Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojan.Agent

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.12.2011, 03:59   #1
Criunk
 
Trojan.Agent - Standard

Trojan.Agent



Hallo, Malwarebytes hat bei mir im Verzeichniss /..../Internet Explorer/ einen Trojan_Agent gefunden, natürlich wurde die Datei sofort mit Hilfe von Mbam gelöscht.Das Bizzarre, ich benutze den IE garnicht.

Jedenfalls habe ich das System neu gestartet, und wieder mit MBAM gescannt, Sauber!

Danach mit dem ESET online Scan, Sauber!

Danach mit Avast!, Sauber!

Anschliessend habe ich einen full Scan mit OTL gemacht.

Ich möchte nun wissen wie ich herausfinden kann ob er noch da ist, welche Logs braucht ihr, was muss ich machen?

MFG

Hier der OLDTIMER Log:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.12.2011 02:43:21 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\HAFX\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 33,04% Memory free
8,00 Gb Paging File | 4,54 Gb Available in Paging File | 56,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 95,85 Gb Free Space | 49,10% Space Free | Partition Type: NTFS
Drive D: | 244,14 Gb Total Space | 104,04 Gb Free Space | 42,61% Space Free | Partition Type: NTFS
Drive E: | 26,31 Gb Total Space | 26,18 Gb Free Space | 99,53% Space Free | Partition Type: NTFS
 
Computer Name: HAFX-PC | User Name: HAFX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.11 01:24:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\HAFX\Downloads\OTL.exe
PRC - [2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2011.12.06 17:23:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.12.02 10:37:40 | 002,923,392 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.11.08 20:15:50 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.11.08 16:14:12 | 000,129,024 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\WebKitServer.exe
PRC - [2011.11.08 16:10:42 | 002,132,480 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\LCDHost.exe
PRC - [2011.11.07 20:14:42 | 028,854,408 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2011.10.22 12:06:30 | 002,533,040 | ---- | M] (Beepa P/L) -- E:\Spiele-Multimedia\Fraps\fraps.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.12 16:06:14 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2011.09.30 09:28:08 | 000,546,464 | ---- | M] (ESET) -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
PRC - [2011.09.30 09:28:06 | 000,884,304 | ---- | M] () -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
PRC - [2011.08.31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011.08.23 04:34:34 | 024,182,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.07.06 18:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.06 20:05:02 | 000,858,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDYT.exe
PRC - [2011.06.06 20:05:02 | 000,850,504 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDMovieViewer.exe
PRC - [2011.06.06 20:05:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe
PRC - [2011.06.06 20:05:02 | 000,498,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDWebCam.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.04.26 13:55:58 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe
PRC - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011.03.30 08:12:18 | 000,310,944 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.05.20 09:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2006.11.17 16:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.10 23:39:40 | 001,482,752 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_NowPlaying.dll
MOD - [2011.12.10 23:39:32 | 000,576,512 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_DataViewer.dll
MOD - [2011.11.18 15:06:44 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.08 20:15:49 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.08 16:15:40 | 000,112,128 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_LgLcdMan.dll
MOD - [2011.11.08 16:15:26 | 000,110,592 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_LgBacklight.dll
MOD - [2011.11.08 16:14:50 | 000,355,328 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_WebKit.dll
MOD - [2011.11.08 16:14:12 | 000,129,024 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\WebKitServer.exe
MOD - [2011.11.08 16:14:02 | 000,094,208 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_VirtualLCD.dll
MOD - [2011.11.08 16:13:54 | 000,286,208 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Text.dll
MOD - [2011.11.08 16:13:20 | 000,298,496 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Mailcount.dll
MOD - [2011.11.08 16:12:58 | 001,353,728 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Lua.dll
MOD - [2011.11.08 16:11:44 | 000,103,936 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Decor.dll
MOD - [2011.11.08 16:11:44 | 000,009,728 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Image.dll
MOD - [2011.11.08 16:11:34 | 000,264,192 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Bar.dll
MOD - [2011.11.08 16:10:42 | 002,132,480 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\LCDHost.exe
MOD - [2011.11.07 20:12:12 | 016,827,392 | R--- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll
MOD - [2011.11.07 20:05:36 | 000,312,320 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll
MOD - [2011.11.07 20:05:34 | 000,264,192 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll
MOD - [2011.11.07 20:05:34 | 000,211,456 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll
MOD - [2011.11.07 20:05:34 | 000,032,256 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll
MOD - [2011.11.07 20:05:34 | 000,028,672 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll
MOD - [2011.11.07 20:05:32 | 000,172,544 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qjpcodecs4.dll
MOD - [2011.11.07 20:05:32 | 000,158,208 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qtwcodecs4.dll
MOD - [2011.11.07 20:05:32 | 000,079,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qkrcodecs4.dll
MOD - [2011.11.07 20:05:28 | 000,143,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qcncodecs4.dll
MOD - [2011.11.07 20:04:10 | 000,327,680 | R--- | M] () -- C:\Program Files (x86)\Origin\phonon4.dll
MOD - [2011.11.07 20:04:08 | 001,152,512 | R--- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll
MOD - [2011.11.07 20:04:08 | 000,413,184 | R--- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll
MOD - [2011.11.07 20:04:06 | 009,440,256 | R--- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll
MOD - [2011.11.07 20:04:04 | 002,694,144 | R--- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll
MOD - [2011.10.12 16:06:14 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2011.09.30 09:28:06 | 000,884,304 | ---- | M] () -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
MOD - [2011.07.09 10:12:52 | 000,377,344 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Weather.dll
MOD - [2011.07.09 10:12:44 | 000,173,568 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Dial.dll
MOD - [2011.07.09 10:12:34 | 000,206,336 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Graph.dll
MOD - [2011.07.09 10:12:30 | 000,755,712 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Monitoring.dll
MOD - [2011.07.09 10:12:22 | 000,442,368 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Cursor.dll
MOD - [2011.06.16 09:00:00 | 003,715,584 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2011.05.04 12:35:04 | 002,552,320 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtCore4.dll
MOD - [2011.05.04 12:34:56 | 000,399,360 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtXml4.dll
MOD - [2011.05.04 12:34:54 | 017,333,760 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtWebKit4.dll
MOD - [2011.05.04 12:34:44 | 001,209,344 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtNetwork4.dll
MOD - [2011.05.04 12:34:44 | 000,379,392 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qtiff4.dll
MOD - [2011.05.04 12:34:36 | 009,849,856 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtGui4.dll
MOD - [2011.05.04 12:34:22 | 000,351,744 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qmng4.dll
MOD - [2011.05.04 12:34:22 | 000,344,576 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\phonon4.dll
MOD - [2011.05.04 12:34:22 | 000,287,232 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qjpeg4.dll
MOD - [2011.05.04 12:34:22 | 000,083,456 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qico4.dll
MOD - [2011.05.04 12:34:22 | 000,083,456 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qgif4.dll
MOD - [2011.05.04 12:34:22 | 000,043,008 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\libgcc_s_dw2-1.dll
MOD - [2011.05.04 12:34:22 | 000,011,362 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\mingwm10.dll
MOD - [2011.04.26 13:55:58 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.6\lib\shellext32.dll
MOD - [2011.02.14 22:02:58 | 002,417,664 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll
MOD - [2010.03.07 04:31:36 | 000,024,110 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2010.02.10 17:36:20 | 009,565,184 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll
MOD - [2010.02.10 17:11:00 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll
MOD - [2010.02.10 17:08:16 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll
MOD - [2009.06.22 19:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
MOD - [2008.06.10 18:07:56 | 000,129,536 | ---- | M] () -- C:\Program Files (x86)\LcdStudio\WmpNative.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.11.23 14:17:26 | 000,094,992 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2011.10.26 03:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.10.25 21:14:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.06.17 08:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)
SRV:64bit: - [2011.06.09 19:55:13 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008.08.14 23:41:22 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2011.12.10 15:05:47 | 000,234,536 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011.12.06 17:23:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.12.02 10:37:40 | 002,923,392 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.11.18 14:22:14 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.09.22 17:04:36 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.08.15 09:02:12 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011.07.06 18:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.07 13:45:18 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.06.07 13:45:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.04.26 13:55:58 | 000,216,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe -- (statuscached)
SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.07.08 11:50:20 | 000,450,560 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) [Auto | Running] -- C:\Windows\SysWOW64\STGRAMDiskHandler64.exe -- (Steganos Volatile Disk)
SRV - [2010.05.20 09:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2005.03.09 19:50:18 | 000,018,944 | ---- | M] (libusb-Win32) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.11.23 14:17:24 | 000,158,336 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2011.11.10 18:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011.10.26 04:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.10.26 02:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.13 20:07:13 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011.06.24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.06 23:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.06.06 20:05:02 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV:64bit: - [2011.06.06 20:05:02 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2011.06.06 20:05:02 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.30 12:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 12:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 14:44:16 | 002,725,376 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2011.02.11 22:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.09.03 15:45:08 | 000,028,576 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt.com) [Driver] [Kernel | System | Running] -- C:\Windows\SysNative\drivers\STGMFEngine64.sys -- (STGMFEngine64)
DRV:64bit: - [2010.08.19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.03.19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.03 15:48:32 | 000,716,872 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009.11.04 04:03:56 | 000,020,032 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPJoyBus64.sys -- (PPJoyBus)
DRV:64bit: - [2009.09.28 01:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\Sandra.sys -- (SANDRA)
DRV:64bit: - [2009.07.31 10:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.12.26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2005.03.29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009.08.22 19:25:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.03.09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Hotmail und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 21 BC 3D 58 42 CC 01  [binary data]
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.6&q="
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.01 14:32:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.08 20:15:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.16 13:21:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.16 13:21:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2011.09.30 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Extensions
[2011.09.30 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.12.07 21:57:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions
[2011.10.16 20:17:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.20 19:37:03 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.07.18 11:46:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\battlefieldplay4free@ea.com
[2011.07.11 17:56:14 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\engine@conduit.com
[2011.12.05 18:07:11 | 000,001,056 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Mozilla\Firefox\Profiles\yk9ok6on.default\searchplugins\icqplugin.xml
[2011.11.08 20:16:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\HAFX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YK9OK6ON.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\HAFX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YK9OK6ON.DEFAULT\EXTENSIONS\ADMIN@PROXY-LISTEN.DE.XPI
[2011.11.08 20:15:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2011.08.01 18:11:25 | 000,001,195 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost ::1 localhost 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com 127.0.0.1 adobe-dns-5.adobe.com 127.0.0.1 hh-software.com 127.0.0.1 127.0.0.1 activate.adobe.de 127.0.0.1 practivate.adobe.de 127.0.0.1 ereg.adobe.de 127.0.0.1 activate.wip3.adobe.de 127.0.0.1 wip3.adobe.de 127.0.0.1 3dns-3.adobe.de 127.0.0.1 3dns-2.adobe.de 127.0.0.1 adobe-dns.adobe.de 127.0.0.1 adobe-dns-2.adobe.de 127.0.0.1 adobe-dns-3.adobe.de 127.0.0.1 ereg.wip3.adobe.de 127.0.0.1 activate-sea.adobe.de 127.0.0.1 wwis-dubc1-vip60.adobe.de 127.0.0.1 activate-sjc0.adobe.de 127.0.0.1 wwis-dubc1-vip60.adobe.de 127.0.0.1 hl2rcv.adobe.de
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [CreativeTaskScheduler] C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe ()
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-V8MN4.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk = C:\Users\HAFX\Documents\LCDHost\LCDHost.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06C84457-AE19-4A2B-94B0-6C7567D79A33}: NameServer = 192.168.116.250
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5496e40c-9046-11e0-a20f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5496e40c-9046-11e0-a20f-806e6f6e6963}\Shell\AutoRun\command - "" = J:\AutoRunCD.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.11 02:35:38 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Wireshark
[2011.12.11 02:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireshark
[2011.12.11 01:24:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.12.10 23:32:15 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LCDHost
[2011.12.10 23:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LcdStudio
[2011.12.10 23:22:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LcdStudio
[2011.12.10 23:12:12 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timisoft
[2011.12.10 23:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Timisoft
[2011.12.10 22:31:42 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Desktop\Programme
[2011.12.09 19:58:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.12.09 19:58:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.12.09 19:58:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.09 19:58:05 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.09 19:58:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.09 19:58:05 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.09 19:58:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.09 19:58:05 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.12.09 19:58:05 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.12.09 19:58:05 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.12.09 19:58:05 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.12.09 19:58:05 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.12.09 19:58:05 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.12.09 19:58:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.12.09 19:58:05 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.12.09 19:58:05 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.12.09 19:58:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.09 19:58:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.09 19:58:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.09 19:58:05 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.12.09 19:58:05 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.12.09 19:58:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.12.09 19:58:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.09 19:58:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.12.09 19:58:05 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.12.09 19:58:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.12.09 19:58:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.12.09 19:58:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.12.09 19:58:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.12.09 19:58:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.12.09 19:58:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.12.09 19:58:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.12.09 19:58:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.12.09 19:58:05 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.12.09 19:58:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.12.09 19:58:05 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.12.09 19:58:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.12.09 19:58:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.12.09 19:58:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.12.09 19:58:05 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.12.09 19:58:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.12.09 19:58:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.12.09 19:58:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.12.09 19:58:05 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.12.09 19:58:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.09 19:58:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.12.09 19:58:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.12.09 19:58:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.12.09 19:58:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.12.09 19:58:05 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.12.09 19:58:05 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.12.09 19:58:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.12.09 19:58:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.12.09 19:58:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.12.09 19:58:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.12.09 19:58:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.12.09 19:58:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.12.09 19:58:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.09 19:58:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.12.09 19:58:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.12.09 19:58:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.12.09 19:58:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.12.09 19:58:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.12.09 19:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.12.09 19:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.12.09 19:58:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.12.09 19:58:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.12.09 19:58:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.12.09 19:58:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.12.09 19:58:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.12.09 19:58:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.12.09 19:58:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.12.08 20:13:57 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Documents\Battlefield 2
[2011.12.08 14:52:02 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011.12.08 14:52:02 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.12.08 14:52:02 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011.12.08 14:52:02 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.12.08 14:52:02 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.12.08 14:52:01 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.12.08 14:52:01 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.12.08 14:52:01 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011.12.08 14:52:01 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.12.08 14:52:01 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.12.08 14:52:01 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.12.08 14:52:01 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011.12.08 14:52:01 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.12.08 14:52:01 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.12.08 14:52:01 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.12.08 14:29:45 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2011.12.08 14:29:44 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2011.12.08 14:29:44 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2011.12.08 14:29:44 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2011.12.08 14:29:44 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2011.12.08 14:29:44 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2011.12.08 14:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.12.07 13:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2011.12.07 13:34:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2011.12.07 13:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2011.12.06 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Vidalia
[2011.12.06 00:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2011.12.06 00:20:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bundle
[2011.12.05 11:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2011.12.05 11:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2011.12.04 22:18:16 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Documents\Adobe
[2011.12.04 16:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
[2011.12.03 20:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2011.12.03 20:05:40 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Local\Paint.NET
[2011.12.03 12:42:10 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2011.12.03 12:14:59 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011.12.03 11:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2011.12.03 11:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011.11.30 14:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2011.11.30 14:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.11.26 13:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2011.11.22 20:27:43 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll
[2011.11.22 20:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2011.11.22 20:27:42 | 000,115,272 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011.11.22 16:52:13 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011.11.22 16:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.11.22 16:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.11.22 16:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.11 02:26:13 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347250277-935107026-2126249694-1000UA.job
[2011.12.11 01:54:01 | 000,092,241 | ---- | M] () -- C:\Users\HAFX\Desktop\1.jpg
[2011.12.11 01:08:11 | 000,709,968 | ---- | M] () -- C:\Windows\is-V8MN4.exe
[2011.12.11 01:08:11 | 000,012,782 | ---- | M] () -- C:\Windows\is-V8MN4.msg
[2011.12.11 01:08:11 | 000,000,374 | ---- | M] () -- C:\Windows\is-V8MN4.lst
[2011.12.11 01:05:29 | 000,007,605 | ---- | M] () -- C:\Users\HAFX\AppData\Local\Resmon.ResmonCfg
[2011.12.10 23:32:15 | 000,000,920 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk
[2011.12.10 17:25:00 | 000,001,806 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.10 14:02:28 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.12.10 13:29:39 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.10 13:29:39 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.10 13:21:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.10 13:21:03 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.09 19:58:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.12.09 19:58:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.12.09 19:58:05 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.09 19:58:05 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.09 19:58:05 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.09 19:58:05 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.09 19:58:05 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.09 19:58:05 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.12.09 19:58:05 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.12.09 19:58:05 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.12.09 19:58:05 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.12.09 19:58:05 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.12.09 19:58:05 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.12.09 19:58:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.12.09 19:58:05 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.12.09 19:58:05 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.12.09 19:58:05 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.09 19:58:05 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.09 19:58:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.09 19:58:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.12.09 19:58:05 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.12.09 19:58:05 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.12.09 19:58:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.09 19:58:05 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.12.09 19:58:05 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.12.09 19:58:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.12.09 19:58:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.12.09 19:58:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.12.09 19:58:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.12.09 19:58:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.12.09 19:58:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.12.09 19:58:05 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.12.09 19:58:05 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.12.09 19:58:05 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.12.09 19:58:05 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.12.09 19:58:05 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.12.09 19:58:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.12.09 19:58:05 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.12.09 19:58:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.12.09 19:58:05 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.12.09 19:58:05 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.12.09 19:58:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.12.09 19:58:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.12.09 19:58:05 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.12.09 19:58:05 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.09 19:58:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.12.09 19:58:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.12.09 19:58:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.12.09 19:58:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.12.09 19:58:05 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.12.09 19:58:05 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.12.09 19:58:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.12.09 19:58:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.12.09 19:58:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.12.09 19:58:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.12.09 19:58:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.12.09 19:58:05 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.12.09 19:58:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.12.09 19:58:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.12.09 19:58:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.09 19:58:05 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.12.09 19:58:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.12.09 19:58:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.12.09 19:58:05 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.12.09 19:58:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.12.09 19:58:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.12.09 19:58:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.12.09 19:58:05 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.12.09 19:58:05 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.12.09 19:58:05 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.12.09 19:58:05 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.12.09 19:58:05 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.12.09 19:58:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.12.09 19:58:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.12.06 17:23:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.12.05 18:01:16 | 004,863,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.05 11:26:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347250277-935107026-2126249694-1000Core.job
[2011.12.04 22:18:29 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI
[2011.12.01 14:32:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.11.28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.11.27 03:00:11 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Crysis Wars(R) Updates.job
[2011.11.26 01:23:25 | 000,001,456 | ---- | M] () -- C:\Users\HAFX\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.11.18 15:06:44 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.13 22:51:17 | 000,000,132 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.11 01:54:00 | 000,092,241 | ---- | C] () -- C:\Users\HAFX\Desktop\1.jpg
[2011.12.11 01:08:11 | 000,709,968 | ---- | C] () -- C:\Windows\is-V8MN4.exe
[2011.12.11 01:08:11 | 000,012,782 | ---- | C] () -- C:\Windows\is-V8MN4.msg
[2011.12.11 01:08:11 | 000,000,374 | ---- | C] () -- C:\Windows\is-V8MN4.lst
[2011.12.11 01:05:29 | 000,007,605 | ---- | C] () -- C:\Users\HAFX\AppData\Local\Resmon.ResmonCfg
[2011.12.09 19:58:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.12.09 19:58:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.12.09 19:51:57 | 000,001,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2011.12.04 19:25:55 | 000,001,973 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.12.04 19:25:55 | 000,001,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.12.04 19:25:55 | 000,001,931 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.12.03 20:06:22 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2011.12.03 11:59:59 | 000,001,806 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011.11.30 14:38:01 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2011.11.30 14:36:17 | 000,001,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2011.11.30 14:34:08 | 000,001,558 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2011.11.26 13:09:45 | 000,001,050 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2011.11.09 14:20:55 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.10.29 21:00:05 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2011.10.26 02:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.10.26 02:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.10.19 16:28:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.18 09:15:08 | 000,104,072 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.09.25 19:03:44 | 000,011,959 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\PStrip.bak
[2011.09.25 19:03:35 | 000,013,501 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\PStrip.ini
[2011.09.25 09:01:11 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2011.09.25 09:01:11 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2011.09.25 09:01:11 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2011.09.25 09:01:09 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2011.09.25 09:00:49 | 000,000,925 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2011.09.25 09:00:46 | 000,004,967 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2011.09.25 08:36:14 | 000,000,558 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2011.09.22 11:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.19 09:47:34 | 011,296,768 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Sandra.mdb
[2011.09.16 17:50:31 | 000,001,456 | ---- | C] () -- C:\Users\HAFX\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.09 12:54:45 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2011.07.15 13:57:05 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2011.07.13 15:43:16 | 000,000,297 | ---- | C] () -- C:\Windows\game.ini
[2011.07.04 02:03:04 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2011.07.04 01:05:44 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.07.04 01:05:43 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.07.04 01:05:41 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.07.04 01:05:41 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.07.04 01:05:41 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.06.17 14:31:21 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.06.12 20:58:39 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.06.09 19:47:15 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.08 18:26:55 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2011.06.08 12:46:20 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.08 12:46:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.08 12:46:17 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.06.07 13:45:24 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini
[2011.06.07 13:45:23 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.06.07 13:45:23 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.06.06 17:34:14 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.03.31 07:59:24 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
[2011.02.11 22:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1367 bytes -> C:\ProgramData\Microsoft:U2iV3me43NFza2XPUx820
@Alternate Data Stream - 1357 bytes -> C:\Program Files\Common Files\Microsoft Shared:xxUmOKn2CIFF7ncJAr9bWbC
@Alternate Data Stream - 1306 bytes -> C:\ProgramData\Microsoft:yy695qjNbyqWGs5ty4DukRgN
@Alternate Data Stream - 1193 bytes -> C:\ProgramData\Microsoft:hARchZB5SPhtfYzcjeXGu

< End of report >
         
--- --- ---

Alt 11.12.2011, 12:25   #2
Chris4You
 
Trojan.Agent - Standard

Trojan.Agent



Hi,

zur Sicherheit:
Bitte folgende Files prüfen:

Dateien Online überprüfen lassen:
  • Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
Code:
ATTFilter
C:\Windows\is-V8MN4.exe
C:\Windows\SysWow64\ieuinit.inf
         
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

Ein paar Alternate Data Streams, wir prüfen noch Bootblock und auf TDSS...

MBR-Check
Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
  • Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste bitte den Inhalt des .txt Dokumentes

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris
__________________

__________________

Alt 11.12.2011, 12:37   #3
Criunk
 
Trojan.Agent - Standard

Trojan.Agent



EDIT: KANN C:\Windows\is-V8MN4.exe NICHT FINDEN! Was soll ich nun tun?

Danke für die Hilfe! Hier der erste LOG:
Code:
ATTFilter
File name:
ieuinit.inf
Submission date:
2011-11-24 03:31:55 (UTC)
Current status:
finished
Result:
0 /43 (0.0%)
	
VT Community

not reviewed
 Safety score: - 
Compact
Print results
Antivirus 	Version 	Last Update 	Result
AhnLab-V3 	2011.11.23.00 	2011.11.23 	-
AntiVir 	7.11.18.25 	2011.11.24 	-
Antiy-AVL 	2.0.3.7 	2011.11.24 	-
Avast 	6.0.1289.0 	2011.11.23 	-
AVG 	10.0.0.1190 	2011.11.24 	-
BitDefender 	7.2 	2011.11.24 	-
ByteHero 	1.0.0.1 	2011.11.14 	-
CAT-QuickHeal 	12.00 	2011.11.22 	-
ClamAV 	0.97.3.0 	2011.11.24 	-
Commtouch 	5.3.2.6 	2011.11.24 	-
Comodo 	10784 	2011.11.23 	-
DrWeb 	5.0.2.03300 	2011.11.24 	-
Emsisoft 	5.1.0.11 	2011.11.24 	-
eSafe 	7.0.17.0 	2011.11.24 	-
eTrust-Vet 	37.0.9584 	2011.11.23 	-
F-Prot 	4.6.5.141 	2011.11.23 	-
F-Secure 	9.0.16440.0 	2011.11.24 	-
Fortinet 	4.3.370.0 	2011.11.23 	-
GData 	22 	2011.11.24 	-
Ikarus 	T3.1.1.109.0 	2011.11.24 	-
Jiangmin 	13.0.900 	2011.11.23 	-
K7AntiVirus 	9.119.5525 	2011.11.23 	-
Kaspersky 	9.0.0.837 	2011.11.23 	-
McAfee 	5.400.0.1158 	2011.11.24 	-
McAfee-GW-Edition 	2010.1D 	2011.11.23 	-
Microsoft 	1.7801 	2011.11.23 	-
NOD32 	6654 	2011.11.24 	-
Norman 	6.07.13 	2011.11.23 	-
nProtect 	2011-11-23.01 	2011.11.23 	-
Panda 	10.0.3.5 	2011.11.23 	-
PCTools 	8.0.0.5 	2011.11.24 	-
Prevx 	3.0 	2011.11.24 	-
Rising 	23.85.02.01 	2011.11.23 	-
Sophos 	4.71.0 	2011.11.24 	-
SUPERAntiSpyware 	4.40.0.1006 	2011.11.24 	-
Symantec 	20111.2.0.82 	2011.11.24 	-
TheHacker 	6.7.0.1.347 	2011.11.23 	-
TrendMicro 	9.500.0.1008 	2011.11.24 	-
TrendMicro-HouseCall 	9.500.0.1008 	2011.11.24 	-
VBA32 	3.12.16.4 	2011.11.23 	-
VIPRE 	11132 	2011.11.24 	-
ViRobot 	2011.11.24.4790 	2011.11.24 	-
VirusBuster 	14.1.81.1 	2011.11.23 	-
Additional information
MD5   : 4b333d3cc96ae66bd754329fd2989ee2
SHA1  : cb710b1fdc4f5bf9cbd1c4843aeeb510ee5af1af
SHA256: f7a607c372126429105a3f540452d1cc93c5cb306d772bbd607ee7f5308b496d
ssdeep: 768:/QDJcHQm3bfG9FSwOqbRiAG3Jsrhjy1z1+wYRIPQyg0MTZAE7Bac:/QDJcHetci
File size : 72822 bytes
First seen: 2011-04-22 18:17:04
Last seen : 2011-11-24 03:31:55
Magic: Non-ISO extended-ASCII English text, with very long lines, with CRLF line terminators
TrID:
Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
Androguard:
-
ExifTool:
-

VT Community
         
Hier das Log von MBRCheck:

Code:
ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows 7 Ultimate Edition
Windows Information:		Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer:	ASUSTeK Computer INC.
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		System manufacturer
System Product Name:		System Product Name
Logical Drives Mask:		0x0000001c

Kernel Drivers (total 171):
  0x0365D000 \SystemRoot\system32\ntoskrnl.exe
  0x03614000 \SystemRoot\system32\hal.dll
  0x00BA2000 \SystemRoot\system32\kdcom.dll
  0x00CF2000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
  0x00CFF000 \SystemRoot\system32\PSHED.dll
  0x00D13000 \SystemRoot\system32\CLFS.SYS
  0x00C00000 \SystemRoot\system32\CI.dll
  0x00E02000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00EA6000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x00EB5000 \SystemRoot\system32\drivers\ACPI.sys
  0x00F0C000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x00F15000 \SystemRoot\system32\drivers\msisadrv.sys
  0x00F1F000 \SystemRoot\system32\drivers\pci.sys
  0x00F52000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x00F5F000 \SystemRoot\System32\drivers\partmgr.sys
  0x00F74000 \SystemRoot\system32\drivers\volmgr.sys
  0x00F89000 \SystemRoot\System32\drivers\volmgrx.sys
  0x00FE5000 \SystemRoot\system32\drivers\pciide.sys
  0x00FEC000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x00CC0000 \SystemRoot\System32\drivers\mountmgr.sys
  0x00D71000 \SystemRoot\system32\drivers\vmbus.sys
  0x00DAD000 \SystemRoot\system32\drivers\winhv.sys
  0x00DC1000 \SystemRoot\system32\drivers\atapi.sys
  0x00DCA000 \SystemRoot\system32\drivers\ataport.SYS
  0x00DF4000 \SystemRoot\system32\drivers\amdxata.sys
  0x010A5000 \SystemRoot\system32\drivers\fltmgr.sys
  0x010F1000 \SystemRoot\system32\drivers\fileinfo.sys
  0x01105000 \SystemRoot\System32\Drivers\PxHlpa64.sys
  0x01245000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x01112000 \SystemRoot\System32\Drivers\msrpc.sys
  0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x01170000 \SystemRoot\System32\Drivers\cng.sys
  0x0121B000 \SystemRoot\System32\drivers\pcw.sys
  0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x01448000 \SystemRoot\system32\drivers\ndis.sys
  0x0153B000 \SystemRoot\system32\drivers\NETIO.SYS
  0x0159B000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x016BD000 \SystemRoot\System32\drivers\tcpip.sys
  0x018C1000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x0190B000 \SystemRoot\system32\drivers\vmstorfl.sys
  0x0191B000 \SystemRoot\system32\drivers\volsnap.sys
  0x01967000 \SystemRoot\System32\Drivers\spldr.sys
  0x0196F000 \SystemRoot\SysWOW64\speedfan.sys
  0x01979000 \SystemRoot\System32\drivers\rdyboost.sys
  0x019B3000 \SystemRoot\System32\Drivers\mup.sys
  0x019C5000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x01600000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x0163A000 \SystemRoot\system32\DRIVERS\disk.sys
  0x01650000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
  0x01000000 \SystemRoot\System32\Drivers\aswSnx.SYS
  0x019CE000 \SystemRoot\System32\Drivers\Null.SYS
  0x019D7000 \SystemRoot\System32\Drivers\Beep.SYS
  0x019DE000 \SystemRoot\System32\drivers\vga.sys
  0x015C6000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x019EC000 \SystemRoot\System32\drivers\watchdog.sys
  0x015EB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x015F4000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x01400000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x01409000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x01414000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x01425000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x01236000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x013E8000 \SystemRoot\System32\Drivers\aswTdi.SYS
  0x04246000 \SystemRoot\system32\drivers\afd.sys
  0x042CF000 \SystemRoot\System32\Drivers\aswRdr.SYS
  0x042DC000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x04321000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x0432A000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x04350000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x0435F000 \SystemRoot\system32\DRIVERS\serial.sys
  0x0437C000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x04397000 \SystemRoot\System32\drivers\truecrypt.sys
  0x043D8000 \SystemRoot\system32\drivers\termdd.sys
  0x043EC000 \??\C:\Windows\system32\drivers\STGMFEngine64.sys
  0x04021000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x04072000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x0407E000 \SystemRoot\system32\drivers\mssmbios.sys
  0x04089000 \SystemRoot\System32\drivers\discache.sys
  0x04098000 \SystemRoot\system32\drivers\csc.sys
  0x0411B000 \SystemRoot\System32\Drivers\dfsc.sys
  0x04139000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x0414A000 \SystemRoot\System32\Drivers\aswSP.SYS
  0x0419B000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x041C1000 \SystemRoot\system32\DRIVERS\amdppm.sys
  0x13011000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
  0x13C88000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x13D7C000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x13DC2000 \SystemRoot\system32\drivers\1394ohci.sys
  0x13000000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x04A8D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x04AE3000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x04AF4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x04B18000 \SystemRoot\system32\DRIVERS\ASACPI.sys
  0x04B20000 \SystemRoot\system32\DRIVERS\serenum.sys
  0x04C81000 \SystemRoot\system32\drivers\cmudaxp.sys
  0x04FAC000 \SystemRoot\system32\drivers\portcls.sys
  0x04C00000 \SystemRoot\system32\drivers\drmk.sys
  0x04C22000 \SystemRoot\system32\drivers\ks.sys
  0x04C65000 \SystemRoot\system32\drivers\ksthunk.sys
  0x04B2C000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
  0x04C6B000 \SystemRoot\system32\drivers\wmiacpi.sys
  0x04FE9000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x04C74000 \SystemRoot\system32\DRIVERS\vcsvad.sys
  0x04BB1000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x04BC7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x04BEB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x04A00000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x04A2F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x04A4A000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x04A6B000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x041D6000 \SystemRoot\system32\DRIVERS\rdpbus.sys
  0x041E1000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x041F0000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x04C7E000 \SystemRoot\system32\drivers\swenum.sys
  0x04FF9000 \SystemRoot\system32\drivers\LGBusEnum.sys
  0x04000000 \SystemRoot\system32\DRIVERS\amdiox64.sys
  0x04231000 \SystemRoot\system32\drivers\umbus.sys
  0x05217000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x05271000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x05286000 \SystemRoot\system32\drivers\HdAudio.sys
  0x052E2000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x052FF000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x05301000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x0530F000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x05328000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x05331000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
  0x05347000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x05354000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
  0x05368000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x05376000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x05384000 \SystemRoot\System32\Drivers\dump_dumpata.sys
  0x05390000 \SystemRoot\System32\Drivers\dump_atapi.sys
  0x05399000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x053AC000 \SystemRoot\System32\Drivers\LGPBTDD.sys
  0x053B7000 \SystemRoot\system32\DRIVERS\MijXfilt.sys
  0x053D8000 \SystemRoot\system32\DRIVERS\xusb21.sys
  0x000D0000 \SystemRoot\System32\win32k.sys
  0x053E9000 \SystemRoot\System32\drivers\Dxapi.sys
  0x04200000 \SystemRoot\system32\drivers\usbaudio.sys
  0x05200000 \SystemRoot\system32\drivers\XENfiltv.sys
  0x0421B000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x00580000 \SystemRoot\System32\TSDDD.dll
  0x00610000 \SystemRoot\System32\cdd.dll
  0x00810000 \SystemRoot\System32\ATMFD.DLL
  0x01680000 \SystemRoot\system32\drivers\luafv.sys
  0x02218000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
  0x02254000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
  0x0225D000 \SystemRoot\system32\drivers\WudfPf.sys
  0x0227E000 \??\C:\Program Files\Sandboxie\SbieDrv.sys
  0x022A8000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x022D9000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x022EE000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x02306000 \SystemRoot\system32\drivers\HTTP.sys
  0x023CF000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x02200000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x06C29000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x06C56000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x06CA4000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x06CC8000 \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
  0x06CF9000 \SystemRoot\system32\drivers\LGVirHid.sys
  0x06CFC000 \SystemRoot\system32\drivers\peauth.sys
  0x06DA2000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x06DAD000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x06DDE000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x07CC9000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x07D32000 \SystemRoot\System32\DRIVERS\srv.sys
  0x07DCA000 \??\C:\Users\HAFX\AppData\Local\Temp\ALSysIO64.sys
  0x07DDE000 \??\C:\Windows\system32\drivers\mbam.sys
  0x774C0000 \Windows\System32\ntdll.dll
  0x47B70000 \Windows\System32\smss.exe
  0xFF7E0000 \Windows\System32\apisetschema.dll

Processes (total 93):
       0 System Idle Process
       4 System
     360 C:\Windows\System32\smss.exe
     448 csrss.exe
     520 C:\Windows\System32\wininit.exe
     548 csrss.exe
     584 C:\Windows\System32\services.exe
     608 C:\Windows\System32\lsass.exe
     616 C:\Windows\System32\lsm.exe
     716 C:\Windows\System32\svchost.exe
     784 C:\Windows\System32\winlogon.exe
     840 C:\Windows\System32\nvvsvc.exe
     880 C:\Windows\System32\svchost.exe
     940 C:\Windows\System32\atiesrxx.exe
    1008 C:\Windows\System32\svchost.exe
     404 C:\Windows\System32\svchost.exe
     428 C:\Windows\System32\svchost.exe
    1072 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    1132 C:\Windows\System32\svchost.exe
    1204 C:\Program Files\Sandboxie\SbieSvc.exe
    1304 WUDFHost.exe
    1312 C:\Windows\System32\atieclxx.exe
    1344 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    1356 C:\Windows\System32\nvvsvc.exe
    1468 WUDFHost.exe
    1532 C:\Windows\System32\svchost.exe
    1588 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    1908 C:\Windows\System32\dwm.exe
    1948 C:\Windows\explorer.exe
    2220 C:\Windows\System32\spoolsv.exe
    2232 C:\Windows\System32\taskhost.exe
    2264 C:\Windows\System32\svchost.exe
    2416 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    2460 C:\Windows\SysWOW64\svchost.exe
    2552 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    2560 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    2572 C:\Windows\System32\taskeng.exe
    2664 C:\Program Files\Logitech Gaming Software\LCore.exe
    2816 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    2836 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
    2888 C:\Program Files\Core Temp\Core Temp.exe
    3040 C:\Program Files (x86)\RocketDock\RocketDock.exe
    1852 C:\Program Files\Bonjour\mDNSResponder.exe
    2120 C:\Windows\SysWOW64\PnkBstrA.exe
    2116 C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe
    2672 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDClock.exe
    2636 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe
    2404 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x64\LCDPictureViewer.exe
    2768 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDRSS.exe
    2292 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDMovieViewer.exe
    2080 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDWebCam.exe
    2512 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDYT.exe
    2508 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDCountdown.exe
    3016 C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDPop3.exe
    2904 C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
    1384 C:\Windows\System32\svchost.exe
    3116 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    3144 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    3384 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    3488 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    3616 C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
    3640 C:\Program Files\Logitech\SetPointG\SetPointII.exe
    3960 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    3548 C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    1968 C:\Windows\System32\SearchIndexer.exe
    3692 taskhost.exe
    4312 C:\Windows\System32\svchost.exe
    4424 C:\Windows\System32\svchost.exe
    4488 C:\Program Files (x86)\Origin\Origin.exe
    4604 C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
    4496 C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe
    4704 C:\Program Files\Sandboxie\SbieCtrl.exe
    1992 C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe
    4824 C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
    4884 C:\Program Files\AVAST Software\Avast\AvastUI.exe
    5016 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    4172 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    5116 C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe
    4416 C:\Users\HAFX\Documents\LCDHost\LCDHost.exe
    4764 C:\Program Files\Windows Media Player\wmpnetwk.exe
    5380 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    1512 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    5224 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    3744 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    4780 C:\Windows\System32\svchost.exe
    5848 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    3284 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    5576 C:\Windows\System32\SearchProtocolHost.exe
    1560 C:\Windows\System32\SearchFilterHost.exe
    5248 C:\Windows\explorer.exe
    3280 C:\Users\HAFX\Desktop\MBRCheck.exe
    2472 C:\Windows\System32\conhost.exe
    3600 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000030`d4100000  (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000006d`dd100000  (NTFS)

PhysicalDrive0 Model Number: HitachiHDP725050GLA360, Rev: GM4OA5CA

      Size  Device Name          MBR Status
  --------------------------------------------
    465 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!
         
TDSS Killer hat nichts gefunden, hier der LOG:

Code:
ATTFilter
12:48:03.0995 4628	TDSS rootkit removing tool 2.6.22.0 Dec  7 2011 13:21:06
12:48:04.0488 4628	============================================================
12:48:04.0489 4628	Current date / time: 2011/12/11 12:48:04.0488
12:48:04.0489 4628	SystemInfo:
12:48:04.0489 4628	
12:48:04.0489 4628	OS Version: 6.1.7601 ServicePack: 1.0
12:48:04.0489 4628	Product type: Workstation
12:48:04.0489 4628	ComputerName: HAFX-PC
12:48:04.0489 4628	UserName: HAFX
12:48:04.0489 4628	Windows directory: C:\Windows
12:48:04.0489 4628	System windows directory: C:\Windows
12:48:04.0489 4628	Running under WOW64
12:48:04.0489 4628	Processor architecture: Intel x64
12:48:04.0489 4628	Number of processors: 6
12:48:04.0489 4628	Page size: 0x1000
12:48:04.0489 4628	Boot type: Normal boot
12:48:04.0489 4628	============================================================
12:48:05.0399 4628	Initialize success
12:48:12.0197 5500	============================================================
12:48:12.0197 5500	Scan started
12:48:12.0197 5500	Mode: Manual; 
12:48:12.0197 5500	============================================================
12:48:13.0315 5500	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:48:13.0319 5500	1394ohci - ok
12:48:13.0345 5500	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:48:13.0349 5500	ACPI - ok
12:48:13.0363 5500	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:48:13.0364 5500	AcpiPmi - ok
12:48:13.0465 5500	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:48:13.0472 5500	adp94xx - ok
12:48:13.0503 5500	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:48:13.0507 5500	adpahci - ok
12:48:13.0525 5500	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:48:13.0528 5500	adpu320 - ok
12:48:13.0567 5500	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:48:13.0573 5500	AFD - ok
12:48:13.0643 5500	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:48:13.0645 5500	agp440 - ok
12:48:13.0702 5500	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:48:13.0703 5500	aliide - ok
12:48:13.0784 5500	ALSysIO - ok
12:48:13.0891 5500	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:48:13.0892 5500	amdide - ok
12:48:13.0934 5500	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
12:48:13.0935 5500	amdiox64 - ok
12:48:13.0980 5500	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:48:13.0982 5500	AmdK8 - ok
12:48:14.0200 5500	amdkmdag        (0415ffe1b6a6ea141feafca57567f57f) C:\Windows\system32\DRIVERS\atikmdag.sys
12:48:14.0360 5500	amdkmdag - ok
12:48:14.0428 5500	amdkmdap        (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\Windows\system32\DRIVERS\atikmpag.sys
12:48:14.0430 5500	amdkmdap - ok
12:48:14.0469 5500	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:48:14.0470 5500	AmdPPM - ok
12:48:14.0498 5500	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:48:14.0500 5500	amdsata - ok
12:48:14.0515 5500	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:48:14.0518 5500	amdsbs - ok
12:48:14.0545 5500	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:48:14.0546 5500	amdxata - ok
12:48:14.0596 5500	AODDriver4.01   (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
12:48:14.0597 5500	AODDriver4.01 - ok
12:48:14.0676 5500	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:48:14.0678 5500	AppID - ok
12:48:14.0734 5500	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:48:14.0736 5500	arc - ok
12:48:14.0753 5500	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:48:14.0755 5500	arcsas - ok
12:48:14.0866 5500	aswFsBlk        (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
12:48:14.0867 5500	aswFsBlk - ok
12:48:14.0888 5500	aswMonFlt       (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
12:48:14.0889 5500	aswMonFlt - ok
12:48:14.0904 5500	aswRdr          (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
12:48:14.0904 5500	aswRdr - ok
12:48:14.0930 5500	aswSnx          (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
12:48:14.0933 5500	aswSnx - ok
12:48:14.0953 5500	aswSP           (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
12:48:14.0955 5500	aswSP - ok
12:48:14.0971 5500	aswTdi          (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
12:48:14.0971 5500	aswTdi - ok
12:48:14.0988 5500	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:48:14.0989 5500	AsyncMac - ok
12:48:15.0049 5500	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:48:15.0050 5500	atapi - ok
12:48:15.0093 5500	AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
12:48:15.0095 5500	AtiHDAudioService - ok
12:48:15.0164 5500	atillk64 - ok
12:48:15.0231 5500	ATSwpWDF        (ea512f43f4a28d18b52cafe8c93984fb) C:\Windows\system32\Drivers\ATSwpWDF.sys
12:48:15.0235 5500	ATSwpWDF - ok
12:48:15.0291 5500	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:48:15.0296 5500	b06bdrv - ok
12:48:15.0333 5500	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:48:15.0337 5500	b57nd60a - ok
12:48:15.0382 5500	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:48:15.0383 5500	Beep - ok
12:48:15.0414 5500	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:48:15.0416 5500	blbdrive - ok
12:48:15.0470 5500	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:48:15.0472 5500	bowser - ok
12:48:15.0518 5500	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:48:15.0519 5500	BrFiltLo - ok
12:48:15.0573 5500	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:48:15.0574 5500	BrFiltUp - ok
12:48:15.0596 5500	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:48:15.0600 5500	Brserid - ok
12:48:15.0616 5500	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:48:15.0617 5500	BrSerWdm - ok
12:48:15.0628 5500	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:48:15.0629 5500	BrUsbMdm - ok
12:48:15.0636 5500	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:48:15.0637 5500	BrUsbSer - ok
12:48:15.0664 5500	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:48:15.0666 5500	BTHMODEM - ok
12:48:15.0699 5500	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:48:15.0701 5500	cdfs - ok
12:48:15.0768 5500	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:48:15.0771 5500	cdrom - ok
12:48:15.0795 5500	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:48:15.0796 5500	circlass - ok
12:48:15.0826 5500	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:48:15.0831 5500	CLFS - ok
12:48:15.0885 5500	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:48:15.0886 5500	CmBatt - ok
12:48:15.0947 5500	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:48:15.0948 5500	cmdide - ok
12:48:16.0058 5500	cmudaxp         (0367f029425cbd5506e8db2757ff3a8f) C:\Windows\system32\drivers\cmudaxp.sys
12:48:16.0076 5500	cmudaxp - ok
12:48:16.0147 5500	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:48:16.0153 5500	CNG - ok
12:48:16.0176 5500	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:48:16.0177 5500	Compbatt - ok
12:48:16.0268 5500	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:48:16.0269 5500	CompositeBus - ok
12:48:16.0324 5500	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:48:16.0325 5500	crcdisk - ok
12:48:16.0384 5500	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
12:48:16.0390 5500	CSC - ok
12:48:16.0427 5500	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:48:16.0429 5500	DfsC - ok
12:48:16.0447 5500	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:48:16.0449 5500	discache - ok
12:48:16.0516 5500	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:48:16.0517 5500	Disk - ok
12:48:16.0548 5500	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:48:16.0549 5500	drmkaud - ok
12:48:16.0579 5500	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:48:16.0589 5500	DXGKrnl - ok
12:48:16.0652 5500	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:48:16.0682 5500	ebdrv - ok
12:48:16.0756 5500	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:48:16.0762 5500	elxstor - ok
12:48:16.0784 5500	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:48:16.0785 5500	ErrDev - ok
12:48:16.0822 5500	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:48:16.0825 5500	exfat - ok
12:48:16.0844 5500	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:48:16.0847 5500	fastfat - ok
12:48:16.0877 5500	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:48:16.0878 5500	fdc - ok
12:48:16.0940 5500	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:48:16.0941 5500	FileInfo - ok
12:48:16.0952 5500	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:48:16.0953 5500	Filetrace - ok
12:48:16.0979 5500	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:48:16.0981 5500	flpydisk - ok
12:48:17.0014 5500	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:48:17.0018 5500	FltMgr - ok
12:48:17.0040 5500	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:48:17.0041 5500	FsDepends - ok
12:48:17.0058 5500	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:48:17.0059 5500	Fs_Rec - ok
12:48:17.0158 5500	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:48:17.0162 5500	fvevol - ok
12:48:17.0196 5500	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:48:17.0197 5500	gagp30kx - ok
12:48:17.0213 5500	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:48:17.0214 5500	GEARAspiWDM - ok
12:48:17.0231 5500	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:48:17.0232 5500	hcw85cir - ok
12:48:17.0275 5500	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:48:17.0277 5500	HdAudAddService - ok
12:48:17.0334 5500	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:48:17.0335 5500	HDAudBus - ok
12:48:17.0349 5500	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:48:17.0350 5500	HidBatt - ok
12:48:17.0375 5500	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:48:17.0377 5500	HidBth - ok
12:48:17.0389 5500	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:48:17.0390 5500	HidIr - ok
12:48:17.0418 5500	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:48:17.0418 5500	HidUsb - ok
12:48:17.0438 5500	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:48:17.0440 5500	HpSAMD - ok
12:48:17.0473 5500	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:48:17.0481 5500	HTTP - ok
12:48:17.0544 5500	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:48:17.0545 5500	hwpolicy - ok
12:48:17.0590 5500	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:48:17.0592 5500	i8042prt - ok
12:48:17.0623 5500	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:48:17.0628 5500	iaStorV - ok
12:48:17.0725 5500	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:48:17.0726 5500	iirsp - ok
12:48:17.0753 5500	IntcAzAudAddService - ok
12:48:17.0783 5500	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:48:17.0784 5500	intelide - ok
12:48:17.0801 5500	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:48:17.0803 5500	intelppm - ok
12:48:17.0826 5500	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:48:17.0828 5500	IpFilterDriver - ok
12:48:17.0851 5500	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:48:17.0853 5500	IPMIDRV - ok
12:48:17.0914 5500	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:48:17.0916 5500	IPNAT - ok
12:48:17.0956 5500	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:48:17.0957 5500	IRENUM - ok
12:48:17.0975 5500	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:48:17.0976 5500	isapnp - ok
12:48:17.0996 5500	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:48:18.0000 5500	iScsiPrt - ok
12:48:18.0066 5500	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:48:18.0067 5500	kbdclass - ok
12:48:18.0114 5500	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:48:18.0115 5500	kbdhid - ok
12:48:18.0141 5500	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:48:18.0143 5500	KSecDD - ok
12:48:18.0171 5500	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:48:18.0173 5500	KSecPkg - ok
12:48:18.0193 5500	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:48:18.0194 5500	ksthunk - ok
12:48:18.0296 5500	LGBusEnum       (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
12:48:18.0297 5500	LGBusEnum - ok
12:48:18.0309 5500	LGPBTDD         (f705a641c18df31b48b5dbda94b425e4) C:\Windows\system32\Drivers\LGPBTDD.sys
12:48:18.0310 5500	LGPBTDD - ok
12:48:18.0334 5500	LGVirHid        (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
12:48:18.0335 5500	LGVirHid - ok
12:48:18.0362 5500	LHidFilt        (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:48:18.0363 5500	LHidFilt - ok
12:48:18.0376 5500	libusb0 - ok
12:48:18.0411 5500	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:48:18.0413 5500	lltdio - ok
12:48:18.0466 5500	LMouFilt        (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:48:18.0467 5500	LMouFilt - ok
12:48:18.0489 5500	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:48:18.0491 5500	LSI_FC - ok
12:48:18.0499 5500	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:48:18.0501 5500	LSI_SAS - ok
12:48:18.0513 5500	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:48:18.0514 5500	LSI_SAS2 - ok
12:48:18.0523 5500	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:48:18.0525 5500	LSI_SCSI - ok
12:48:18.0543 5500	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:48:18.0545 5500	luafv - ok
12:48:18.0607 5500	MBAMProtector   (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
12:48:18.0608 5500	MBAMProtector - ok
12:48:18.0676 5500	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:48:18.0678 5500	megasas - ok
12:48:18.0697 5500	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:48:18.0701 5500	MegaSR - ok
12:48:18.0728 5500	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:48:18.0730 5500	Modem - ok
12:48:18.0746 5500	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:48:18.0747 5500	monitor - ok
12:48:18.0775 5500	MotioninJoyXFilter (5fec1ff5bb9a1fa5c9cf4544d19d6d5d) C:\Windows\system32\DRIVERS\MijXfilt.sys
12:48:18.0776 5500	MotioninJoyXFilter - ok
12:48:18.0843 5500	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:48:18.0844 5500	mouclass - ok
12:48:18.0881 5500	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:48:18.0882 5500	mouhid - ok
12:48:18.0911 5500	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:48:18.0913 5500	mountmgr - ok
12:48:18.0941 5500	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:48:18.0944 5500	mpio - ok
12:48:18.0961 5500	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:48:18.0963 5500	mpsdrv - ok
12:48:19.0034 5500	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:48:19.0036 5500	MRxDAV - ok
12:48:19.0060 5500	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:48:19.0063 5500	mrxsmb - ok
12:48:19.0095 5500	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:48:19.0097 5500	mrxsmb10 - ok
12:48:19.0108 5500	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:48:19.0110 5500	mrxsmb20 - ok
12:48:19.0135 5500	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:48:19.0136 5500	msahci - ok
12:48:19.0165 5500	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:48:19.0167 5500	msdsm - ok
12:48:19.0238 5500	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:48:19.0239 5500	Msfs - ok
12:48:19.0257 5500	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:48:19.0258 5500	mshidkmdf - ok
12:48:19.0271 5500	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:48:19.0272 5500	msisadrv - ok
12:48:19.0299 5500	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:48:19.0300 5500	MSKSSRV - ok
12:48:19.0316 5500	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:48:19.0317 5500	MSPCLOCK - ok
12:48:19.0327 5500	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:48:19.0328 5500	MSPQM - ok
12:48:19.0356 5500	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:48:19.0360 5500	MsRPC - ok
12:48:19.0424 5500	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:48:19.0425 5500	mssmbios - ok
12:48:19.0453 5500	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:48:19.0454 5500	MSTEE - ok
12:48:19.0466 5500	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:48:19.0467 5500	MTConfig - ok
12:48:19.0496 5500	MTsensor        (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
12:48:19.0497 5500	MTsensor - ok
12:48:19.0509 5500	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:48:19.0510 5500	Mup - ok
12:48:19.0570 5500	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:48:19.0574 5500	NativeWifiP - ok
12:48:19.0618 5500	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:48:19.0628 5500	NDIS - ok
12:48:19.0651 5500	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:48:19.0653 5500	NdisCap - ok
12:48:19.0675 5500	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:48:19.0676 5500	NdisTapi - ok
12:48:19.0693 5500	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:48:19.0695 5500	Ndisuio - ok
12:48:19.0755 5500	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:48:19.0757 5500	NdisWan - ok
12:48:19.0784 5500	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:48:19.0785 5500	NDProxy - ok
12:48:19.0812 5500	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:48:19.0814 5500	NetBIOS - ok
12:48:19.0841 5500	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:48:19.0845 5500	NetBT - ok
12:48:19.0953 5500	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:48:19.0955 5500	nfrd960 - ok
12:48:19.0988 5500	npf             (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
12:48:19.0989 5500	npf - ok
12:48:20.0005 5500	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:48:20.0007 5500	Npfs - ok
12:48:20.0021 5500	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:48:20.0022 5500	nsiproxy - ok
12:48:20.0081 5500	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:48:20.0096 5500	Ntfs - ok
12:48:20.0159 5500	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:48:20.0160 5500	Null - ok
12:48:20.0184 5500	NVHDA - ok
12:48:20.0412 5500	nvlddmkm        (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:48:20.0608 5500	nvlddmkm - ok
12:48:20.0670 5500	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:48:20.0673 5500	nvraid - ok
12:48:20.0691 5500	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:48:20.0694 5500	nvstor - ok
12:48:20.0740 5500	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:48:20.0742 5500	nv_agp - ok
12:48:20.0771 5500	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:48:20.0773 5500	ohci1394 - ok
12:48:20.0845 5500	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:48:20.0847 5500	Parport - ok
12:48:20.0869 5500	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:48:20.0870 5500	partmgr - ok
12:48:20.0947 5500	pbfilter        (55223eefabfdb84a926515febab50d9a) C:\Program Files\PeerBlock\pbfilter.sys
12:48:20.0948 5500	pbfilter - ok
12:48:21.0017 5500	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:48:21.0019 5500	pci - ok
12:48:21.0035 5500	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:48:21.0037 5500	pciide - ok
12:48:21.0067 5500	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:48:21.0070 5500	pcmcia - ok
12:48:21.0089 5500	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:48:21.0090 5500	pcw - ok
12:48:21.0107 5500	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:48:21.0115 5500	PEAUTH - ok
12:48:21.0207 5500	PPJoyBus        (610183c42efb6a9a0e3f31dbcabb6a58) C:\Windows\system32\DRIVERS\PPJoyBus64.sys
12:48:21.0208 5500	PPJoyBus - ok
12:48:21.0241 5500	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:48:21.0244 5500	PptpMiniport - ok
12:48:21.0271 5500	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:48:21.0273 5500	Processor - ok
12:48:21.0317 5500	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:48:21.0320 5500	Psched - ok
12:48:21.0410 5500	PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
12:48:21.0412 5500	PxHlpa64 - ok
12:48:21.0461 5500	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:48:21.0476 5500	ql2300 - ok
12:48:21.0495 5500	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:48:21.0498 5500	ql40xx - ok
12:48:21.0516 5500	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:48:21.0518 5500	QWAVEdrv - ok
12:48:21.0536 5500	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:48:21.0537 5500	RasAcd - ok
12:48:21.0589 5500	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:48:21.0590 5500	RasAgileVpn - ok
12:48:21.0618 5500	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:48:21.0620 5500	Rasl2tp - ok
12:48:21.0641 5500	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:48:21.0643 5500	RasPppoe - ok
12:48:21.0658 5500	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:48:21.0660 5500	RasSstp - ok
12:48:21.0680 5500	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:48:21.0684 5500	rdbss - ok
12:48:21.0699 5500	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:48:21.0700 5500	rdpbus - ok
12:48:21.0710 5500	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:48:21.0711 5500	RDPCDD - ok
12:48:21.0738 5500	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
12:48:21.0741 5500	RDPDR - ok
12:48:21.0794 5500	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:48:21.0796 5500	RDPENCDD - ok
12:48:21.0805 5500	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:48:21.0806 5500	RDPREFMP - ok
12:48:21.0845 5500	RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
12:48:21.0846 5500	RdpVideoMiniport - ok
12:48:21.0890 5500	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:48:21.0893 5500	RDPWD - ok
12:48:21.0921 5500	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:48:21.0924 5500	rdyboost - ok
12:48:21.0978 5500	RivaTuner64     (9b29bbd1427f71a854c2b400f3bbcf55) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
12:48:21.0979 5500	RivaTuner64 - ok
12:48:22.0041 5500	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:48:22.0043 5500	rspndr - ok
12:48:22.0077 5500	RTL8167         (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:48:22.0080 5500	RTL8167 - ok
12:48:22.0101 5500	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
12:48:22.0103 5500	s3cap - ok
12:48:22.0181 5500	SANDRA          (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\Sandra.sys
12:48:22.0182 5500	SANDRA - ok
12:48:22.0254 5500	SbieDrv         (1fc5d553f8ec9779702fb8264863e3a2) C:\Program Files\Sandboxie\SbieDrv.sys
12:48:22.0255 5500	SbieDrv - ok
12:48:22.0329 5500	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:48:22.0332 5500	sbp2port - ok
12:48:22.0355 5500	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:48:22.0356 5500	scfilter - ok
12:48:22.0403 5500	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:48:22.0405 5500	secdrv - ok
12:48:22.0423 5500	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:48:22.0425 5500	Serenum - ok
12:48:22.0454 5500	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:48:22.0456 5500	Serial - ok
12:48:22.0519 5500	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:48:22.0521 5500	sermouse - ok
12:48:22.0551 5500	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:48:22.0552 5500	sffdisk - ok
12:48:22.0563 5500	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:48:22.0565 5500	sffp_mmc - ok
12:48:22.0577 5500	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:48:22.0579 5500	sffp_sd - ok
12:48:22.0603 5500	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:48:22.0604 5500	sfloppy - ok
12:48:22.0631 5500	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:48:22.0632 5500	SiSRaid2 - ok
12:48:22.0645 5500	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:48:22.0647 5500	SiSRaid4 - ok
12:48:22.0706 5500	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:48:22.0708 5500	Smb - ok
12:48:22.0732 5500	speedfan - ok
12:48:22.0749 5500	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:48:22.0750 5500	spldr - ok
12:48:22.0782 5500	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:48:22.0789 5500	srv - ok
12:48:22.0821 5500	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:48:22.0826 5500	srv2 - ok
12:48:22.0881 5500	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:48:22.0884 5500	srvnet - ok
12:48:22.0948 5500	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:48:22.0950 5500	stexstor - ok
12:48:23.0027 5500	STGMFEngine64   (70d9e406a1170a801b0d9ccecf9d6914) C:\Windows\system32\drivers\STGMFEngine64.sys
12:48:23.0028 5500	STGMFEngine64 - ok
12:48:23.0057 5500	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
12:48:23.0059 5500	storflt - ok
12:48:23.0074 5500	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
12:48:23.0076 5500	storvsc - ok
12:48:23.0090 5500	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:48:23.0092 5500	swenum - ok
12:48:23.0168 5500	Synth3dVsc - ok
12:48:23.0227 5500	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
12:48:23.0239 5500	Tcpip - ok
12:48:23.0275 5500	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
12:48:23.0283 5500	TCPIP6 - ok
12:48:23.0304 5500	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:48:23.0306 5500	tcpipreg - ok
12:48:23.0330 5500	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:48:23.0332 5500	TDPIPE - ok
12:48:23.0343 5500	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:48:23.0344 5500	TDTCP - ok
12:48:23.0411 5500	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:48:23.0413 5500	tdx - ok
12:48:23.0488 5500	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:48:23.0490 5500	TermDD - ok
12:48:23.0593 5500	truecrypt       (ea43de1743c1ba0d2d17b8db90c91d88) C:\Windows\system32\drivers\truecrypt.sys
12:48:23.0595 5500	truecrypt - ok
12:48:23.0621 5500	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:48:23.0623 5500	tssecsrv - ok
12:48:23.0664 5500	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:48:23.0666 5500	TsUsbFlt - ok
12:48:23.0674 5500	tsusbhub - ok
12:48:23.0711 5500	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:48:23.0714 5500	tunnel - ok
12:48:23.0781 5500	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:48:23.0783 5500	uagp35 - ok
12:48:23.0807 5500	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:48:23.0811 5500	udfs - ok
12:48:23.0853 5500	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:48:23.0855 5500	uliagpkx - ok
12:48:23.0897 5500	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:48:23.0899 5500	umbus - ok
12:48:23.0915 5500	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:48:23.0916 5500	UmPass - ok
12:48:23.0987 5500	USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
12:48:23.0988 5500	USBAAPL64 - ok
12:48:24.0019 5500	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:48:24.0021 5500	usbaudio - ok
12:48:24.0041 5500	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:48:24.0042 5500	usbccgp - ok
12:48:24.0071 5500	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:48:24.0074 5500	usbcir - ok
12:48:24.0101 5500	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:48:24.0103 5500	usbehci - ok
12:48:24.0168 5500	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:48:24.0170 5500	usbhub - ok
12:48:24.0191 5500	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:48:24.0193 5500	usbohci - ok
12:48:24.0226 5500	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:48:24.0226 5500	usbprint - ok
12:48:24.0252 5500	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:48:24.0253 5500	usbscan - ok
12:48:24.0318 5500	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:48:24.0319 5500	USBSTOR - ok
12:48:24.0378 5500	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:48:24.0379 5500	usbuhci - ok
12:48:24.0418 5500	VCSVADHWSer     (3a4b01c2bdb07dfef29b0b369487503a) C:\Windows\system32\DRIVERS\vcsvad.sys
12:48:24.0419 5500	VCSVADHWSer - ok
12:48:24.0451 5500	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:48:24.0453 5500	vdrvroot - ok
12:48:24.0483 5500	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:48:24.0484 5500	vga - ok
12:48:24.0502 5500	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:48:24.0504 5500	VgaSave - ok
12:48:24.0551 5500	VGPU - ok
12:48:24.0582 5500	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:48:24.0585 5500	vhdmp - ok
12:48:24.0599 5500	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:48:24.0600 5500	viaide - ok
12:48:24.0617 5500	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
12:48:24.0620 5500	vmbus - ok
12:48:24.0640 5500	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
12:48:24.0641 5500	VMBusHID - ok
12:48:24.0663 5500	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:48:24.0665 5500	volmgr - ok
12:48:24.0695 5500	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:48:24.0700 5500	volmgrx - ok
12:48:24.0768 5500	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:48:24.0770 5500	volsnap - ok
12:48:24.0797 5500	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:48:24.0800 5500	vsmraid - ok
12:48:24.0818 5500	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
12:48:24.0820 5500	vwifibus - ok
12:48:24.0853 5500	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:48:24.0855 5500	WacomPen - ok
12:48:24.0888 5500	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:48:24.0890 5500	WANARP - ok
12:48:24.0893 5500	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:48:24.0894 5500	Wanarpv6 - ok
12:48:24.0948 5500	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:48:24.0949 5500	Wd - ok
12:48:24.0975 5500	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:48:24.0982 5500	Wdf01000 - ok
12:48:25.0018 5500	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:48:25.0020 5500	WfpLwf - ok
12:48:25.0034 5500	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:48:25.0036 5500	WIMMount - ok
12:48:25.0100 5500	WinRing0_1_2_0 - ok
12:48:25.0186 5500	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:48:25.0187 5500	WinUsb - ok
12:48:25.0217 5500	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:48:25.0218 5500	WmiAcpi - ok
12:48:25.0241 5500	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:48:25.0243 5500	ws2ifsl - ok
12:48:25.0273 5500	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:48:25.0275 5500	WudfPf - ok
12:48:25.0312 5500	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:48:25.0315 5500	WUDFRd - ok
12:48:25.0386 5500	XENfiltv        (754c8bf43f0dd4b54865f174a62761e9) C:\Windows\system32\drivers\XENfiltv.sys
12:48:25.0387 5500	XENfiltv - ok
12:48:25.0423 5500	xusb21          (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys
12:48:25.0424 5500	xusb21 - ok
12:48:25.0448 5500	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:48:25.0459 5500	\Device\Harddisk0\DR0 - ok
12:48:25.0461 5500	Boot (0x1200)   (2c47691fab4a791053ddcfa7e6719f83) \Device\Harddisk0\DR0\Partition0
12:48:25.0461 5500	\Device\Harddisk0\DR0\Partition0 - ok
12:48:25.0467 5500	Boot (0x1200)   (76faf5b6d05eddb92d51a2ba7570c6a5) \Device\Harddisk0\DR0\Partition1
12:48:25.0467 5500	\Device\Harddisk0\DR0\Partition1 - ok
12:48:25.0492 5500	Boot (0x1200)   (4285d2dc86ee7941a070931a0e774d2b) \Device\Harddisk0\DR0\Partition2
12:48:25.0493 5500	\Device\Harddisk0\DR0\Partition2 - ok
12:48:25.0516 5500	Boot (0x1200)   (4c1c337402cf0c9bbe97c60a32db1dc2) \Device\Harddisk0\DR0\Partition3
12:48:25.0517 5500	\Device\Harddisk0\DR0\Partition3 - ok
12:48:25.0517 5500	============================================================
12:48:25.0517 5500	Scan finished
12:48:25.0517 5500	============================================================
12:48:25.0524 5732	Detected object count: 0
12:48:25.0524 5732	Actual detected object count: 0
         
__________________

Geändert von Criunk (11.12.2011 um 12:58 Uhr)

Alt 11.12.2011, 14:25   #4
Criunk
 
Trojan.Agent - Standard

Trojan.Agent



Sorry für den Doppelpost, aber...

Ich kann die Datei C:\Windows\is-V8MN4.exe nicht finden, auch nicht wenn ich unhide.exe benutzt habe und sogar den Pfad kopiert habe.

Habe nochmal einen OTL Scan gemacht, komischerweise Existiert die Datei nicht mehr.

Hier :

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.12.2011 13:59:42 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\HAFX\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 33,92% Memory free
8,00 Gb Paging File | 5,33 Gb Available in Paging File | 66,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 96,52 Gb Free Space | 49,44% Space Free | Partition Type: NTFS
Drive D: | 244,14 Gb Total Space | 104,04 Gb Free Space | 42,61% Space Free | Partition Type: NTFS
Drive E: | 26,31 Gb Total Space | 26,18 Gb Free Space | 99,53% Space Free | Partition Type: NTFS
 
Computer Name: HAFX-PC | User Name: HAFX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.11 01:24:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\HAFX\Downloads\OTL.exe
PRC - [2011.12.06 17:23:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.12.02 10:37:40 | 002,923,392 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.11.08 20:15:50 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.11.08 16:10:42 | 002,132,480 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\LCDHost.exe
PRC - [2011.11.07 20:14:42 | 028,854,408 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.12 16:06:14 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.23 04:34:34 | 024,182,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.06.06 20:05:02 | 000,858,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDYT.exe
PRC - [2011.06.06 20:05:02 | 000,850,504 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDMovieViewer.exe
PRC - [2011.06.06 20:05:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe
PRC - [2011.06.06 20:05:02 | 000,498,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsColor-1.00.027\Applets\x86\LCDWebCam.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.04.26 13:55:58 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe
PRC - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.05.20 09:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2006.11.17 16:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.10 23:39:32 | 000,576,512 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_DataViewer.dll
MOD - [2011.11.18 15:06:44 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.08 20:15:49 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.08 16:15:40 | 000,112,128 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_LgLcdMan.dll
MOD - [2011.11.08 16:15:26 | 000,110,592 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_LgBacklight.dll
MOD - [2011.11.08 16:14:50 | 000,355,328 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_WebKit.dll
MOD - [2011.11.08 16:14:02 | 000,094,208 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_VirtualLCD.dll
MOD - [2011.11.08 16:13:54 | 000,286,208 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Text.dll
MOD - [2011.11.08 16:13:20 | 000,298,496 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Mailcount.dll
MOD - [2011.11.08 16:12:58 | 001,353,728 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Lua.dll
MOD - [2011.11.08 16:11:44 | 000,103,936 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Decor.dll
MOD - [2011.11.08 16:11:44 | 000,009,728 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Image.dll
MOD - [2011.11.08 16:11:34 | 000,264,192 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Bar.dll
MOD - [2011.11.08 16:10:42 | 002,132,480 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\LCDHost.exe
MOD - [2011.11.07 20:12:12 | 016,827,392 | R--- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll
MOD - [2011.11.07 20:05:36 | 000,312,320 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll
MOD - [2011.11.07 20:05:34 | 000,264,192 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll
MOD - [2011.11.07 20:05:34 | 000,211,456 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll
MOD - [2011.11.07 20:05:34 | 000,032,256 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll
MOD - [2011.11.07 20:05:34 | 000,028,672 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll
MOD - [2011.11.07 20:05:32 | 000,172,544 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qjpcodecs4.dll
MOD - [2011.11.07 20:05:32 | 000,158,208 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qtwcodecs4.dll
MOD - [2011.11.07 20:05:32 | 000,079,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qkrcodecs4.dll
MOD - [2011.11.07 20:05:28 | 000,143,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qcncodecs4.dll
MOD - [2011.11.07 20:04:10 | 000,327,680 | R--- | M] () -- C:\Program Files (x86)\Origin\phonon4.dll
MOD - [2011.11.07 20:04:08 | 001,152,512 | R--- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll
MOD - [2011.11.07 20:04:08 | 000,413,184 | R--- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll
MOD - [2011.11.07 20:04:06 | 009,440,256 | R--- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll
MOD - [2011.11.07 20:04:04 | 002,694,144 | R--- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll
MOD - [2011.10.12 16:06:14 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2011.07.09 10:12:52 | 000,377,344 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Weather.dll
MOD - [2011.07.09 10:12:44 | 000,173,568 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Dial.dll
MOD - [2011.07.09 10:12:34 | 000,206,336 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Graph.dll
MOD - [2011.07.09 10:12:30 | 000,755,712 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Monitoring.dll
MOD - [2011.07.09 10:12:22 | 000,442,368 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\LH_Cursor.dll
MOD - [2011.05.04 12:35:04 | 002,552,320 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtCore4.dll
MOD - [2011.05.04 12:34:56 | 000,399,360 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtXml4.dll
MOD - [2011.05.04 12:34:44 | 001,209,344 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtNetwork4.dll
MOD - [2011.05.04 12:34:44 | 000,379,392 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qtiff4.dll
MOD - [2011.05.04 12:34:36 | 009,849,856 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\QtGui4.dll
MOD - [2011.05.04 12:34:22 | 000,351,744 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qmng4.dll
MOD - [2011.05.04 12:34:22 | 000,287,232 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qjpeg4.dll
MOD - [2011.05.04 12:34:22 | 000,083,456 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qico4.dll
MOD - [2011.05.04 12:34:22 | 000,083,456 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\plugins\imageformats\qgif4.dll
MOD - [2011.05.04 12:34:22 | 000,043,008 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\libgcc_s_dw2-1.dll
MOD - [2011.05.04 12:34:22 | 000,011,362 | ---- | M] () -- C:\Users\HAFX\Documents\LCDHost\mingwm10.dll
MOD - [2011.04.26 13:55:58 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\SmartSVN 6.6\lib\shellext32.dll
MOD - [2011.02.14 22:02:58 | 002,417,664 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll
MOD - [2010.03.07 04:31:36 | 000,024,110 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2010.02.10 17:36:20 | 009,565,184 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll
MOD - [2010.02.10 17:11:00 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll
MOD - [2010.02.10 17:08:16 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll
MOD - [2009.06.22 19:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.11.23 14:17:26 | 000,094,992 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2011.10.26 03:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.10.25 21:14:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.06.17 08:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)
SRV:64bit: - [2011.06.09 19:55:13 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008.08.14 23:41:22 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2011.12.06 17:23:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.12.02 10:37:40 | 002,923,392 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.11.18 14:22:14 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.09.22 17:04:36 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.15 09:02:12 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011.06.07 13:45:18 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.06.07 13:45:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.04.26 13:55:58 | 000,216,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe -- (statuscached)
SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.11.20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.07.08 11:50:20 | 000,450,560 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) [Auto | Running] -- C:\Windows\SysWOW64\STGRAMDiskHandler64.exe -- (Steganos Volatile Disk)
SRV - [2010.05.20 09:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2005.03.09 19:50:18 | 000,018,944 | ---- | M] (libusb-Win32) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.11.23 14:17:24 | 000,158,336 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2011.11.10 18:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011.10.26 04:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.10.26 02:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.13 20:07:13 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011.06.24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.06 23:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.06.06 20:05:02 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV:64bit: - [2011.06.06 20:05:02 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2011.06.06 20:05:02 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.30 12:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 12:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 14:44:16 | 002,725,376 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2011.02.11 22:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.09.03 15:45:08 | 000,028,576 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt.com) [Driver] [Kernel | System | Running] -- C:\Windows\SysNative\drivers\STGMFEngine64.sys -- (STGMFEngine64)
DRV:64bit: - [2010.08.19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.03.19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.03 15:48:32 | 000,716,872 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009.11.04 04:03:56 | 000,020,032 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPJoyBus64.sys -- (PPJoyBus)
DRV:64bit: - [2009.09.28 01:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\Sandra.sys -- (SANDRA)
DRV:64bit: - [2009.07.31 10:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.12.26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2005.03.29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009.08.22 19:25:00 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.03.09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Hotmail und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 21 BC 3D 58 42 CC 01  [binary data]
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.6&q="
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.01 14:32:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.08 20:15:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.16 13:21:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.16 13:21:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2011.09.30 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Extensions
[2011.09.30 20:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.12.07 21:57:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions
[2011.10.16 20:17:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.20 19:37:03 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.07.18 11:46:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\battlefieldplay4free@ea.com
[2011.07.11 17:56:14 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\HAFX\AppData\Roaming\mozilla\Firefox\Profiles\yk9ok6on.default\extensions\engine@conduit.com
[2011.12.05 18:07:11 | 000,001,056 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Mozilla\Firefox\Profiles\yk9ok6on.default\searchplugins\icqplugin.xml
[2011.11.08 20:16:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\HAFX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YK9OK6ON.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\HAFX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YK9OK6ON.DEFAULT\EXTENSIONS\ADMIN@PROXY-LISTEN.DE.XPI
[2011.11.08 20:15:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\HAFX\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\HAFX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2011.08.01 18:11:25 | 000,001,195 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost ::1 localhost 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com 127.0.0.1 adobe-dns-5.adobe.com 127.0.0.1 hh-software.com 127.0.0.1 127.0.0.1 activate.adobe.de 127.0.0.1 practivate.adobe.de 127.0.0.1 ereg.adobe.de 127.0.0.1 activate.wip3.adobe.de 127.0.0.1 wip3.adobe.de 127.0.0.1 3dns-3.adobe.de 127.0.0.1 3dns-2.adobe.de 127.0.0.1 adobe-dns.adobe.de 127.0.0.1 adobe-dns-2.adobe.de 127.0.0.1 adobe-dns-3.adobe.de 127.0.0.1 ereg.wip3.adobe.de 127.0.0.1 activate-sea.adobe.de 127.0.0.1 wwis-dubc1-vip60.adobe.de 127.0.0.1 activate-sjc0.adobe.de 127.0.0.1 wwis-dubc1-vip60.adobe.de 127.0.0.1 hl2rcv.adobe.de
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\HAFX\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [CreativeTaskScheduler] C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe ()
O4 - Startup: C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\HAFX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk = C:\Users\HAFX\Documents\LCDHost\LCDHost.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HAFX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06C84457-AE19-4A2B-94B0-6C7567D79A33}: NameServer = 192.168.116.250
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5496e40c-9046-11e0-a20f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5496e40c-9046-11e0-a20f-806e6f6e6963}\Shell\AutoRun\command - "" = J:\AutoRunCD.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.11 12:47:13 | 000,000,000 | ---D | C] -- C:\TDSS
[2011.12.11 02:35:38 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Wireshark
[2011.12.11 02:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireshark
[2011.12.10 23:32:15 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LCDHost
[2011.12.10 23:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LcdStudio
[2011.12.10 23:22:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LcdStudio
[2011.12.10 23:12:12 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timisoft
[2011.12.10 23:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Timisoft
[2011.12.10 22:31:42 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Desktop\Programme
[2011.12.09 19:58:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.12.09 19:58:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.12.09 19:58:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.09 19:58:05 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.09 19:58:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.09 19:58:05 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.09 19:58:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.09 19:58:05 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.12.09 19:58:05 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.12.09 19:58:05 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.12.09 19:58:05 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.12.09 19:58:05 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.12.09 19:58:05 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.12.09 19:58:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.12.09 19:58:05 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.12.09 19:58:05 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.12.09 19:58:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.09 19:58:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.09 19:58:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.09 19:58:05 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.12.09 19:58:05 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.12.09 19:58:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.12.09 19:58:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.09 19:58:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.12.09 19:58:05 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.12.09 19:58:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.12.09 19:58:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.12.09 19:58:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.12.09 19:58:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.12.09 19:58:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.12.09 19:58:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.12.09 19:58:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.12.09 19:58:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.12.09 19:58:05 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.12.09 19:58:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.12.09 19:58:05 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.12.09 19:58:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.12.09 19:58:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.12.09 19:58:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.12.09 19:58:05 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.12.09 19:58:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.12.09 19:58:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.12.09 19:58:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.12.09 19:58:05 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.12.09 19:58:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.09 19:58:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.12.09 19:58:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.12.09 19:58:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.12.09 19:58:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.12.09 19:58:05 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.12.09 19:58:05 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.12.09 19:58:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.12.09 19:58:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.12.09 19:58:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.12.09 19:58:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.12.09 19:58:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.12.09 19:58:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.12.09 19:58:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.09 19:58:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.12.09 19:58:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.12.09 19:58:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.12.09 19:58:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.12.09 19:58:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.12.09 19:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.12.09 19:58:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.12.09 19:58:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.12.09 19:58:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.12.09 19:58:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.12.09 19:58:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.12.09 19:58:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.12.09 19:58:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.12.09 19:58:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.12.08 20:13:57 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Documents\Battlefield 2
[2011.12.08 14:52:02 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011.12.08 14:52:02 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.12.08 14:52:02 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011.12.08 14:52:02 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.12.08 14:52:02 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.12.08 14:52:01 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.12.08 14:52:01 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.12.08 14:52:01 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011.12.08 14:52:01 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.12.08 14:52:01 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.12.08 14:52:01 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.12.08 14:52:01 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011.12.08 14:52:01 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.12.08 14:52:01 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.12.08 14:52:01 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.12.08 14:29:45 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2011.12.08 14:29:44 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2011.12.08 14:29:44 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2011.12.08 14:29:44 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2011.12.08 14:29:44 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2011.12.08 14:29:44 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2011.12.08 14:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.12.07 13:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2011.12.07 13:34:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2011.12.07 13:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2011.12.06 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Vidalia
[2011.12.06 00:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2011.12.06 00:20:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bundle
[2011.12.05 11:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2011.12.05 11:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2011.12.04 22:18:16 | 000,000,000 | ---D | C] -- C:\Users\HAFX\Documents\Adobe
[2011.12.04 16:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
[2011.12.03 20:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2011.12.03 20:05:40 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Local\Paint.NET
[2011.12.03 12:42:10 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2011.12.03 12:14:59 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011.12.03 11:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2011.12.03 11:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011.11.30 14:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2011.11.30 14:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.11.26 13:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2011.11.22 20:27:43 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll
[2011.11.22 20:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2011.11.22 20:27:42 | 000,115,272 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011.11.22 16:52:13 | 000,000,000 | ---D | C] -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011.11.22 16:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.11.22 16:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.11.22 16:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.11 13:26:06 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347250277-935107026-2126249694-1000UA.job
[2011.12.11 12:42:43 | 000,080,384 | ---- | M] () -- C:\Users\HAFX\Desktop\MBRCheck.exe
[2011.12.11 12:16:24 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 12:16:24 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 12:08:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.11 12:08:28 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.11 03:00:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Crysis Wars(R) Updates.job
[2011.12.11 01:05:29 | 000,007,605 | ---- | M] () -- C:\Users\HAFX\AppData\Local\Resmon.ResmonCfg
[2011.12.10 23:32:15 | 000,000,920 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LCDHost.lnk
[2011.12.10 17:25:00 | 000,001,806 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.12.10 15:05:47 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.10 14:02:28 | 000,234,536 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.12.09 19:58:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.12.09 19:58:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.12.09 19:58:05 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.09 19:58:05 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.09 19:58:05 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.09 19:58:05 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.09 19:58:05 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.09 19:58:05 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.12.09 19:58:05 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.12.09 19:58:05 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.12.09 19:58:05 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.12.09 19:58:05 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.12.09 19:58:05 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.12.09 19:58:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.12.09 19:58:05 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.12.09 19:58:05 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.12.09 19:58:05 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.09 19:58:05 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.09 19:58:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.09 19:58:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.12.09 19:58:05 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.12.09 19:58:05 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.12.09 19:58:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.09 19:58:05 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.12.09 19:58:05 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.12.09 19:58:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.12.09 19:58:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.12.09 19:58:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.12.09 19:58:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.12.09 19:58:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.12.09 19:58:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.12.09 19:58:05 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.12.09 19:58:05 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.12.09 19:58:05 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.12.09 19:58:05 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.12.09 19:58:05 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.12.09 19:58:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.12.09 19:58:05 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.12.09 19:58:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.12.09 19:58:05 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.12.09 19:58:05 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.12.09 19:58:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.12.09 19:58:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.12.09 19:58:05 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.12.09 19:58:05 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.09 19:58:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.12.09 19:58:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.12.09 19:58:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.12.09 19:58:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.12.09 19:58:05 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.12.09 19:58:05 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.12.09 19:58:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.12.09 19:58:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.12.09 19:58:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.12.09 19:58:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.12.09 19:58:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.12.09 19:58:05 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.12.09 19:58:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.12.09 19:58:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.12.09 19:58:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.09 19:58:05 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.12.09 19:58:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.12.09 19:58:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.12.09 19:58:05 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.12.09 19:58:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.12.09 19:58:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.12.09 19:58:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.12.09 19:58:05 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.12.09 19:58:05 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.12.09 19:58:05 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.12.09 19:58:05 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.12.09 19:58:05 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.12.09 19:58:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.12.09 19:58:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.12.06 17:23:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.12.05 18:01:16 | 004,863,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.05 11:26:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2347250277-935107026-2126249694-1000Core.job
[2011.12.04 22:18:29 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI
[2011.12.01 14:32:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.11.28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.11.26 01:23:25 | 000,001,456 | ---- | M] () -- C:\Users\HAFX\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.11.18 15:06:44 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.13 22:51:17 | 000,000,132 | ---- | M] () -- C:\Users\HAFX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.11 12:42:35 | 000,080,384 | ---- | C] () -- C:\Users\HAFX\Desktop\MBRCheck.exe
[2011.12.11 01:05:29 | 000,007,605 | ---- | C] () -- C:\Users\HAFX\AppData\Local\Resmon.ResmonCfg
[2011.12.09 19:58:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.12.09 19:58:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.12.09 19:51:57 | 000,001,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2011.12.04 19:25:55 | 000,001,973 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.12.04 19:25:55 | 000,001,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.12.04 19:25:55 | 000,001,931 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.12.03 20:06:22 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2011.12.03 11:59:59 | 000,001,806 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011.11.30 14:38:01 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2011.11.30 14:36:17 | 000,001,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2011.11.30 14:34:08 | 000,001,558 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2011.11.26 13:09:45 | 000,001,050 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2011.11.09 14:20:55 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.10.29 21:00:05 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2011.10.26 02:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.10.26 02:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.10.19 16:28:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.18 09:15:08 | 000,104,072 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.09.25 19:03:44 | 000,011,959 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\PStrip.bak
[2011.09.25 19:03:35 | 000,013,501 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\PStrip.ini
[2011.09.25 09:01:11 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2011.09.25 09:01:11 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2011.09.25 09:01:11 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2011.09.25 09:01:09 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2011.09.25 09:00:49 | 000,000,925 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2011.09.25 09:00:46 | 000,004,967 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2011.09.25 08:36:14 | 000,000,558 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2011.09.22 11:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.19 09:47:34 | 011,296,768 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Sandra.mdb
[2011.09.16 17:50:31 | 000,001,456 | ---- | C] () -- C:\Users\HAFX\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.09 12:54:45 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2011.07.15 13:57:05 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2011.07.13 15:43:16 | 000,000,297 | ---- | C] () -- C:\Windows\game.ini
[2011.07.04 02:03:04 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2011.07.04 01:05:44 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.07.04 01:05:43 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.07.04 01:05:41 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.07.04 01:05:41 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.07.04 01:05:41 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.06.17 14:31:21 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.06.12 20:58:39 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.06.09 19:47:15 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.08 18:26:55 | 000,000,132 | ---- | C] () -- C:\Users\HAFX\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2011.06.08 12:46:20 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.08 12:46:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.08 12:46:17 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.06.07 13:45:24 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini
[2011.06.07 13:45:23 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.06.07 13:45:23 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.06.06 17:34:14 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.03.31 07:59:24 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
[2011.02.11 22:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1367 bytes -> C:\ProgramData\Microsoft:U2iV3me43NFza2XPUx820
@Alternate Data Stream - 1357 bytes -> C:\Program Files\Common Files\Microsoft Shared:xxUmOKn2CIFF7ncJAr9bWbC
@Alternate Data Stream - 1306 bytes -> C:\ProgramData\Microsoft:yy695qjNbyqWGs5ty4DukRgN
@Alternate Data Stream - 1193 bytes -> C:\ProgramData\Microsoft:hARchZB5SPhtfYzcjeXGu

< End of report >
         
--- --- ---

Alt 11.12.2011, 19:35   #5
Chris4You
 
Trojan.Agent - Standard

Trojan.Agent



Hi,

sieht soweit ok aus, allerdings ist jetzt auch schluß...
Du setzt eine gecrackte Adobe-Version ein, es sind typische Einträge zu finden..

chris&Out

__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 11.12.2011, 20:05   #6
Criunk
 
Trojan.Agent - Standard

Trojan.Agent



Ja, bitte nicht falsch verstehen, ich habe Adobe Photoshop CS5 legal erworben, da letzte woche mein Netzteil durchgeschmort ist, und ich nun ein notdürftiges im Rechner habe, kann ich nicht meine zweite Festplatte anschliessen (SATA) , auf der Platte ist Photoshop installiert, da ich photoshop zum arbeiten brauche, habe ich kurzerhand eine Portable photoshop Version bezogen, die ich natürlich auch löschen werde, wenn ich wieder Zugriff auf meine zweite Festplatte habe, es ist ein Missverständniss!

Ausserdem habe ich gerade erfahren dass mein Rechner manchmal Daten sendet und Herunterläd, wie kann ich überprüfen ob es ein Schadprogramm ist?, habe bereits alle Programme inklusive Origin geschlossen, trotzdem kommt es vor dass z.b. alle 5 sekunde, 6 ... 7 sekunden bisschen was gesendet wird (1-2kb)?

Antwort

Themen zu Trojan.Agent
.com, adobe, akamai, alternate, antivirus, avast, bho, bonjour, conduit, converter, defender, eset nod32, firefox, format, google, home, langs, launch, libusb0.sys, logfile, mozilla, mozilla thunderbird, mp3, object, origin, plug-in, realtek, registry, software, system, system neu, trojan, updates, version=1.0, webcheck, windows




Ähnliche Themen: Trojan.Agent


  1. trojan.agent/Gen-frauder und trojan.agent/Gen-Reputation gefunden
    Log-Analyse und Auswertung - 02.11.2013 (10)
  2. WinXp Trojan.Agent/Gen-Reputation Stolen.Data Trojan.Agent/Gen-DunDun Win32/Spy.Banker.YPK trojan
    Log-Analyse und Auswertung - 29.10.2013 (7)
  3. Trojan.Ransom.ED, Trojan.Agent.ED, Trojan.FakeMS.PRGen und Bublik b. durch Email erhalten?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (29)
  4. Bublik b.; Trojan.Ransom.ED; Trojan.Agent.ED und Trojan.FakeMS.PRGen in Email?
    Mülltonne - 28.03.2013 (0)
  5. Vista: Trojan.Ransom.Gen; Trojan.0Access; Trojan.Agent; Firewall inaktiv
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (3)
  6. Win.Trojan.Agent-228583, Win.Trojan.Expiro-1161 und Win.Trojan.Agent-232649
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (8)
  7. Trojan.Fakesmoke, Trojan.Agent-128337, Trojan.Agent-128287 bei Desinfect 2012 (Clam AV)
    Log-Analyse und Auswertung - 06.02.2013 (17)
  8. Trojaner gefunden: Win 32:Patcher [Trj], Win.Trojan.Agent-36124, Win.Trojan.Agent-44393
    Log-Analyse und Auswertung - 02.02.2013 (7)
  9. TR/ATRAPS.Gen und TR/Kazy durch Antivir gemeldet; ferner Trojan.Agent.MRGGen, Trojan.0Access, Trojan.Dropper.BCMiner
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (10)
  10. Trojan.Downloader, Trojan.Agent.VGENX, Trojan.Agent, PUP.Pantsoff.PasswordFinder, TR/spy.banker.gen5
    Log-Analyse und Auswertung - 27.10.2012 (1)
  11. Wohl mehrere Viren: Rootkit.0Access Trojan.Zaccess Trojan.RansomP.Gen Trojan.Agent bzw. TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (13)
  12. Trojan.Apppatch,Trojan.Agent.BVXGen und Trojan.Midhos in C:\Users\inet-kid\AppData,TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 13.09.2012 (35)
  13. Trojan.Agent, Backdoor.Agent, Trojan.Banker > 10 Trojaner auf einem PC
    Log-Analyse und Auswertung - 22.07.2012 (0)
  14. EXP/2008-5353.AO TR/Kazy.80527.3 Trojan.BT.Soft.Gen Trojan.Banker Trojan.Agent
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (5)
  15. Trojan.Agent, Trojan.FakeAltert, Trojan.Hiloti.Gen gefunden und gelöscht,aber wirklich weg?
    Log-Analyse und Auswertung - 27.04.2011 (11)
  16. Trojan.BHO, Spyware.Passwords.XGen, Trojan.Dropper und Trojan.Agent mit Malware gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (9)
  17. Diverse Trojaner vom Typ Trojan.Rodecap, Trojan.Dropper und Trojan.Agent! Brauche dringend Hilfe!
    Log-Analyse und Auswertung - 09.08.2010 (16)

Zum Thema Trojan.Agent - Hallo, Malwarebytes hat bei mir im Verzeichniss /..../Internet Explorer/ einen Trojan_Agent gefunden, natürlich wurde die Datei sofort mit Hilfe von Mbam gelöscht.Das Bizzarre, ich benutze den IE garnicht. Jedenfalls habe - Trojan.Agent...
Archiv
Du betrachtest: Trojan.Agent auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.