| |
| |||||||
Log-Analyse und Auswertung: System Care Antivirus entfernt? Fehler bei DefoggerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
30.06.2013, 15:38
| #1 |
| |  System Care Antivirus entfernt? Fehler bei Defogger Hallo, ich hatte (habe?) System Care Antivirus auf dem PC in meinem Internet Account (Win XP Gastaccount). Ich hoffe, dass ich ihn entfernt habe, möchte aber sicher gehen. Bereits beim ersten Schritt (Defogger) bekam ich eine Fehlermeldung. defogger_disable Log ist hochgeladen Was muss ich tun? |
|
30.06.2013, 15:51
| #2 |
| /// the machine /// TB-Ausbilder    | System Care Antivirus entfernt? Fehler bei Defogger Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
30.06.2013, 15:54
| #3 |
| | System Care Antivirus entfernt? Fehler bei Defogger als admin oder vom Internet (=Gast) Account starten?
__________________Hier sind FRST.txt und Addition.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-06-2013 01
Ran by Internet (ATTENTION: The logged in user is not administrator) on 30-06-2013 16:58:15
Running from C:\Dokumente und Einstellungen\Internet\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Check Point Software Technologies) C:\Programme\CheckPoint\ZAForceField\ForceField.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\VTtrayp.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(CyberLink Corp.) C:\Programme\Home Cinema\PowerCinema\PCMService.exe
(ScanSoft, Inc.) C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(SEIKO EPSON CORPORATION) C:\Programme\Epson Software\FAX Utility\FUFAXSTM.exe
(Check Point Software Technologies LTD) C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
(Crawler.com) C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe
(Samsung) C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Crawler.com) C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
() C:\Dokumente und Einstellungen\Internet\Eigene Dateien\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [VTTimer] VTTimer.exe [x]
HKLM\...\Run: [VTTrayp] VTtrayp.exe [x]
HKLM\...\Run: [AGRSMMSG] AGRSMMSG.exe [x]
HKLM\...\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" [147456 2006-05-05] (CyberLink Corp.)
HKLM\...\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [SetDefPrt] C:\Programme\Brother\Brmfl05a\BrStDvPt.exe [49152 2005-01-26] (Brother Industories, Ltd.)
HKLM\...\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [x]
HKLM\...\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min [281768 2010-11-06] (Avira GmbH)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [FUFAXSTM] "C:\Programme\Epson Software\FAX Utility\FUFAXSTM.exe" [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [ISW] "C:\Programme\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" [738984 2012-11-22] (Check Point Software Technologies)
HKLM\...\Run: [ZoneAlarm] "C:\Programme\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
HKLM\...\Run: [SpywareTerminatorShield] C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [BullGuard] "C:\Programme\BullGuard Software\BullGuard\bullguard.exe" [x]
HKCU\...\Run: [AOLMIcon] C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]
HKCU\...\Run: [EPSON BX305 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGJE.EXE /FU "C:\DOKUME~1\Internet\LOKALE~1\Temp\E_SE9.tmp" /EF "HKCU" [x] <===== ATTENTION
HKCU\...\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-04] (Samsung)
MountPoints2: {21154e3c-cfd7-11de-bcce-00161762d9b4} - F:\LaunchU3.exe -a
MountPoints2: {729dd846-b5be-11dd-bb4e-ba1d54e2f242} - F:\CD_Start.exe
MountPoints2: {c5e99cbc-928f-11de-bc88-00161762d9b4} - F:\Smith.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://dimcrt.com/DWeb/LogOn.aspx?ReturnUrl=%2fdweb%2fDefault.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (Google Inc.)
DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1147879372515
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147880351031
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\o879j3ok.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF Plugin: @checkpoint.com/FFApi - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2321 - C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2379 - C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1483 - C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @viewpoint.com/VMP - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Extension: No Name - C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Visualisateur 3D de 20-20 - C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\o879j3ok.default\Extensions\2020Player@2020Technologies.com
FF Extension: Visualisateur 3D de 20-20 - C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\o879j3ok.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: Google Toolbar for Firefox - C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\o879j3ok.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Programme\CheckPoint\ZAForceField\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Programme\CheckPoint\ZAForceField\TrustChecker
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-04-27] (Avira GmbH)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-20] (Avira GmbH)
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd)
R2 CLCapSvc; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe [266338 2006-05-05] ()
R2 CLSched; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe [118880 2006-05-05] ()
R2 CyberLink Media Library Service; C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [1073152 2006-05-05] (Cyberlink)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 IswSvc; C:\Programme\CheckPoint\ZAForceField\IswSvc.exe [497320 2012-11-22] (Check Point Software Technologies)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [167936 2006-05-05] ()
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [725400 2012-10-03] (Nokia)
R2 ST2012_Svc; C:\Programme\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
R2 vsmon; C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)
S3 WMConnectCDS; C:\Programme\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation)
R2 x10nets; C:\PROGRA~1\COMMON~2\X10\Common\x10nets.exe [20480 2001-11-12] (X10)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
S2 RoxLiveShare9; "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [882688 2006-04-28] (Philips Semiconductors GmbH)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [3964352 2006-04-21] (Realtek Semiconductor Corp.)
R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2009-02-13] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-20] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-20] (Avira GmbH)
S3 BrScnUsb; C:\Windows\System32\Drivers\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 EL90XBC; C:\Windows\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [181120 2008-09-25] (Stephan Schreiber)
R1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [51072 2008-08-28] (Stephan Schreiber)
R2 ISWKL; C:\Programme\CheckPoint\ZAForceField\ISWKL.sys [27056 2012-11-22] (Check Point Software Technologies)
R2 LBeepKE; C:\Windows\System32\Drivers\LBeepKE.sys [10448 2010-03-18] (Logitech, Inc.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-10-21] ()
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [181344 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [28064 2006-10-02] (Acronis)
R3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [248704 2006-02-09] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R1 Vsdatant; C:\Windows\System32\vsdatant.sys [527848 2013-03-27] (Check Point Software Technologies LTD)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 ZD1211U(ZyXEL); C:\Windows\System32\DRIVERS\zd1211u.sys [237568 2004-11-23] (ZyDAS Technology Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb.sys [x]
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S3 uxddrv; \??\i:\DIAGNOSE\WSTGER\uxddrv.sys [x]
S3 wanatw; system32\DRIVERS\wanatw4.sys [x]
S3 WDICA; No ImagePath
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-30 16:57 - 2013-06-30 16:57 - 00000000 ____D C:\FRST
2013-06-24 23:06 - 2013-06-27 19:35 - 00002528 ____A C:\Windows\WindowsUpdate.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000060 ____A C:\Windows\setupact.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 22:09 - 2011-06-21 11:24 - 00032768 ____A C:\Windows\System32\Drivers\sp_rsdrv2.sys
2013-06-23 20:47 - 2013-06-23 22:09 - 00000000 ____D C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 20:13 - 2013-06-23 20:20 - 00417507 ____A C:\Windows\System32\vsconfig.xml
2013-06-23 20:01 - 2013-06-24 22:35 - 00000000 ____D C:\Windows\pss
2013-06-23 18:39 - 2013-06-23 18:39 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\de
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\bits
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\l2schemas
2013-06-23 18:30 - 2008-04-14 07:53 - 00380928 ____A (Microsoft Corporation) C:\Windows\System32\irprops.cpl
2013-06-23 18:30 - 2008-04-14 07:53 - 00073796 ____N (Smart Link) C:\Windows\System32\slserv.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00060416 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\System32\slrundll.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\setupn.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-23 18:30 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-23 18:30 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01888992 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3duag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3d1ag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00516768 ____N (ATI Technologies Inc. ) C:\Windows\System32\ativvaxx.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\Windows\System32\mmcex.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\Windows\System32\qagentrt.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\Windows\System32\rhttpaa.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00286792 ____N (Smart Link) C:\Windows\System32\slextspk.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00229376 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2cqag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00201728 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\Windows\System32\napmontr.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00188508 ____N (Smart Link) C:\Windows\System32\slgen.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\Windows\System32\microsoft.managementconsole.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\Windows\System32\napstat.exe
2013-06-23 18:30 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\Windows\System32\mssha.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\Windows\System32\qagent.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\Windows\System32\mmcfxcommon.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\ieencode.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\Windows\System32\qutil.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00073832 ____N (Smart Link) C:\Windows\System32\slcoinst.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\Windows\System32\qcliprov.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\Windows\System32\rasqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\kmsvc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\Windows\System32\eapqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\tspkg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\dhcpqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\eappprxy.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\l2gpstore.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\mmcperf.exe
2013-06-23 18:30 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\eapsvc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\Windows\System32\eapolqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\napipsec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\dimsntfy.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\Windows\System32\dot3dlg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx4.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdpash.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdnepr.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdiultn.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdbhc.dll
2013-06-23 18:30 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\msshavmsg.dll
2013-06-23 18:27 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-23 18:23 - 2008-04-14 07:52 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-23 18:23 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-23 18:23 - 2008-04-14 07:21 - 00701952 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtag.sys
2013-06-23 18:23 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-23 18:23 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-23 18:23 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-23 18:23 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-23 18:23 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-23 18:23 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-23 18:23 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agpcpq.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\alim1541.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agp440.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\viaagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\Windows\System32\Drivers\sisagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\Windows\System32\Drivers\mtlstrm.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\Windows\System32\Drivers\slntamr.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\Windows\System32\Drivers\ntmtlfax.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\Windows\System32\Drivers\mtlmnt5.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\Windows\System32\Drivers\slnthal.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\Windows\System32\Drivers\recagent.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\Windows\System32\Drivers\slwdmsup.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-23 18:23 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-23 18:23 - 2007-04-02 21:36 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-23 18:23 - 2006-12-29 20:21 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-23 18:23 - 2006-12-29 20:02 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-23 18:20 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\002935_.tmp
2013-06-23 18:15 - 2013-06-23 18:19 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-23 17:19 - 2013-06-23 17:19 - 00000000 __SHD C:\found.000
==================== One Month Modified Files and Folders ========
2013-06-30 16:57 - 2013-06-30 16:57 - 00000000 ____D C:\FRST
2013-06-30 16:13 - 2006-08-06 19:23 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-30 16:13 - 2006-08-06 19:23 - 00000050 ____A C:\Windows\wiaservc.log
2013-06-30 16:13 - 2006-05-17 13:15 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-30 16:13 - 2006-05-17 12:58 - 00002206 ____A C:\Windows\System32\wpa.dbl
2013-06-27 19:35 - 2013-06-24 23:06 - 00002528 ____A C:\Windows\WindowsUpdate.log
2013-06-27 19:35 - 2006-08-06 16:39 - 00032618 ____A C:\Windows\SchedLgU.Txt
2013-06-24 22:39 - 2013-06-24 22:39 - 00000060 ____A C:\Windows\setupact.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 22:35 - 2013-06-23 20:01 - 00000000 ____D C:\Windows\pss
2013-06-24 22:34 - 2009-03-03 00:29 - 00000000 ____D C:\Windows\Minidump
2013-06-24 22:23 - 2006-05-17 14:07 - 00000000 ____D C:\Programme
2013-06-24 11:37 - 2003-01-01 01:15 - 00000000 ____D C:\Windows\System32\NtmsData
2013-06-24 09:48 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\Registration
2013-06-24 06:17 - 2006-06-21 13:04 - 00000000 __SHD C:\Windows\ftpcache
2013-06-23 22:09 - 2013-06-23 20:47 - 00000000 ____D C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 20:20 - 2013-06-23 20:13 - 00417507 ____A C:\Windows\System32\vsconfig.xml
2013-06-23 20:02 - 2006-05-17 12:58 - 00000533 ____A C:\Windows\win.ini
2013-06-23 20:02 - 2006-05-17 12:58 - 00000227 ____A C:\Windows\system.ini
2013-06-23 20:02 - 2006-05-17 12:58 - 00000211 __ASH C:\boot.ini
2013-06-23 19:55 - 2006-08-06 18:33 - 00000000 ____D C:\Windows\System32\ZoneLabs
2013-06-23 18:40 - 2006-05-17 14:07 - 01056326 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-23 18:39 - 2013-06-23 18:39 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-23 18:37 - 2006-05-17 14:06 - 00304416 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-23 18:36 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\security
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\de
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\bits
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\l2schemas
2013-06-23 18:30 - 2013-06-23 18:27 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-23 18:30 - 2013-05-21 23:11 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\System32\usmt
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\PeerNet
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\ime
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\Help
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\System32\npp
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\system
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\msagent
2013-06-23 18:26 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\System32\Restore
2013-06-23 18:26 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\srchasst
2013-06-23 18:26 - 2006-05-17 13:10 - 00000000 ____D C:\Windows\System32\Com
2013-06-23 18:22 - 2006-05-17 12:58 - 00251712 _RASH C:\ntldr
2013-06-23 18:19 - 2013-06-23 18:15 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-23 18:19 - 2006-05-17 15:40 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-23 18:03 - 2006-08-06 16:37 - 01044748 ____A C:\Windows\setupapi.log.0.old
2013-06-23 17:19 - 2013-06-23 17:19 - 00000000 __SHD C:\found.000
2013-06-10 21:36 - 2002-02-13 16:35 - 00000000 ____A C:\Windows\System32\Biport
2013-06-03 17:43 - 2006-05-17 16:04 - 73393752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-05-17 12:58] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation)
C:\Windows\System32\winlogon.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation)
C:\Windows\System32\svchost.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation)
C:\Windows\System32\services.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0109056 ____A (Microsoft Corporation)
C:\Windows\System32\User32.dll
[2006-05-17 12:58] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation)
C:\Windows\System32\userinit.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation)
C:\Windows\System32\Drivers\volsnap.sys
[2006-05-17 12:58] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation)
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-06-2013 01
Ran by Internet at 2013-06-30 16:58:59
Running from C:\Dokumente und Einstellungen\Internet\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
ACDSee
Acronis*TrueImage
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader 7.0.8 - Deutsch (Version: 7.0.8)
ALDI Online Druck Service (Sued)
ALDI Sued Foto Manager (D) (Version: 2.0.2.654)
ALDI Sued Foto Service (D) (Version: 1.7.1.41)
Anti-Twin (Installation 13.11.2008)
ArcSoft PhotoImpression
AutoUpdate (Version: 1.0)
Avidemux 2.5 (Version: 2.5.2.5660)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.719)
Brother MFL-Pro Suite (Version: 1.00.000)
CCleaner (Version: 4.02)
CDex extraction audio
ColiMem 1.0
Corel Applications
Creatix V.92 Data Fax Modem
DAEMON Tools Toolbar (Version: 1.1.2.0185)
DivX Player (Version: 2.5.5)
DivX Pro (Version: 5.2.1)
Druckerdeinstallation für EPSON BX305 Series
DVB Dream version 1.4i
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
DVDx 2.0
EPSON BX305 Series Handbuch
EPSON Copy Utility
Epson Easy Photo Print 2 (Version: 2.2.3.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson FAX Utility (Version: 1.10.00)
Epson PC-FAX Driver
EPSON Photo Print
EPSON Scan
EPSON Smart Panel
EPSON TWAIN 5
eReg (Version: 1.20.138.34)
Ext2 IFS 1.11a for Windows XP
Free YouTube Downloader Converter
Google Toolbar for Internet Explorer
IKEA Home Planner (Version: 2.0.3)
IrfanView (remove only)
J2SE Runtime Environment 5.0 Update 7 (Version: 1.5.0.70)
Java Auto Updater (Version: 2.1.6.0)
Java(TM) 6 Update 27 (Version: 6.0.270)
Java(TM) 7 Update 4 (Version: 7.0.40)
KeyTweak - Keyboard Remapper (remove only)
Learn2 Player (Uninstall Only)
LetsTrade Komponenten
LightScribe Applications (Version: 1.4.128.1)
LightScribe System Software 1.12.37.1 (Version: 1.12.37.1)
LightScribeTemplateLabeler (Version: 1.10.23.1)
LingoPad 2.5.0 (Build 322) (Version: 2.5.0)
Loewenzahn 4 (Version: 1.00.0000)
Macromedia Flash Player 8 (Version: 8)
Macromedia Shockwave Player (Version: 10.1.0.11)
MediaShow 3.0
MEDION Fotos auf CD Sued (D) (Version: 4.5.4.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Language Pack - DEU
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Excel Viewer (Version: 12.0.6334.5000)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Windows-Journal-Viewer (Version: 1.5.2316.0)
Microsoft WinUsb 1.0
Microsoft Word 2000 SR-1 (Version: 9.00.3821)
Microsoft Works (Version: 08.05.0822)
Microsoft XML Parser (Version: 8.0.7820.0)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket
Mozilla Firefox 11.0 (x86 de) (Version: 11.0)
MSN Messenger 7.5 (Version: 7.5.0324.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 6.0 Parser (Version: 6.10.1129.0)
Nero 7 Essentials (Version: 7.01.3326)
Nokia Connectivity Cable Driver (Version: 7.1.92.0)
OpenOffice.org 2.4 (Version: 2.4.9310)
PaperPort (Version: 9.02.0823)
PC Connectivity Solution (Version: 12.0.48.0)
Pegasus Mail
Photo Viewer 3.03fs
PhotoNow! 1.0
Platform (Version: 1.13)
PowerCinema
PowerDirector
PowerDVD
PowerProducer
QuickTime (Version: 7.1)
RealPlayer
Realtek AC'97 Audio (Version: 5.23)
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.02.0000)
Samsung Kies (Version: 2.5.0.12114_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
ScanToWeb
Sicherheitsupdate für Step by Step Interactive Training (KB898458) (Version: 20050502.101010)
Sicherheitsupdate für Windows Media Player (KB911564)
Sicherheitsupdate für Windows Media Player 10 (KB911565)
Sicherheitsupdate für Windows Media Player 10 (KB917734)
Skype™ 5.3 (Version: 5.3.120)
Spyware Terminator 2012 (Version: 3.0.0.82)
TextMaker Viewer
Thomas & Seine Freunde 2 (tm)- Im Noteinsatz
VIA Platform Device Manager (Version: 1.13)
VIA/S3G Display Driver
Viewpoint Media Player
VLC media player 2.0.2 (Version: 2.0.2)
WebFldrs XP (Version: 9.50.7523)
WellCAD Reader (Version: 4.4.2711)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0532.2)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.5.0530.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Messenger 5.1 (Version: 5.1.0701)
Windows XP Service Pack 3 (Version: 20080414.031514)
Windows-Sicherungsprogramm (Version: 5.1)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
X10 Hardware(TM)
xp-AntiSpy 3.98-2
ZoneAlarm Firewall (Version: 11.0.000.504)
ZoneAlarm Free Firewall (Version: 11.0.000.504)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (Version: 11.0.000.504)
ZoneAlarm Security Toolbar (Version: 1.8.11.11)
==================== Restore Points =========================
Could not list Restore Points.
==================== Faulty Device Manager Devices =============
Name: Nokia 2700 classic
Description: Nokia Windows Portable Device Driver
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/26/2013 05:37:30 PM) (Source: WmiAdapter) (User: VORDEFINIERT)
Description: Dienst konnte nicht geöffnet werden.
Error: (06/25/2013 11:56:20 AM) (Source: WmiAdapter) (User: VORDEFINIERT)
Description: Dienst konnte nicht geöffnet werden.
Error: (06/24/2013 09:52:00 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{da80bc42-2558-11db-9dd0-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (06/24/2013 09:49:23 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{da80bc42-2558-11db-9dd0-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (06/24/2013 09:49:19 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{da80bc42-2558-11db-9dd0-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (06/23/2013 07:56:45 PM) (Source: WmiAdapter) (User: VORDEFINIERT)
Description: Dienst konnte nicht geöffnet werden.
Error: (06/23/2013 07:33:02 PM) (Source: WmiAdapter) (User: VORDEFINIERT)
Description: Dienst konnte nicht geöffnet werden.
Error: (06/01/2013 01:52:59 PM) (Source: crypt32) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (06/01/2013 01:43:21 PM) (Source: crypt32) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (05/26/2013 02:11:44 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung acrord32.exe, Version 7.0.8.218, fehlgeschlagenes Modul acrord32.dll, Version 7.0.8.218, Fehleradresse 0x000c882d.
Das medienspezifische Ereignis für [acrord32.exe!ws!] wird verarbeitet.
System errors:
=============
Error: (06/30/2013 04:13:09 PM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.34 für die Netzwerkkarte mit der Netzwerkadresse 00161762D9B4 wurde durch
den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (06/27/2013 05:51:37 PM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.34 für die Netzwerkkarte mit der Netzwerkadresse 00161762D9B4 wurde durch
den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (06/26/2013 10:52:05 PM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.37 für die Netzwerkkarte mit der Netzwerkadresse 00161762D9B4 wurde durch
den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (06/26/2013 05:39:48 PM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.34 für die Netzwerkkarte mit der Netzwerkadresse 00161762D9B4 wurde durch
den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (06/26/2013 05:37:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/26/2013 05:37:30 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.
Error: (06/25/2013 11:56:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/25/2013 11:56:26 AM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.
Error: (06/24/2013 11:08:39 PM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.34 für die Netzwerkkarte mit der Netzwerkadresse 00161762D9B4 wurde durch
den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (06/24/2013 09:51:27 PM) (Source: DCOM) (User: HOME-PC)
Description: Bei DCOM ist der Fehler "%%1058" aufgetreten, als der Dienst "upnphost" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Microsoft Office Sessions:
=========================
Error: (06/26/2013 05:37:30 PM) (Source: WmiAdapter)(User: VORDEFINIERT)
Description:
Error: (06/25/2013 11:56:20 AM) (Source: WmiAdapter)(User: VORDEFINIERT)
Description:
Error: (06/24/2013 09:52:00 AM) (Source: VSS)(User: )
Description: CreateFileW(\\?\Volume{da80bc42-2558-11db-9dd0-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (06/24/2013 09:49:23 AM) (Source: VSS)(User: )
Description: CreateFileW(\\?\Volume{da80bc42-2558-11db-9dd0-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (06/24/2013 09:49:19 AM) (Source: VSS)(User: )
Description: CreateFileW(\\?\Volume{da80bc42-2558-11db-9dd0-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (06/23/2013 07:56:45 PM) (Source: WmiAdapter)(User: VORDEFINIERT)
Description:
Error: (06/23/2013 07:33:02 PM) (Source: WmiAdapter)(User: VORDEFINIERT)
Description:
Error: (06/01/2013 01:52:59 PM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (06/01/2013 01:43:21 PM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (05/26/2013 02:11:44 PM) (Source: Application Error)(User: )
Description: acrord32.exe7.0.8.218acrord32.dll7.0.8.218000c882d
==================== Memory info ===========================
Percentage of memory in use: 62%
Total physical RAM: 958.48 MB
Available physical RAM: 360.52 MB
Total Pagefile: 2313.25 MB
Available Pagefile: 1601.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.12 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:223.12 GB) (Free:17.98 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: (RECOVER) (Fixed) (Total:9.76 GB) (Free:3.14 GB) FAT32
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
30.06.2013, 16:02
| #4 |
| /// the machine /// TB-Ausbilder | System Care Antivirus entfernt? Fehler bei Defogger Unsere Tools immer als Admin laufen lassen, vom Desktop, mit Internet  . Nochmal bitte .
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.06.2013, 16:09
| #5 |
| | System Care Antivirus entfernt? Fehler bei Defogger Hier ist die neue FRST.txt. Additional war nicht mit Häkchen versehen. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-06-2013 01
Ran by Michael (administrator) on 30-06-2013 17:08:12
Running from C:\Dokumente und Einstellungen\Internet\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Check Point Software Technologies LTD) C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies) C:\Programme\CheckPoint\ZAForceField\IswSvc.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avguard.exe
() C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Cyberlink) C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
(Crawler.com) C:\Programme\Spyware Terminator\st_rsser.exe
(X10) C:\PROGRA~1\COMMON~2\X10\Common\x10nets.exe
() C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
(Check Point Software Technologies) C:\Programme\CheckPoint\ZAForceField\ForceField.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\VTtrayp.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(CyberLink Corp.) C:\Programme\Home Cinema\PowerCinema\PCMService.exe
(ScanSoft, Inc.) C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(SEIKO EPSON CORPORATION) C:\Programme\Epson Software\FAX Utility\FUFAXSTM.exe
(Check Point Software Technologies LTD) C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
(Crawler.com) C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe
(Samsung) C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Crawler.com) C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
() C:\Dokumente und Einstellungen\Internet\Eigene Dateien\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [VTTimer] VTTimer.exe [x]
HKLM\...\Run: [VTTrayp] VTtrayp.exe [x]
HKLM\...\Run: [AGRSMMSG] AGRSMMSG.exe [x]
HKLM\...\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" [147456 2006-05-05] (CyberLink Corp.)
HKLM\...\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [SetDefPrt] C:\Programme\Brother\Brmfl05a\BrStDvPt.exe [49152 2005-01-26] (Brother Industories, Ltd.)
HKLM\...\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [x]
HKLM\...\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min [281768 2010-11-06] (Avira GmbH)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [FUFAXSTM] "C:\Programme\Epson Software\FAX Utility\FUFAXSTM.exe" [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [ISW] "C:\Programme\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" [738984 2012-11-22] (Check Point Software Technologies)
HKLM\...\Run: [ZoneAlarm] "C:\Programme\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
HKLM\...\Run: [SpywareTerminatorShield] C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [AOLMIcon] C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]
HKCU\...\Run: [EPSON BX305 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGJE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU" [140 2012-07-13] () <===== ATTENTION
MountPoints2: {729dd846-b5be-11dd-bb4e-ba1d54e2f242} - F:\CD_Start.exe
MountPoints2: {c5e99cbc-928f-11de-bc88-00161762d9b4} - F:\Smith.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKCU -DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKCU -ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1147879372515
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147880351031
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default
FF user.js: detected! => C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=5dd0099711e54f5eb639308adcdd92a7&tu=10G90008h1B0008&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF Plugin: @checkpoint.com/FFApi - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2321 - C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2379 - C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1483 - C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @viewpoint.com/VMP - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Extension: No Name - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\DTToolbar@toolbarnet(2).com
FF Extension: zonealarm.com - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: Google Toolbar for Firefox - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: toolbar - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\toolbar@gmx.net.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Programme\CheckPoint\ZAForceField\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Programme\CheckPoint\ZAForceField\TrustChecker
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-04-27] (Avira GmbH)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-20] (Avira GmbH)
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd)
R2 CLCapSvc; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe [266338 2006-05-05] ()
R2 CLSched; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe [118880 2006-05-05] ()
R2 CyberLink Media Library Service; C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [1073152 2006-05-05] (Cyberlink)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 IswSvc; C:\Programme\CheckPoint\ZAForceField\IswSvc.exe [497320 2012-11-22] (Check Point Software Technologies)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [167936 2006-05-05] ()
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [725400 2012-10-03] (Nokia)
R2 ST2012_Svc; C:\Programme\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
R2 vsmon; C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)
S3 WMConnectCDS; C:\Programme\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation)
R2 x10nets; C:\PROGRA~1\COMMON~2\X10\Common\x10nets.exe [20480 2001-11-12] (X10)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
S2 RoxLiveShare9; "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [882688 2006-04-28] (Philips Semiconductors GmbH)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [3964352 2006-04-21] (Realtek Semiconductor Corp.)
R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2009-02-13] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-20] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-20] (Avira GmbH)
S3 BrScnUsb; C:\Windows\System32\Drivers\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 EL90XBC; C:\Windows\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [181120 2008-09-25] (Stephan Schreiber)
R1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [51072 2008-08-28] (Stephan Schreiber)
R2 ISWKL; C:\Programme\CheckPoint\ZAForceField\ISWKL.sys [27056 2012-11-22] (Check Point Software Technologies)
R2 LBeepKE; C:\Windows\System32\Drivers\LBeepKE.sys [10448 2010-03-18] (Logitech, Inc.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-10-21] ()
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [181344 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [28064 2006-10-02] (Acronis)
R3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [248704 2006-02-09] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R1 Vsdatant; C:\Windows\System32\vsdatant.sys [527848 2013-03-27] (Check Point Software Technologies LTD)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 ZD1211U(ZyXEL); C:\Windows\System32\DRIVERS\zd1211u.sys [237568 2004-11-23] (ZyDAS Technology Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb.sys [x]
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S3 uxddrv; \??\i:\DIAGNOSE\WSTGER\uxddrv.sys [x]
S3 wanatw; system32\DRIVERS\wanatw4.sys [x]
S3 WDICA; No ImagePath
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-30 16:57 - 2013-06-30 16:57 - 00000000 ____D C:\FRST
2013-06-24 23:06 - 2013-06-27 19:35 - 00002528 ____A C:\Windows\WindowsUpdate.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000060 ____A C:\Windows\setupact.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 22:09 - 2011-06-21 11:24 - 00032768 ____A C:\Windows\System32\Drivers\sp_rsdrv2.sys
2013-06-23 20:47 - 2013-06-23 22:09 - 00000000 ____D C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 20:13 - 2013-06-23 20:20 - 00417507 ____A C:\Windows\System32\vsconfig.xml
2013-06-23 20:01 - 2013-06-24 22:35 - 00000000 ____D C:\Windows\pss
2013-06-23 18:39 - 2013-06-23 18:39 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\de
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\bits
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\l2schemas
2013-06-23 18:30 - 2008-04-14 07:53 - 00380928 ____A (Microsoft Corporation) C:\Windows\System32\irprops.cpl
2013-06-23 18:30 - 2008-04-14 07:53 - 00073796 ____N (Smart Link) C:\Windows\System32\slserv.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00060416 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\System32\slrundll.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\setupn.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-23 18:30 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-23 18:30 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01888992 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3duag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01306624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3d1ag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00516768 ____N (ATI Technologies Inc. ) C:\Windows\System32\ativvaxx.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\Windows\System32\mmcex.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\Windows\System32\qagentrt.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\Windows\System32\rhttpaa.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00286792 ____N (Smart Link) C:\Windows\System32\slextspk.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00229376 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2cqag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00201728 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\Windows\System32\napmontr.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00188508 ____N (Smart Link) C:\Windows\System32\slgen.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\Windows\System32\microsoft.managementconsole.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\Windows\System32\napstat.exe
2013-06-23 18:30 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\Windows\System32\mssha.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\Windows\System32\qagent.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\Windows\System32\mmcfxcommon.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\ieencode.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\Windows\System32\qutil.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00073832 ____N (Smart Link) C:\Windows\System32\slcoinst.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\Windows\System32\qcliprov.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\Windows\System32\rasqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\kmsvc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\Windows\System32\eapqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\tspkg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\dhcpqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\eappprxy.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\l2gpstore.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\mmcperf.exe
2013-06-23 18:30 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\eapsvc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\Windows\System32\eapolqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\napipsec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\dimsntfy.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\Windows\System32\dot3dlg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx4.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdpash.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdnepr.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdiultn.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdbhc.dll
2013-06-23 18:30 - 2008-04-14 07:27 - 00093184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6r.dll
2013-06-23 18:30 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\msshavmsg.dll
2013-06-23 18:27 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-23 18:23 - 2008-04-14 07:52 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-23 18:23 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-23 18:23 - 2008-04-14 07:21 - 00701952 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtag.sys
2013-06-23 18:23 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-23 18:23 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-23 18:23 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-23 18:23 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-23 18:23 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-23 18:23 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-23 18:23 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agpcpq.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\alim1541.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agp440.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\viaagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\Windows\System32\Drivers\sisagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\Windows\System32\Drivers\mtlstrm.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\Windows\System32\Drivers\slntamr.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\Windows\System32\Drivers\ntmtlfax.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\Windows\System32\Drivers\mtlmnt5.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\Windows\System32\Drivers\slnthal.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\Windows\System32\Drivers\recagent.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\Windows\System32\Drivers\slwdmsup.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-23 18:23 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-23 18:23 - 2007-04-02 21:36 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-23 18:23 - 2006-12-29 20:21 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-23 18:23 - 2006-12-29 20:02 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-23 18:20 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\002935_.tmp
2013-06-23 18:15 - 2013-06-23 18:19 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-23 17:19 - 2013-06-23 17:19 - 00000000 __SHD C:\found.000
==================== One Month Modified Files and Folders ========
2013-06-30 16:57 - 2013-06-30 16:57 - 00000000 ____D C:\FRST
2013-06-30 16:13 - 2006-08-06 19:23 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-30 16:13 - 2006-08-06 19:23 - 00000050 ____A C:\Windows\wiaservc.log
2013-06-30 16:13 - 2006-05-17 13:15 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-30 16:13 - 2006-05-17 12:58 - 00002206 ____A C:\Windows\System32\wpa.dbl
2013-06-27 19:35 - 2013-06-24 23:06 - 00002528 ____A C:\Windows\WindowsUpdate.log
2013-06-27 19:35 - 2006-08-06 16:39 - 00032618 ____A C:\Windows\SchedLgU.Txt
2013-06-24 22:39 - 2013-06-24 22:39 - 00000060 ____A C:\Windows\setupact.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 22:35 - 2013-06-23 20:01 - 00000000 ____D C:\Windows\pss
2013-06-24 22:34 - 2009-03-03 00:29 - 00000000 ____D C:\Windows\Minidump
2013-06-24 22:23 - 2006-05-17 14:07 - 00000000 ____D C:\Programme
2013-06-24 11:37 - 2003-01-01 01:15 - 00000000 ____D C:\Windows\System32\NtmsData
2013-06-24 09:48 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\Registration
2013-06-24 06:17 - 2006-06-21 13:04 - 00000000 __SHD C:\Windows\ftpcache
2013-06-23 22:09 - 2013-06-23 20:47 - 00000000 ____D C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 20:20 - 2013-06-23 20:13 - 00417507 ____A C:\Windows\System32\vsconfig.xml
2013-06-23 20:02 - 2006-05-17 12:58 - 00000533 ____A C:\Windows\win.ini
2013-06-23 20:02 - 2006-05-17 12:58 - 00000227 ____A C:\Windows\system.ini
2013-06-23 20:02 - 2006-05-17 12:58 - 00000211 __ASH C:\boot.ini
2013-06-23 19:55 - 2006-08-06 18:33 - 00000000 ____D C:\Windows\System32\ZoneLabs
2013-06-23 18:40 - 2006-05-17 14:07 - 01056326 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-23 18:39 - 2013-06-23 18:39 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-23 18:37 - 2006-05-17 14:06 - 00304416 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-23 18:36 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\security
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\de
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\bits
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\l2schemas
2013-06-23 18:30 - 2013-06-23 18:27 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-23 18:30 - 2013-05-21 23:11 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\System32\usmt
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\PeerNet
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\ime
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\Help
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\System32\npp
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\system
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\msagent
2013-06-23 18:26 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\System32\Restore
2013-06-23 18:26 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\srchasst
2013-06-23 18:26 - 2006-05-17 13:10 - 00000000 ____D C:\Windows\System32\Com
2013-06-23 18:22 - 2006-05-17 12:58 - 00251712 _RASH C:\ntldr
2013-06-23 18:19 - 2013-06-23 18:15 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-23 18:19 - 2006-05-17 15:40 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-23 18:03 - 2006-08-06 16:37 - 01044748 ____A C:\Windows\setupapi.log.0.old
2013-06-23 17:19 - 2013-06-23 17:19 - 00000000 __SHD C:\found.000
2013-06-10 21:36 - 2002-02-13 16:35 - 00000000 ____A C:\Windows\System32\Biport
2013-06-03 17:43 - 2006-05-17 16:04 - 73393752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-05-17 12:58] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0109056 ____A (Microsoft Corporation) 4bb6a83640f1d1792ad21ce767b621c6
C:\Windows\System32\User32.dll
[2006-05-17 12:58] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2006-05-17 12:58] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
|
|
30.06.2013, 16:10
| #6 | |
| /// the machine /// TB-Ausbilder | System Care Antivirus entfernt? Fehler bei DefoggerCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> System Care Antivirus entfernt? Fehler bei Defogger |
|
30.06.2013, 16:41
| #7 |
| | System Care Antivirus entfernt? Fehler bei Defogger Hallo Schrauber, ich habe alles geschlossen bzw. deaktiviert. Avira AntiVir ist inaktiv (geschlossener Schirm). Dennoch warnt ComboFix. Die AntiVir-Prozesse kann ich im Task Manager nicht beenden - auch nicht als admin. Soll ich Combofix trotzdem weiterlaufen lassen? So, da bin ich wieder. Und hier ist das Ergebnis der Combofix.txt. War ein wenig schwierig, da ich nach dem Neustart zuerst wieder zum selben Profil (Internet = Gast) gegangen bin und ComboFix sich in eine Endlosschleife gehängt hatte. Nach Neustart als Admin habe ich nun das Log bekommen: Combofix Logfile: Code:
ATTFilter ComboFix 13-06-30.01 - Michael 30.06.2013 18:08:14.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.958.431 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Internet\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\assembly\tmp
c:\dokumente und einstellungen\Internet\WINDOWS
c:\dokumente und einstellungen\Michael\Anwendungsdaten\ACD Systems\ACDSee\ImageDB.ddf
c:\dokumente und einstellungen\Michael\Anwendungsdaten\AD ON Multimedia
c:\dokumente und einstellungen\Michael\Anwendungsdaten\AD ON Multimedia\eBay Shortcuts\config.ini
c:\programme\xp-AntiSpy
c:\programme\xp-AntiSpy\Uninstall.exe
c:\programme\xp-AntiSpy\xp-AntiSpy.chm
c:\programme\xp-AntiSpy\xp-AntiSpy.exe
c:\programme\xp-AntiSpy\xp-AntiSpy.url
c:\windows\IsUn0407.exe
c:\windows\system32\muzapp.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-28 bis 2013-06-30 ))))))))))))))))))))))))))))))
.
.
2013-06-30 14:57 . 2013-06-30 14:57 -------- d-----w- C:\FRST
2013-06-24 20:23 . 2013-06-24 20:23 -------- d-----w- c:\programme\CCleaner
2013-06-24 20:09 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-06-24 20:09 . 2013-06-27 15:56 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Spyware Terminator
2013-06-24 20:09 . 2013-06-24 20:09 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\Spyware Terminator
2013-06-24 20:08 . 2013-06-24 21:10 -------- d-----w- c:\programme\Spyware Terminator
2013-06-24 19:39 . 2013-06-24 19:39 -------- d-----w- c:\dokumente und einstellungen\Internet\Anwendungsdaten\Malwarebytes
2013-06-24 00:09 . 2013-06-24 00:09 -------- d-----w- c:\dokumente und einstellungen\Michael\Lokale Einstellungen\Anwendungsdaten\Sun
2013-06-23 20:21 . 2013-06-23 20:21 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\Malwarebytes
2013-06-23 20:21 . 2013-06-23 20:21 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2013-06-23 20:09 . 2013-06-23 20:09 -------- d-sh--w- c:\dokumente und einstellungen\Michael\PrivacIE
2013-06-23 20:03 . 2013-06-23 20:03 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\CheckPoint
2013-06-23 18:48 . 2013-06-23 18:48 -------- d-----w- c:\programme\Enigma Software Group
2013-06-23 18:47 . 2013-06-23 20:09 -------- d-----w- c:\windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 18:13 . 2013-06-23 18:13 -------- d-----w- c:\dokumente und einstellungen\Internet\Anwendungsdaten\CheckPoint
2013-06-23 18:09 . 2013-06-23 18:09 -------- d-----w- c:\programme\Check Point Software Technologies LTD
2013-06-23 17:52 . 2013-06-23 18:10 -------- d-----w- c:\programme\CheckPoint
2013-06-23 17:43 . 2013-06-23 17:43 -------- d-----w- c:\dokumente und einstellungen\Michael\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
2013-06-23 17:15 . 2013-06-23 17:15 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\CheckPoint
2013-06-23 16:23 . 2008-04-14 05:52 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2013-06-23 16:20 . 2006-12-28 22:31 19569 ----a-w- c:\windows\002935_.tmp
2013-06-23 16:15 . 2013-06-23 16:15 -------- d-----w- c:\windows\EHome
2013-06-23 15:21 . 2013-06-23 15:21 -------- d-sh--w- c:\dokumente und einstellungen\Michael\IETldCache
2013-06-23 15:19 . 2013-06-23 15:19 -------- d-----w- C:\found.000
2013-06-23 13:06 . 2013-06-23 13:07 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2013-06-23 12:16 . 2013-06-23 13:28 -------- d-----w- C:\bd_logs
2013-06-03 20:06 . 2013-06-03 20:06 -------- d-sh--w- c:\dokumente und einstellungen\Default User\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-13 04:38 . 2012-04-16 12:48 97208 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536]
"VTTimer"="VTTimer.exe" [2005-03-08 53248]
"VTTrayp"="VTtrayp.exe" [2005-11-01 163840]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 88204]
"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"PCMService"="c:\programme\Home Cinema\PowerCinema\PCMService.exe" [2006-05-05 147456]
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"SetDefPrt"="c:\programme\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-06 281768]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-17 252296]
"FUFAXSTM"="c:\programme\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-02 847872]
"ISW"="c:\programme\CheckPoint\ZAForceField\ForceField.exe" [2012-11-22 738984]
"ZoneAlarm"="c:\programme\CheckPoint\ZoneAlarm\zatray.exe" [2013-03-27 73832]
"SpywareTerminatorShield"="c:\programme\Spyware Terminator\SpywareTerminatorShield.exe" [2013-04-03 2777736]
"SpywareTerminatorUpdater"="c:\programme\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Microsoft Office.lnk - c:\programme\Microsoft Office\Office\OSA9.EXE -b -l [2000-1-21 65588]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Michael^Startmenü^Programme^Autostart^OpenOffice.org 2.4.lnk]
path=c:\dokumente und einstellungen\Michael\Startmenü\Programme\Autostart\OpenOffice.org 2.4.lnk
backup=c:\windows\pss\OpenOffice.org 2.4.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0]
2005-05-17 16:42 933888 ------w- c:\programme\Brother\ControlCenter2\brctrcen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2012-11-28 13:24 577536 ----a-w- c:\programme\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-12-03 22:35 967608 ----a-w- c:\programme\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-12-03 22:35 309688 ----a-w- c:\programme\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-03-17 16:59 2289664 ----a-w- c:\programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programme\\NetMeeting\\Conf.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Programme\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.10.2010 21:27 691696]
R1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [31.03.2013 12:08 181120]
R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [31.03.2013 12:08 51072]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [24.06.2013 22:09 32768]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [27.03.2009 00:10 136360]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\programme\CheckPoint\ZAForceField\ISWKL.sys [22.11.2012 16:33 27056]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\programme\CheckPoint\ZAForceField\ISWSVC.exe [22.11.2012 16:33 497320]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [18.06.2010 00:26 10448]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\programme\Spyware Terminator\st_rsser.exe [24.06.2013 22:08 587912]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [18.05.2006 17:54 882688]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [25.12.2012 13:04 83168]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [25.12.2012 13:04 181344]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudobex.sys [25.12.2012 13:04 181344]
S3 uxddrv;Dynamically loaded UxdDrv;\??\i:\diagnose\WSTGER\uxddrv.sys --> i:\diagnose\WSTGER\uxddrv.sys [?]
S3 ZD1211U(ZyXEL);ZyAIR G-220 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyXEL);c:\windows\system32\drivers\ZD1211U.sys [23.04.2008 08:46 237568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 16:56 451872 ----a-w- c:\programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://www.aldi.com/
IE: &Google-Suche - c:\programme\google\GoogleToolbar2.dll/cmsearch.html
IE: &Ins Deutsche übersetzen - c:\programme\google\GoogleToolbar2.dll/cmwordtrans.html
IE: Im Cache gespeicherte Seite - c:\programme\google\GoogleToolbar2.dll/cmcache.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Verweisseiten - c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
IE: Ähnliche Seiten - c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Search By ZoneAlarm
FF - prefs.js: browser.startup.homepage - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=5dd0099711e54f5eb639308adcdd92a7&tu=10G90008h1B0008&sku=&tstsId=&ver=&
FF - ExtSQL: 2013-06-23 20:11; ffxtlbr@zonealarm.com; c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\extensions\ffxtlbr@zonealarm.com
FF - ExtSQL: 2013-06-23 20:13; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:\programme\CheckPoint\ZAForceField\TrustChecker
FF - ExtSQL: !HIDDEN! 2006-08-06 16:52; {3112ca9c-de6d-4884-a869-9855de68056c}; c:\programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - user.js: extensions.zonealarm.hpOld0 - hxxp://www.google.de/
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src=tb&tbid=base2013&Lan={dfltLng}&gu=5dd0099711e54f5eb639308adcdd92a7&tu=10G90008h1B0008&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - ecf59c8900000000000000161762d9b4
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15879
FF - user.js: extensions.zonealarm.vrsn - 1.8.11.11
FF - user.js: extensions.zonealarm.vrsni - 1.8.11.11
FF - user.js: extensions.zonealarm.vrsnTs - 1.8.11.1120:09
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN40916478497608-4901
FF - user.js: extensions.zonealarm.dfltLng - de
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.ffxUnstlRst - false
FF - user.js: extensions.zonealarm.admin - false
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm.rvrt - true
FF - user.js: extensions.zonealarm.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=5dd0099711e54f5eb639308adcdd92a7&tu=10G90008h1B0008&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.kw_url - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&gu=5dd0099711e54f5eb639308adcdd92a7&tu=10G90008h1B0008&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.dnsErr - true
FF - user.js: extensions.zonealarm.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbid=base2013&Lan=de&gu=5dd0099711e54f5eb639308adcdd92a7&tu=10G90008h1B0008&sku=&tstsId=&ver=&
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-AOLMIcon - c:\programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe
c:\dokumente und einstellungen\Petra\Startmenü\Programme\Autostart\OpenOffice.org 1.9.79.lnk - c:\programme\OpenOffice.org 1.9.79\program\quickstart.exe
c:\dokumente und einstellungen\Internet\Startmenü\Programme\Autostart\OpenOffice.org 1.9.79.lnk - c:\programme\OpenOffice.org 1.9.79\program\quickstart.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-EPSON Photo Print - c:\windows\IsUn0407.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-Thomas & Friends - Trouble on the Tracks - c:\windows\IsUn0407.exe
AddRemove-xp-AntiSpy - c:\programme\xp-AntiSpy\Uninstall.exe
AddRemove-01_Simmental - c:\programme\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\programme\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\programme\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\programme\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\programme\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\programme\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\programme\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\programme\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\programme\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\programme\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\programme\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-06-30 20:01
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(524)
c:\programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(580)
c:\programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(324)
c:\programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\brss01a.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
c:\programme\Java\jre7\bin\jqs.exe
c:\programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\programme\CyberLink\Shared Files\RichVideo.exe
c:\progra~1\COMMON~2\X10\Common\x10nets.exe
c:\programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\VTTimer.exe
c:\windows\system32\VTtrayp.exe
c:\windows\AGRSMMSG.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-30 20:07:06 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-06-30 18:07
.
Vor Suchlauf: 18 Verzeichnis(se), 19.116.650.496 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 21.710.561.280 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - A3FB23E116C5E67B938EBDAF93750F84
72B8CE41AF0DE751C946802B3ED844B4 [/CODE] |
|
30.06.2013, 19:48
| #8 |
| /// the machine /// TB-Ausbilder | System Care Antivirus entfernt? Fehler bei Defogger Denk dran, immer alles als Admin. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.06.2013, 20:40
| #9 |
| | System Care Antivirus entfernt? Fehler bei Defogger So, hier sind die Logs: AdwCleaner: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 30/06/2013 um 21:17:15 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Michael - HOME-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Internet\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\searchplugins\daemon-search.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\searchplugins\zonealarm.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\Michael\Desktop\eBay.lnk
Datei Gelöscht : C:\Dokumente und Einstellungen\Michael\Startmenü\eBay.lnk
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
Ordner Gelöscht : C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Programme\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Programme\Viewpoint
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\Software\MetaStream
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Schlüssel Gelöscht : HKLM\Software\Viewpoint
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v11.0 (de)
Datei : C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\prefs.js
C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\o879j3ok.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Petra\Anwendungsdaten\Mozilla\Firefox\Profiles\glr0oqba.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [5550 octets] - [30/06/2013 21:17:15]
########## EOF - \AdwCleaner[S1].txt - [5610 octets] ##########
JRT: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 30/06/2013 um 21:17:15 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Michael - HOME-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Internet\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\searchplugins\daemon-search.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\searchplugins\zonealarm.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\Michael\Desktop\eBay.lnk
Datei Gelöscht : C:\Dokumente und Einstellungen\Michael\Startmenü\eBay.lnk
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
Ordner Gelöscht : C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Programme\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Programme\Viewpoint
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\Software\MetaStream
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Schlüssel Gelöscht : HKLM\Software\Viewpoint
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v11.0 (de)
Datei : C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\prefs.js
C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\o879j3ok.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Petra\Anwendungsdaten\Mozilla\Firefox\Profiles\glr0oqba.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [5550 octets] - [30/06/2013 21:17:15]
########## EOF - \AdwCleaner[S1].txt - [5610 octets] ##########
FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-06-2013 01
Ran by Michael (administrator) on 30-06-2013 21:28:43
Running from C:\Dokumente und Einstellungen\Internet\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Check Point Software Technologies) C:\Programme\CheckPoint\ZAForceField\IswSvc.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avguard.exe
() C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
(Cyberlink) C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
(Crawler.com) C:\Programme\Spyware Terminator\st_rsser.exe
(X10) C:\PROGRA~1\COMMON~2\X10\Common\x10nets.exe
() C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\VTtrayp.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(CyberLink Corp.) C:\Programme\Home Cinema\PowerCinema\PCMService.exe
(ScanSoft, Inc.) C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
(SEIKO EPSON CORPORATION) C:\Programme\Epson Software\FAX Utility\FUFAXSTM.exe
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(Samsung) C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Check Point Software Technologies) C:\Programme\CheckPoint\ZAForceField\ForceField.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [VTTrayp] VTtrayp.exe [x]
HKLM\...\Run: [AGRSMMSG] AGRSMMSG.exe [x]
HKLM\...\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" [147456 2006-05-05] (CyberLink Corp.)
HKLM\...\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [SetDefPrt] C:\Programme\Brother\Brmfl05a\BrStDvPt.exe [49152 2005-01-26] (Brother Industories, Ltd.)
HKLM\...\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [x]
HKLM\...\Run: [FUFAXSTM] "C:\Programme\Epson Software\FAX Utility\FUFAXSTM.exe" [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [ISW] C:\Programme\CheckPoint\ZAForceField\ForceField.exe /icon="hidden" [738984 2012-11-22] (Check Point Software Technologies)
HKLM\...\Run: [ZoneAlarm] "C:\Programme\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
HKLM\...\Run: [VTTimer] VTTimer.exe [x]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\RunOnce: [Report] \AdwCleaner[S1].txt [5677 2013-06-30] ()
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKCU -ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1147879372515
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147880351031
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=5dd0099711e54f5eb639308adcdd92a7&tu=10G90008h1B0008&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2321 - C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2379 - C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1483 - C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: No Name - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\DTToolbar@toolbarnet(2).com
FF Extension: zonealarm.com - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: Google Toolbar for Firefox - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: toolbar - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\toolbar@gmx.net.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Programme\CheckPoint\ZAForceField\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Programme\CheckPoint\ZAForceField\TrustChecker
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-04-27] (Avira GmbH)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-20] (Avira GmbH)
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd)
R2 CLCapSvc; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe [266338 2006-05-05] ()
R2 CLSched; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe [118880 2006-05-05] ()
R2 CyberLink Media Library Service; C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [1073152 2006-05-05] (Cyberlink)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 IswSvc; C:\Programme\CheckPoint\ZAForceField\IswSvc.exe [497320 2012-11-22] (Check Point Software Technologies)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [167936 2006-05-05] ()
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [725400 2012-10-03] (Nokia)
R2 ST2012_Svc; C:\Programme\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
S2 vsmon; C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)
S3 WMConnectCDS; C:\Programme\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation)
R2 x10nets; C:\PROGRA~1\COMMON~2\X10\Common\x10nets.exe [20480 2001-11-12] (X10)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
S2 RoxLiveShare9; "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [882688 2006-04-28] (Philips Semiconductors GmbH)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [3964352 2006-04-21] (Realtek Semiconductor Corp.)
R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2009-02-13] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-20] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-20] (Avira GmbH)
S3 BrScnUsb; C:\Windows\System32\Drivers\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 EL90XBC; C:\Windows\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [181120 2008-09-25] (Stephan Schreiber)
R1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [51072 2008-08-28] (Stephan Schreiber)
R2 ISWKL; C:\Programme\CheckPoint\ZAForceField\ISWKL.sys [27056 2012-11-22] (Check Point Software Technologies)
R2 LBeepKE; C:\Windows\System32\Drivers\LBeepKE.sys [10448 2010-03-18] (Logitech, Inc.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-10-21] ()
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [181344 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [28064 2006-10-02] (Acronis)
R3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [248704 2006-02-09] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R1 Vsdatant; C:\Windows\System32\vsdatant.sys [527848 2013-03-27] (Check Point Software Technologies LTD)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 ZD1211U(ZyXEL); C:\Windows\System32\DRIVERS\zd1211u.sys [237568 2004-11-23] (ZyDAS Technology Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb.sys [x]
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
U3 TlntSvr;
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S3 uxddrv; \??\i:\DIAGNOSE\WSTGER\uxddrv.sys [x]
S3 wanatw; system32\DRIVERS\wanatw4.sys [x]
S3 WDICA; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-30 21:23 - 2013-06-30 21:23 - 00000000 ____D C:\Windows\ERUNT
2013-06-30 21:23 - 2013-06-30 21:23 - 00000000 ____D C:\JRT
2013-06-30 21:17 - 2013-06-30 21:17 - 00005677 ____A C:\AdwCleaner[S1].txt
2013-06-30 20:07 - 2013-06-30 20:07 - 00018559 ____A C:\ComboFix.txt
2013-06-30 18:21 - 2013-06-30 18:21 - 00000674 ____A C:\Windows\setupapi.log
2013-06-30 18:18 - 2013-06-30 18:18 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00008192 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-06-30 18:04 - 2013-06-30 18:04 - 00000000 RASHD C:\cmdcons
2013-06-30 18:04 - 2013-06-23 20:02 - 00000211 ____A C:\Boot.bak
2013-06-30 18:04 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-06-30 18:01 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-30 18:01 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-30 18:01 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-30 17:14 - 2013-06-30 20:07 - 00000000 ____D C:\Qoobox
2013-06-30 17:13 - 2013-06-30 20:05 - 00000000 ____D C:\Windows\erdnt
2013-06-30 16:57 - 2013-06-30 16:57 - 00000000 ____D C:\FRST
2013-06-24 23:06 - 2013-06-30 21:20 - 00018142 ____A C:\Windows\WindowsUpdate.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000060 ____A C:\Windows\setupact.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 22:09 - 2011-06-21 11:24 - 00032768 ____A C:\Windows\System32\Drivers\sp_rsdrv2.sys
2013-06-23 20:47 - 2013-06-23 22:09 - 00000000 ____D C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 20:13 - 2013-06-23 20:20 - 00417507 ____A C:\Windows\System32\vsconfig.xml
2013-06-23 20:01 - 2013-06-24 22:35 - 00000000 ____D C:\Windows\pss
2013-06-23 18:39 - 2013-06-23 18:39 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\de
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\bits
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\l2schemas
2013-06-23 18:30 - 2008-04-14 07:53 - 00380928 ____A (Microsoft Corporation) C:\Windows\System32\irprops.cpl
2013-06-23 18:30 - 2008-04-14 07:53 - 00073796 ____N (Smart Link) C:\Windows\System32\slserv.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00060416 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\System32\slrundll.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\setupn.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-23 18:30 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-23 18:30 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01888992 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3duag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01306624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3d1ag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00516768 ____N (ATI Technologies Inc. ) C:\Windows\System32\ativvaxx.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\Windows\System32\mmcex.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\Windows\System32\qagentrt.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\Windows\System32\rhttpaa.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00286792 ____N (Smart Link) C:\Windows\System32\slextspk.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00229376 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2cqag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00201728 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\Windows\System32\napmontr.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00188508 ____N (Smart Link) C:\Windows\System32\slgen.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\Windows\System32\microsoft.managementconsole.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\Windows\System32\napstat.exe
2013-06-23 18:30 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\Windows\System32\mssha.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\Windows\System32\qagent.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\Windows\System32\mmcfxcommon.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\ieencode.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\Windows\System32\qutil.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00073832 ____N (Smart Link) C:\Windows\System32\slcoinst.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\Windows\System32\qcliprov.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\Windows\System32\rasqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\kmsvc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\Windows\System32\eapqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\tspkg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\dhcpqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\eappprxy.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\l2gpstore.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\mmcperf.exe
2013-06-23 18:30 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\eapsvc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\Windows\System32\eapolqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\napipsec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\dimsntfy.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\Windows\System32\dot3dlg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx4.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdpash.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdnepr.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdiultn.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdbhc.dll
2013-06-23 18:30 - 2008-04-14 07:27 - 00093184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6r.dll
2013-06-23 18:30 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\msshavmsg.dll
2013-06-23 18:27 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-23 18:23 - 2008-04-14 07:52 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-23 18:23 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-23 18:23 - 2008-04-14 07:21 - 00701952 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtag.sys
2013-06-23 18:23 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-23 18:23 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-23 18:23 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-23 18:23 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-23 18:23 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-23 18:23 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-23 18:23 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agpcpq.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\alim1541.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agp440.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\viaagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\Windows\System32\Drivers\sisagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\Windows\System32\Drivers\mtlstrm.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\Windows\System32\Drivers\slntamr.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\Windows\System32\Drivers\ntmtlfax.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\Windows\System32\Drivers\mtlmnt5.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\Windows\System32\Drivers\slnthal.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\Windows\System32\Drivers\recagent.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\Windows\System32\Drivers\slwdmsup.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-23 18:23 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-23 18:23 - 2007-04-02 21:36 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-23 18:23 - 2006-12-29 20:21 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-23 18:23 - 2006-12-29 20:02 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-23 18:20 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\002935_.tmp
2013-06-23 18:15 - 2013-06-23 18:19 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-23 17:19 - 2013-06-23 17:19 - 00000000 ____D C:\found.000
==================== One Month Modified Files and Folders ========
2013-06-30 21:23 - 2013-06-30 21:23 - 00000000 ____D C:\Windows\ERUNT
2013-06-30 21:23 - 2013-06-30 21:23 - 00000000 ____D C:\JRT
2013-06-30 21:20 - 2013-06-24 23:06 - 00018142 ____A C:\Windows\WindowsUpdate.log
2013-06-30 21:20 - 2006-08-06 19:23 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-30 21:20 - 2006-08-06 19:23 - 00000050 ____A C:\Windows\wiaservc.log
2013-06-30 21:20 - 2006-05-17 13:15 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-30 21:18 - 2006-08-06 16:39 - 00032618 ____A C:\Windows\SchedLgU.Txt
2013-06-30 21:17 - 2013-06-30 21:17 - 00005677 ____A C:\AdwCleaner[S1].txt
2013-06-30 21:17 - 2006-05-17 14:07 - 00000000 ____D C:\Programme
2013-06-30 21:11 - 2006-05-17 12:58 - 00002206 ____A C:\Windows\System32\wpa.dbl
2013-06-30 20:07 - 2013-06-30 20:07 - 00018559 ____A C:\ComboFix.txt
2013-06-30 20:07 - 2013-06-30 17:14 - 00000000 ____D C:\Qoobox
2013-06-30 20:05 - 2013-06-30 17:13 - 00000000 ____D C:\Windows\erdnt
2013-06-30 20:01 - 2006-05-17 12:58 - 00000227 ____A C:\Windows\system.ini
2013-06-30 18:21 - 2013-06-30 18:21 - 00000674 ____A C:\Windows\setupapi.log
2013-06-30 18:18 - 2013-06-30 18:18 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00008192 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-06-30 18:18 - 2006-05-17 15:05 - 30408704 ____A C:\Windows\System32\config\software.bak
2013-06-30 18:18 - 2006-05-17 15:05 - 12845056 ____A C:\Windows\System32\config\system.bak
2013-06-30 18:18 - 2006-05-17 15:05 - 00524288 ____A C:\Windows\System32\config\default.bak
2013-06-30 18:18 - 2006-05-17 14:06 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-06-30 18:18 - 2006-05-17 14:06 - 00028672 ____A C:\Windows\System32\config\SAM.bak
2013-06-30 18:04 - 2013-06-30 18:04 - 00000000 RASHD C:\cmdcons
2013-06-30 18:04 - 2006-05-17 12:58 - 00000327 _RASH C:\boot.ini
2013-06-30 16:57 - 2013-06-30 16:57 - 00000000 ____D C:\FRST
2013-06-24 22:39 - 2013-06-24 22:39 - 00000060 ____A C:\Windows\setupact.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 22:35 - 2013-06-23 20:01 - 00000000 ____D C:\Windows\pss
2013-06-24 22:34 - 2009-03-03 00:29 - 00000000 ____D C:\Windows\Minidump
2013-06-24 11:37 - 2003-01-01 01:15 - 00000000 ____D C:\Windows\System32\NtmsData
2013-06-24 09:48 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\Registration
2013-06-24 06:17 - 2006-06-21 13:04 - 00000000 __SHD C:\Windows\ftpcache
2013-06-23 22:09 - 2013-06-23 20:47 - 00000000 ____D C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 20:20 - 2013-06-23 20:13 - 00417507 ____A C:\Windows\System32\vsconfig.xml
2013-06-23 20:02 - 2013-06-30 18:04 - 00000211 ____A C:\Boot.bak
2013-06-23 20:02 - 2006-05-17 12:58 - 00000533 ____A C:\Windows\win.ini
2013-06-23 19:55 - 2006-08-06 18:33 - 00000000 ____D C:\Windows\System32\ZoneLabs
2013-06-23 18:40 - 2006-05-17 14:07 - 01056326 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-23 18:39 - 2013-06-23 18:39 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-23 18:37 - 2006-05-17 14:06 - 00304416 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-23 18:36 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\security
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\de
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\bits
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\l2schemas
2013-06-23 18:30 - 2013-06-23 18:27 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-23 18:30 - 2013-05-21 23:11 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\System32\usmt
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\PeerNet
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\ime
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\Help
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\System32\npp
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\system
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\msagent
2013-06-23 18:26 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\System32\Restore
2013-06-23 18:26 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\srchasst
2013-06-23 18:26 - 2006-05-17 13:10 - 00000000 ____D C:\Windows\System32\Com
2013-06-23 18:22 - 2006-05-17 12:58 - 00251712 _RASH C:\ntldr
2013-06-23 18:19 - 2013-06-23 18:15 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-23 18:19 - 2006-05-17 15:40 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-23 18:03 - 2006-08-06 16:37 - 01044748 ____A C:\Windows\setupapi.log.0.old
2013-06-23 17:19 - 2013-06-23 17:19 - 00000000 ____D C:\found.000
2013-06-10 21:36 - 2002-02-13 16:35 - 00000000 ____A C:\Windows\System32\Biport
2013-06-03 17:43 - 2006-05-17 16:04 - 73393752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-05-17 12:58] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0109056 ____A (Microsoft Corporation) 4bb6a83640f1d1792ad21ce767b621c6
C:\Windows\System32\User32.dll
[2006-05-17 12:58] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2006-05-17 12:58] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
|
|
01.07.2013, 07:37
| #10 |
| /// the machine /// TB-Ausbilder | System Care Antivirus entfernt? Fehler bei Defogger Supi ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST Logfile. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.07.2013, 18:42
| #11 |
| | System Care Antivirus entfernt? Fehler bei Defogger Hallo Schrauber, da bin ich wieder. Eset, SecurityCheck und FRST sind gelaufen. Logs s.u. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b8ffadf8ad15f94f9f0b147d68b215f4
# engine=14218
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-01 02:12:44
# local_time=2013-07-01 04:12:44 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1797 16775165 100 100 78731 147584528 78949 0
# compatibility_mode=7937 16777214 28 75 579709 6901612 0 0
# compatibility_mode=9217 16777214 75 4 676922 676922 0 0
# scanned=132593
# found=0
# cleaned=0
# scan_time=18652
Code:
ATTFilter Results of screen317's Security Check version 0.99.68
Windows XP Service Pack 3 x86
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Avira AntiVir Personal - Free Antivirus
ZoneAlarm Free Firewall
ZoneAlarm Firewall
ZoneAlarm Security Toolbar
ZoneAlarm Security
`````````Anti-malware/Other Utilities Check:`````````
Spyware Terminator 2012
CCleaner
Java(TM) 6 Update 27
Java(TM) 7 Update 4
Java version out of Date!
Adobe Flash Player 11.2.202.235
Adobe Reader 7 Adobe Reader out of Date!
Mozilla Firefox 11.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avguard.exe
CheckPoint ZoneAlarm vsmon.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-06-2013 01
Ran by Michael (administrator) on 01-07-2013 19:31:50
Running from C:\Dokumente und Einstellungen\Internet\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Check Point Software Technologies) C:\Programme\CheckPoint\ZAForceField\IswSvc.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avguard.exe
() C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Cyberlink) C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
(Crawler.com) C:\Programme\Spyware Terminator\st_rsser.exe
(X10) C:\PROGRA~1\COMMON~2\X10\Common\x10nets.exe
() C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\VTtrayp.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(CyberLink Corp.) C:\Programme\Home Cinema\PowerCinema\PCMService.exe
(ScanSoft, Inc.) C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
(SEIKO EPSON CORPORATION) C:\Programme\Epson Software\FAX Utility\FUFAXSTM.exe
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Adobe Systems Incorporated) C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [VTTrayp] VTtrayp.exe [x]
HKLM\...\Run: [AGRSMMSG] AGRSMMSG.exe [x]
HKLM\...\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe" [147456 2006-05-05] (CyberLink Corp.)
HKLM\...\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [SetDefPrt] C:\Programme\Brother\Brmfl05a\BrStDvPt.exe [49152 2005-01-26] (Brother Industories, Ltd.)
HKLM\...\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [x]
HKLM\...\Run: [FUFAXSTM] "C:\Programme\Epson Software\FAX Utility\FUFAXSTM.exe" [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [ISW] [x]
HKLM\...\Run: [ZoneAlarm] "C:\Programme\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
HKLM\...\Run: [VTTimer] VTTimer.exe [x]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (Google Inc.)
Toolbar: HKCU -ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1147879372515
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147880351031
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=5dd0099711e54f5eb639308adcdd92a7&tu=10G90008h1B0008&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2321 - C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2379 - C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1483 - C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: No Name - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\DTToolbar@toolbarnet(2).com
FF Extension: zonealarm.com - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: Google Toolbar for Firefox - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: toolbar - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\45hk2dbv.default\Extensions\toolbar@gmx.net.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Programme\CheckPoint\ZAForceField\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Programme\CheckPoint\ZAForceField\TrustChecker
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-04-27] (Avira GmbH)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-20] (Avira GmbH)
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd)
R2 CLCapSvc; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe [266338 2006-05-05] ()
R2 CLSched; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe [118880 2006-05-05] ()
R2 CyberLink Media Library Service; C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [1073152 2006-05-05] (Cyberlink)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 IswSvc; C:\Programme\CheckPoint\ZAForceField\IswSvc.exe [497320 2012-11-22] (Check Point Software Technologies)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [167936 2006-05-05] ()
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [725400 2012-10-03] (Nokia)
R2 ST2012_Svc; C:\Programme\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
S2 vsmon; C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)
S3 WMConnectCDS; C:\Programme\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation)
R2 x10nets; C:\PROGRA~1\COMMON~2\X10\Common\x10nets.exe [20480 2001-11-12] (X10)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
S2 RoxLiveShare9; "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [882688 2006-04-28] (Philips Semiconductors GmbH)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [3964352 2006-04-21] (Realtek Semiconductor Corp.)
R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2009-02-13] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-20] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-20] (Avira GmbH)
S3 BrScnUsb; C:\Windows\System32\Drivers\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 EL90XBC; C:\Windows\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [181120 2008-09-25] (Stephan Schreiber)
R1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [51072 2008-08-28] (Stephan Schreiber)
R2 ISWKL; C:\Programme\CheckPoint\ZAForceField\ISWKL.sys [27056 2012-11-22] (Check Point Software Technologies)
R2 LBeepKE; C:\Windows\System32\Drivers\LBeepKE.sys [10448 2010-03-18] (Logitech, Inc.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-10-21] ()
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [181344 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [28064 2006-10-02] (Acronis)
R3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [248704 2006-02-09] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R1 Vsdatant; C:\Windows\System32\vsdatant.sys [527848 2013-03-27] (Check Point Software Technologies LTD)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 ZD1211U(ZyXEL); C:\Windows\System32\DRIVERS\zd1211u.sys [237568 2004-11-23] (ZyDAS Technology Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb.sys [x]
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
U3 TlntSvr;
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S3 uxddrv; \??\i:\DIAGNOSE\WSTGER\uxddrv.sys [x]
S3 wanatw; system32\DRIVERS\wanatw4.sys [x]
S3 WDICA; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-30 21:23 - 2013-06-30 21:23 - 00000000 ____D C:\Windows\ERUNT
2013-06-30 21:23 - 2013-06-30 21:23 - 00000000 ____D C:\JRT
2013-06-30 21:17 - 2013-06-30 21:17 - 00005677 ____A C:\AdwCleaner[S1].txt
2013-06-30 20:07 - 2013-06-30 20:07 - 00018559 ____A C:\ComboFix.txt
2013-06-30 18:21 - 2013-06-30 18:21 - 00000674 ____A C:\Windows\setupapi.log
2013-06-30 18:18 - 2013-06-30 18:18 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00008192 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-06-30 18:04 - 2013-06-30 18:04 - 00000000 RASHD C:\cmdcons
2013-06-30 18:04 - 2013-06-23 20:02 - 00000211 ____A C:\Boot.bak
2013-06-30 18:04 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-06-30 18:01 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-30 18:01 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-30 18:01 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-30 18:01 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-30 17:14 - 2013-06-30 20:07 - 00000000 ____D C:\Qoobox
2013-06-30 17:13 - 2013-06-30 20:05 - 00000000 ____D C:\Windows\erdnt
2013-06-30 16:57 - 2013-06-30 16:57 - 00000000 ____D C:\FRST
2013-06-24 23:06 - 2013-07-01 19:26 - 00028850 ____A C:\Windows\WindowsUpdate.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000060 ____A C:\Windows\setupact.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 22:09 - 2011-06-21 11:24 - 00032768 ____A C:\Windows\System32\Drivers\sp_rsdrv2.sys
2013-06-23 20:47 - 2013-06-23 22:09 - 00000000 ____D C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 20:13 - 2013-06-23 20:20 - 00417507 ____A C:\Windows\System32\vsconfig.xml
2013-06-23 20:01 - 2013-06-24 22:35 - 00000000 ____D C:\Windows\pss
2013-06-23 18:39 - 2013-06-23 18:39 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\de
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\bits
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\l2schemas
2013-06-23 18:30 - 2008-04-14 07:53 - 00380928 ____A (Microsoft Corporation) C:\Windows\System32\irprops.cpl
2013-06-23 18:30 - 2008-04-14 07:53 - 00073796 ____N (Smart Link) C:\Windows\System32\slserv.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00060416 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\System32\slrundll.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\setupn.exe
2013-06-23 18:30 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-23 18:30 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-23 18:30 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01888992 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3duag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 01306624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3d1ag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00516768 ____N (ATI Technologies Inc. ) C:\Windows\System32\ativvaxx.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\Windows\System32\mmcex.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\Windows\System32\qagentrt.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\Windows\System32\rhttpaa.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00286792 ____N (Smart Link) C:\Windows\System32\slextspk.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00229376 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2cqag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00201728 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvag.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\Windows\System32\napmontr.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00188508 ____N (Smart Link) C:\Windows\System32\slgen.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\Windows\System32\microsoft.managementconsole.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\Windows\System32\napstat.exe
2013-06-23 18:30 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\Windows\System32\mssha.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\Windows\System32\qagent.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\Windows\System32\mmcfxcommon.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\ieencode.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\Windows\System32\qutil.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00073832 ____N (Smart Link) C:\Windows\System32\slcoinst.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\Windows\System32\qcliprov.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\Windows\System32\rasqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\kmsvc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\Windows\System32\eapqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\tspkg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\dhcpqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\eappprxy.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\l2gpstore.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\mmcperf.exe
2013-06-23 18:30 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\eapsvc.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\Windows\System32\eapolqec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\napipsec.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\dimsntfy.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\Windows\System32\dot3dlg.dll
2013-06-23 18:30 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx4.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdpash.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdnepr.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdiultn.dll
2013-06-23 18:30 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdbhc.dll
2013-06-23 18:30 - 2008-04-14 07:27 - 00093184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6r.dll
2013-06-23 18:30 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\msshavmsg.dll
2013-06-23 18:27 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-23 18:23 - 2008-04-14 07:52 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-23 18:23 - 2008-04-14 07:52 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-23 18:23 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-23 18:23 - 2008-04-14 07:21 - 00701952 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtag.sys
2013-06-23 18:23 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-23 18:23 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-23 18:23 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-23 18:23 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-23 18:23 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-23 18:23 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-23 18:23 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agpcpq.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\alim1541.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agp440.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\viaagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\Windows\System32\Drivers\sisagp.sys
2013-06-23 18:23 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\Windows\System32\Drivers\mtlstrm.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\Windows\System32\Drivers\slntamr.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\Windows\System32\Drivers\ntmtlfax.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\Windows\System32\Drivers\mtlmnt5.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\Windows\System32\Drivers\slnthal.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\Windows\System32\Drivers\recagent.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\Windows\System32\Drivers\slwdmsup.sys
2013-06-23 18:23 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-23 18:23 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-23 18:23 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-23 18:23 - 2007-04-02 21:36 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-23 18:23 - 2006-12-29 20:21 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-23 18:23 - 2006-12-29 20:02 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-23 18:20 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\002935_.tmp
2013-06-23 18:15 - 2013-06-23 18:19 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-23 17:19 - 2013-06-23 17:19 - 00000000 ____D C:\found.000
==================== One Month Modified Files and Folders ========
2013-07-01 19:28 - 2006-05-17 14:07 - 00000000 ____D C:\Programme
2013-07-01 19:28 - 2006-05-17 12:58 - 00002206 ____A C:\Windows\System32\wpa.dbl
2013-07-01 19:26 - 2013-06-24 23:06 - 00028850 ____A C:\Windows\WindowsUpdate.log
2013-07-01 19:26 - 2006-08-06 19:23 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-01 19:26 - 2006-08-06 19:23 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-01 19:25 - 2006-05-17 13:15 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 19:24 - 2006-08-06 16:39 - 00032622 ____A C:\Windows\SchedLgU.Txt
2013-06-30 21:23 - 2013-06-30 21:23 - 00000000 ____D C:\Windows\ERUNT
2013-06-30 21:23 - 2013-06-30 21:23 - 00000000 ____D C:\JRT
2013-06-30 21:17 - 2013-06-30 21:17 - 00005677 ____A C:\AdwCleaner[S1].txt
2013-06-30 20:07 - 2013-06-30 20:07 - 00018559 ____A C:\ComboFix.txt
2013-06-30 20:07 - 2013-06-30 17:14 - 00000000 ____D C:\Qoobox
2013-06-30 20:05 - 2013-06-30 17:13 - 00000000 ____D C:\Windows\erdnt
2013-06-30 20:01 - 2006-05-17 12:58 - 00000227 ____A C:\Windows\system.ini
2013-06-30 18:21 - 2013-06-30 18:21 - 00000674 ____A C:\Windows\setupapi.log
2013-06-30 18:18 - 2013-06-30 18:18 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00008192 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-06-30 18:18 - 2013-06-30 18:18 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-06-30 18:18 - 2006-05-17 15:05 - 30408704 ____A C:\Windows\System32\config\software.bak
2013-06-30 18:18 - 2006-05-17 15:05 - 12845056 ____A C:\Windows\System32\config\system.bak
2013-06-30 18:18 - 2006-05-17 15:05 - 00524288 ____A C:\Windows\System32\config\default.bak
2013-06-30 18:18 - 2006-05-17 14:06 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-06-30 18:18 - 2006-05-17 14:06 - 00028672 ____A C:\Windows\System32\config\SAM.bak
2013-06-30 18:04 - 2013-06-30 18:04 - 00000000 RASHD C:\cmdcons
2013-06-30 18:04 - 2006-05-17 12:58 - 00000327 _RASH C:\boot.ini
2013-06-30 16:57 - 2013-06-30 16:57 - 00000000 ____D C:\FRST
2013-06-24 22:39 - 2013-06-24 22:39 - 00000060 ____A C:\Windows\setupact.log
2013-06-24 22:39 - 2013-06-24 22:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 22:35 - 2013-06-23 20:01 - 00000000 ____D C:\Windows\pss
2013-06-24 22:34 - 2009-03-03 00:29 - 00000000 ____D C:\Windows\Minidump
2013-06-24 11:37 - 2003-01-01 01:15 - 00000000 ____D C:\Windows\System32\NtmsData
2013-06-24 09:48 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\Registration
2013-06-24 06:17 - 2006-06-21 13:04 - 00000000 __SHD C:\Windows\ftpcache
2013-06-23 22:09 - 2013-06-23 20:47 - 00000000 ____D C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-06-23 20:20 - 2013-06-23 20:13 - 00417507 ____A C:\Windows\System32\vsconfig.xml
2013-06-23 20:02 - 2013-06-30 18:04 - 00000211 ____A C:\Boot.bak
2013-06-23 20:02 - 2006-05-17 12:58 - 00000533 ____A C:\Windows\win.ini
2013-06-23 19:55 - 2006-08-06 18:33 - 00000000 ____D C:\Windows\System32\ZoneLabs
2013-06-23 18:40 - 2006-05-17 14:07 - 01056326 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-23 18:39 - 2013-06-23 18:39 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-23 18:37 - 2006-05-17 14:06 - 00304416 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-23 18:36 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\security
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\de
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\System32\bits
2013-06-23 18:30 - 2013-06-23 18:30 - 00000000 ____D C:\Windows\l2schemas
2013-06-23 18:30 - 2013-06-23 18:27 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-23 18:30 - 2013-05-21 23:11 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\System32\usmt
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\PeerNet
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\ime
2013-06-23 18:30 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\Help
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\System32\npp
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\system
2013-06-23 18:26 - 2006-05-17 15:03 - 00000000 ____D C:\Windows\msagent
2013-06-23 18:26 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\System32\Restore
2013-06-23 18:26 - 2006-05-17 13:11 - 00000000 ____D C:\Windows\srchasst
2013-06-23 18:26 - 2006-05-17 13:10 - 00000000 ____D C:\Windows\System32\Com
2013-06-23 18:22 - 2006-05-17 12:58 - 00251712 _RASH C:\ntldr
2013-06-23 18:19 - 2013-06-23 18:15 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-23 18:19 - 2006-05-17 15:40 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-23 18:03 - 2006-08-06 16:37 - 01044748 ____A C:\Windows\setupapi.log.0.old
2013-06-23 17:19 - 2013-06-23 17:19 - 00000000 ____D C:\found.000
2013-06-10 21:36 - 2002-02-13 16:35 - 00000000 ____A C:\Windows\System32\Biport
2013-06-03 17:43 - 2006-05-17 16:04 - 73393752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-05-17 12:58] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0109056 ____A (Microsoft Corporation) 4bb6a83640f1d1792ad21ce767b621c6
C:\Windows\System32\User32.dll
[2006-05-17 12:58] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2006-05-17 12:58] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2006-05-17 12:58] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
--- --- --- Geändert von MiRoBu (01.07.2013 um 18:49 Uhr) |
|
01.07.2013, 19:29
| #12 |
| /// the machine /// TB-Ausbilder | System Care Antivirus entfernt? Fehler bei Defogger Java, Adobe und Firefox updaten. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.07.2013, 19:50
| #13 |
| | System Care Antivirus entfernt? Fehler bei Defogger War's das? - Super! Muss ich noch was wegen defogger machen? Da hatte ich folgendes Log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:22 on 30/06/2013 (Internet)
Checking for autostart values...
HKCU\~\Run values retrieved.
Unable to open HKLM\~\Run key (5)
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
Error opening service: SPTD (5)
-=E.O.F=-
|
|
02.07.2013, 07:09
| #14 |
| /// the machine /// TB-Ausbilder | System Care Antivirus entfernt? Fehler bei Defogger Defogger kannst weglassen, aufräumen tun wir jetzt Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2013, 22:47
| #15 |
| | System Care Antivirus entfernt? Fehler bei Defogger Hallo Schrauber, vielen Dank für die Hilfe! Ich denke, ich bin jetzt soweit up to date und werde es dank Deiner Tipps auch bleiben. Grüße MiRoBu |
|
| Themen zu System Care Antivirus entfernt? Fehler bei Defogger |
| account, antivirus, defogger, disable, entfern, entfernt, entfernt?, fehler, hoffe, inter, interne, internet, log, schritt, system, system care, system care antivirus, win, win xp |
Linear-Darstellung
