files\Windows Journal --------- 0  

 14.07.2009 10:47     C:\Program Files\Windows Defender --------- 4096  

 14.07.2009 10:47     C:\Program Files\Windows Photo Viewer --------- 4096  

 14.07.2009 10:47     C:\Program Files\Windows Sidebar --------- 4096  

 14.07.2009 06:53     C:\Program Files\Uninstall Information --------- 0  

 14.07.2009 06:52     C:\Program Files\Windows Portable Devices --------- 0  

 14.07.2009 06:52     C:\Program Files\Reference Assemblies --------- 0  

 14.07.2009 06:52     C:\Program Files\MSBuild --------- 0  

 14.07.2009 06:41     C:\Program Files\desktop.ini --------- 174  

----------------------------------------
 

 

C:\ProgramData\.. 
 

***    

Public    

Default    

Default User    

All Users    

desktop.ini    

----------------------------------------
 

 

C:\Windows\system32\drivers\etc\hosts
 

127.0.0.1        www.007guard.com

127.0.0.1        007guard.com

127.0.0.1        008i.com

127.0.0.1        www.008k.com

127.0.0.1        008k.com

127.0.0.1        www.00hq.com

127.0.0.1        00hq.com

127.0.0.1        010402.com

127.0.0.1        www.032439.com

127.0.0.1        032439.com

127.0.0.1        www.0scan.com

127.0.0.1        0scan.com

127.0.0.1        www.1000gratisproben.com

127.0.0.1        1000gratisproben.com

127.0.0.1        www.1001namen.com

127.0.0.1        1001namen.com

127.0.0.1        www.100888290cs.com

127.0.0.1        100888290cs.com

127.0.0.1        www.100sexlinks.com

127.0.0.1        100sexlinks.com

127.0.0.1        10sek.com

127.0.0.1        www.10sek.com

127.0.0.1        1-2005-search.com

127.0.0.1        www.1-2005-search.com

127.0.0.1        123fporn.info

127.0.0.1        www.123fporn.info

127.0.0.1        123haustiereundmehr.com

127.0.0.1        www.123haustiereundmehr.com

127.0.0.1        123moviedownload.com

127.0.0.1        www.123moviedownload.com

127.0.0.1        123simsen.com

127.0.0.1        www.123simsen.com

127.0.0.1        123topsearch.com

127.0.0.1        www.123topsearch.com

127.0.0.1        125sms.co.uk

127.0.0.1        www.125sms.co.uk

127.0.0.1        125sms.com

127.0.0.1        www.125sms.com

127.0.0.1        132.com

127.0.0.1        www.132.com

127.0.0.1        www.1337crew.info

127.0.0.1        1337crew.info

127.0.0.1        www.1337-crew.to

127.0.0.1        1337-crew.to

127.0.0.1        136136.net

127.0.0.1        www.136136.net

127.0.0.1        www.150freesms.de

127.0.0.1        150freesms.de

127.0.0.1        163ns.com

127.0.0.1        www.163ns.com

127.0.0.1        171203.com

127.0.0.1        17concepts.info

127.0.0.1        www.17concepts.info

127.0.0.1        17-plus.com

127.0.0.1        1800searchonline.com

127.0.0.1        www.1800searchonline.com

127.0.0.1        180searchassistant.com

127.0.0.1        www.180searchassistant.com

127.0.0.1        180solutions.com

127.0.0.1        www.180solutions.com

127.0.0.1        181.365soft.info

127.0.0.1        www.181.365soft.info

127.0.0.1        1987324.com

127.0.0.1        www.1987324.com

127.0.0.1        www.1-domains-registrations.com

127.0.0.1        1-domains-registrations.com

127.0.0.1        www.1sexparty.com

127.0.0.1        1sexparty.com

127.0.0.1        www.1sms.de

127.0.0.1        1sms.de

127.0.0.1        www.1spybot.com

127.0.0.1        1spybot.com

127.0.0.1        www.1stantivirus.com

127.0.0.1        1stantivirus.com

127.0.0.1        www.1stpagehere.com

127.0.0.1        1stpagehere.com

127.0.0.1        www.1stsearchportal.com

127.0.0.1        1stsearchportal.com

127.0.0.1        2.82211.net
 

----------------------------------------
 

 
 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung

========================= ======== ================ =========== ===============

System Idle Process              0 Services                   0            24 K

System                           4 Services                   0           544 K

smss.exe                       272 Services                   0            56 K

csrss.exe                      360 Services                   0         1.148 K

wininit.exe                    432 Services                   0            92 K

csrss.exe                      440 Console                    1         5.784 K

services.exe                   480 Services                   0         3.148 K

lsass.exe                      496 Services                   0         4.484 K

lsm.exe                        504 Services                   0         1.132 K

winlogon.exe                   624 Console                    1         1.172 K

svchost.exe                    688 Services                   0         2.176 K

svchost.exe                    788 Services                   0         2.716 K

atiesrxx.exe                   836 Services                   0            88 K

svchost.exe                    924 Services                   0        11.888 K

svchost.exe                    960 Services                   0        46.840 K

svchost.exe                   1000 Services                   0        12.960 K

svchost.exe                   1128 Services                   0         3.736 K

atieclxx.exe                  1208 Console                    1           252 K

svchost.exe                   1244 Services                   0         6.912 K

spoolsv.exe                   1396 Services                   0           692 K

sched.exe                     1432 Services                   0           724 K

svchost.exe                   1456 Services                   0         5.412 K

dwm.exe                       1696 Console                    1        25.220 K

explorer.exe                  1708 Console                    1        44.132 K

taskhost.exe                  1732 Console                    1         3.428 K

avguard.exe                   1780 Services                   0        12.452 K

svchost.exe                   1856 Services                   0            76 K

SDWinSec.exe                  2016 Services                   0         3.056 K

avgnt.exe                     1344 Console                    1         2.320 K

robotaskbaricon.exe           2056 Console                    1         3.876 K

CGVPNCliService.exe           2096 Services                   0           112 K

CurseClient.exe               2276 Console                    1           636 K

svchost.exe                   2924 Services                   0           100 K

SearchIndexer.exe             3032 Services                   0        19.592 K

wmpnetwk.exe                  3312 Services                   0         2.436 K

svchost.exe                   3380 Services                   0         2.332 K

svchost.exe                   4072 Services                   0        18.196 K

iexplore.exe                  4060 Console                    1        30.956 K

iexplore.exe                  4028 Console                    1        61.504 K

FlashUtil10e.exe              3724 Console                    1         2.544 K

iexplore.exe                  2176 Console                    1        73.564 K

audiodg.exe                   5552 Services                   0        13.864 K

cmd.exe                       4900 Console                    1         3.040 K

conhost.exe                   2704 Console                    1         4.576 K

SearchProtocolHost.exe        3924 Services                   0         6.196 K

SearchFilterHost.exe          5356 Services                   0         4.476 K

tasklist.exe                  4928 Console                    1         4.144 K

WmiPrvSE.exe                  4812 Services                   0         4.832 K
 

 

***** Ende des Scans 25.05.2010 um 18:59:42,41 ***