| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows wurde blockiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.02.2012, 09:03
| #16 |
  |  Windows wurde blockiert Hi, neben VPN hast Du noch eine IP aus Russland und eine aus USA als DNS-Server.... O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E65DDC-D557-4A3C-93DC-0488FAD00A79}: DhcpNameServer = 92.241.168.201 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5348C871-FA4C-48BA-8047-4C204317B8F4}: DhcpNameServer = 7.254.254.254 sagt Dir das was? Sonst sieht es ok aus... chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
22.02.2012, 14:05
| #17 |
 | Windows wurde blockiert Ich wüsste im Moment nicht genau was das ist.
__________________Was kann ich machen um das zu löschen? |
|
23.02.2012, 08:40
| #18 |
| | Windows wurde blockiert Hi,
__________________fixen wir das mal mit OTL... OTL:
 Code:
ATTFilter :OTL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E65DDC-D557-4A3C-93DC-0488FAD00A79}: DhcpNameServer = 92.241.168.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5348C871-FA4C-48BA-8047-4C204317B8F4}: DhcpNameServer = 7.254.254.254
:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[EMPTYFLASH]
[Reboot]
chris
__________________ |
|
23.02.2012, 20:52
| #19 |
| | Windows wurde blockiert Ich habe das von oben erstmal nicht ausgeführt. Ich hatte heute wieder diesen Virus nur in etwas anderer Form, aber vom Prinzip genau der selbe. Hab erstmal Systemwiederherstellung gemacht und jetzt geht alles wieder, aber ich weiß nicht wo das wieder herkam und ob noch was drinnen sitzt. OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.02.2012 19:48:59 - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kevin\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 33,96% Memory free 10,99 Gb Paging File | 9,03 Gb Available in Paging File | 82,19% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 73,32 Gb Free Space | 37,54% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 23,50 Gb Free Space | 8,69% Space Free | Partition Type: NTFS Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Programme\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Google\Update\1.3.21.99\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - D:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios) PRC - C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe (VIA) PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\lxbccoms.exe ( ) PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () ========== Modules (No Company Name) ========== MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll () MOD - C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll () MOD - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () ========== Win32 Services (SafeList) ========== SRV - (BVWYVEOMKJJ) -- File not found SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (postgresql-8.4) -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group) SRV - (postgresql-8.3) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (TunngleService) -- D:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (DAUpdaterSvc) -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) SRV - (RosettaStoneDaemon) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd.) SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software) SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (lxbc_device) -- C:\Windows\System32\lxbccoms.exe ( ) SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe () ========== Driver Services (SafeList) ========== DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys () DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys () DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bserd) -- C:\Windows\System32\drivers\ss_bserd.sys (MCCI Corporation) DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (truecrypt) -- C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Foundation) DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (tap0801) -- C:\Windows\System32\drivers\tap0801.sys (The OpenVPN Project) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: - SOFTWARE\Classes\CLSID\\LocalServer32 File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://google.icq.com/search/search_frame.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://google.icq.com/search/search_frame.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.wieistmeineip.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.24 FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@dyyno.com/vlc;version=0.8.6f.2: C:\Program Files\Dyyno\Dyyno Player\npvlc.dll (Dyyno) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.30 19:41:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.30 21:51:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.22 17:14:35 | 000,000,000 | ---D | M] [2009.01.23 17:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions [2012.02.22 12:29:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions [2010.03.19 20:36:29 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2011.02.02 19:41:10 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.26 18:52:16 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.06.15 14:42:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.12.30 19:50:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.04.23 10:42:05 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011.03.03 13:30:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.02.14 18:45:30 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\moveplayer@movenetworks.com [2009.04.20 14:36:41 | 000,000,000 | ---D | M] (Simple Dyyno Launcher) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\NPDyyno@dyyno.com [2010.10.20 19:48:50 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\1j5n9nvp.default\extensions\vshare@toolbar [2010.01.23 12:35:03 | 000,002,321 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\dictcc.xml [2009.06.15 20:46:47 | 000,002,030 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\myvideo-suche-.xml [2009.07.11 11:04:46 | 000,000,727 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\phpnet.xml [2009.01.23 18:10:53 | 000,002,108 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\1j5n9nvp.default\searchplugins\youtube-videosuche.xml [2012.02.22 12:29:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.01.29 12:33:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.03.16 22:19:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.07.16 13:48:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2009.02.19 09:53:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009.06.05 15:55:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009.08.23 14:39:09 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2011.03.16 22:19:29 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.07.16 13:48:53 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2010.12.30 19:41:01 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.04.21 00:20:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.04.21 00:20:52 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.04.21 00:20:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.04.21 00:20:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.04.21 00:20:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kevin\AppData\Local\Google\Chrome\Application\14.0.835.163\pdf.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Dyyno Player Plugin (Enabled) = C:\Program Files\Dyyno\Dyyno Player\npvlc.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\ O1 HOSTS File: ([2012.02.23 18:51:48 | 000,449,439 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 15448 more lines... O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\PrxerNsp.dll ( ) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\PrxerDrv.dll (Initex Software) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\PrxerDrv.dll (Initex Software) O15 - HKCU\..Trusted Domains: everestpoker.com ([account] https in Trusted sites) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DE9F9EF-8DB8-41C2-8A1F-AF77E3B8D7FB}: NameServer = 195.50.140.246 195.50.140.248 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E65DDC-D557-4A3C-93DC-0488FAD00A79}: DhcpNameServer = 92.241.168.201 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5348C871-FA4C-48BA-8047-4C204317B8F4}: DhcpNameServer = 7.254.254.254 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim - No CLSID value found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{5c2a288e-ee35-11df-a91a-d049f4b62852}\Shell - "" = AutoRun O33 - MountPoints2\{5c2a288e-ee35-11df-a91a-d049f4b62852}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{9c031dfe-e967-11dd-b6cc-002354732f26}\Shell - "" = AutoRun O33 - MountPoints2\{9c031dfe-e967-11dd-b6cc-002354732f26}\Shell\AutoRun\command - "" = H:\steambackup2.EXE O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.23 18:52:52 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.02.16 19:54:19 | 000,000,000 | ---D | C] -- C:\Program Files\tdsskiller [2012.02.15 20:12:09 | 000,000,000 | ---D | C] -- C:\_OTL [2012.02.14 19:12:14 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Malwarebytes [2012.02.14 19:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.14 19:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.14 19:11:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.02.14 19:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.02.14 17:58:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe [2012.02.13 17:59:32 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Avira [2012.02.13 17:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.02.13 17:58:05 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.02.13 17:58:04 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.02.13 17:58:04 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys [2012.02.13 17:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.02.13 17:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2009.01.29 19:28:27 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\PrxerNsp.dll [2009.01.26 14:40:49 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbcserv.dll [2009.01.26 14:40:49 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbcusb1.dll [2009.01.26 14:40:49 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbchbn3.dll [2009.01.26 14:40:49 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbccomc.dll [2009.01.26 14:40:49 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbcpmui.dll [2009.01.26 14:40:49 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbclmpm.dll [2009.01.26 14:40:49 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbccoms.exe [2009.01.26 14:40:49 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbccomm.dll [2009.01.26 14:40:49 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbcinpa.dll [2009.01.26 14:40:49 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbciesc.dll [2009.01.26 14:40:49 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbcih.exe [2009.01.26 14:40:49 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbccfg.exe [2009.01.26 14:40:49 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBChcp.dll [2009.01.26 14:40:49 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbcprox.dll [2009.01.26 14:40:49 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbcpplc.dll [4 C:\Users\Kevin\Documents\*.tmp files -> C:\Users\Kevin\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.23 18:52:52 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.02.23 18:51:48 | 000,449,439 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012.02.23 18:16:42 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.02.23 18:11:54 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.23 18:11:53 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.23 18:11:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.23 18:11:44 | 3488,735,232 | -HS- | M] () -- C:\hiberfil.sys [2012.02.22 19:03:14 | 000,026,722 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat [2012.02.22 14:07:55 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.02.21 23:30:39 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2012.02.19 21:22:12 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat [2012.02.19 21:22:12 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat [2012.02.18 14:38:07 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120221-170012.backup [2012.02.18 14:38:07 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120223-185148.backup [2012.02.18 14:38:07 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120223-185117.backup [2012.02.18 14:38:07 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120223-184832.backup [2012.02.18 14:38:07 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120221-194836.backup [2012.02.18 14:37:58 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120218-143807.backup [2012.02.16 15:39:13 | 000,002,623 | ---- | M] () -- C:\Users\Kevin\Desktop\Microsoft Word.lnk [2012.02.15 13:11:54 | 000,000,404 | ---- | M] () -- C:\Windows\LEXSTAT.INI [2012.02.14 19:11:44 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.14 17:58:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe [2012.02.13 17:58:20 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.02.11 21:16:46 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120216-200440.backup [2012.02.11 21:16:46 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120218-143758.backup [2012.02.11 21:16:46 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120218-143711.backup [2012.02.11 21:16:46 | 000,449,370 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120217-085149.backup [2012.02.08 19:32:27 | 000,449,370 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120211-211646.backup [2012.02.07 14:30:18 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120208-193227.backup [2012.02.05 18:52:43 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120207-143018.backup [2012.02.01 14:50:51 | 000,449,210 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120205-185243.backup [2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2012.01.26 19:09:46 | 000,699,116 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.01.26 19:09:46 | 000,655,278 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.01.26 19:09:46 | 000,156,440 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.01.26 19:09:46 | 000,128,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.01.26 19:09:25 | 000,154,624 | ---- | M] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.25 19:39:51 | 000,449,124 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120201-145051.backup [2012.01.25 12:12:05 | 000,448,311 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120125-193951.backup [4 C:\Users\Kevin\Documents\*.tmp files -> C:\Users\Kevin\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.23 18:11:44 | 3488,735,232 | -HS- | C] () -- C:\hiberfil.sys [2012.02.14 19:11:44 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.13 17:58:20 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2011.12.15 05:39:42 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011.08.01 18:35:03 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011.06.12 22:20:17 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI [2011.06.01 13:45:52 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011.06.01 13:45:52 | 000,042,112 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011.05.26 20:17:33 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2011.05.26 20:17:33 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011.05.12 20:46:08 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2011.01.13 18:18:15 | 000,000,365 | ---- | C] () -- C:\Users\Kevin\AppData\Local\postgresinstall.bat [2011.01.04 15:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.01.04 15:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011.01.04 15:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011.01.04 15:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011.01.04 15:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2010.12.06 14:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2010.05.26 19:37:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2010.04.28 20:31:06 | 000,000,068 | ---- | C] () -- C:\Windows\cdplayer.ini [2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.03.05 18:47:36 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2010.02.27 13:08:29 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2010.02.23 16:13:27 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll [2010.01.27 20:46:45 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.12.29 12:32:12 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009.12.23 20:40:51 | 000,000,762 | ---- | C] () -- C:\Windows\Edofma.INI [2009.08.28 13:25:32 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib [2009.07.23 19:20:43 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.05.29 17:36:24 | 000,086,250 | ---- | C] () -- C:\Windows\wininit.ini [2009.05.27 17:23:04 | 000,000,600 | ---- | C] () -- C:\Users\Kevin\AppData\Local\PUTTY.RND [2009.05.12 12:32:34 | 000,014,848 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2009.03.22 21:18:35 | 000,134,989 | ---- | C] () -- C:\Windows\War3Unin.dat [2009.03.15 19:22:50 | 000,000,535 | ---- | C] () -- C:\Windows\ODBCINST.INI [2009.01.29 20:02:15 | 000,000,093 | ---- | C] () -- C:\Users\Kevin\AppData\Local\fusioncache.dat [2009.01.29 19:28:29 | 000,000,386 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Current.prx [2009.01.26 14:40:49 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbcutil.dll [2009.01.26 14:40:49 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBCinst.dll [2009.01.26 11:19:30 | 000,026,722 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\wklnhst.dat [2009.01.26 11:15:43 | 000,001,187 | ---- | C] () -- C:\Windows\ODBC.INI [2009.01.26 10:43:49 | 000,000,404 | ---- | C] () -- C:\Windows\LEXSTAT.INI [2009.01.25 18:14:10 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.01.25 18:14:08 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.01.23 17:21:26 | 000,154,624 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.01.23 17:10:00 | 000,138,056 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PnkBstrK.sys [2009.01.23 17:09:45 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2009.01.23 17:09:43 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2009.01.23 17:09:43 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.01.23 15:28:26 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.01.23 15:28:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.01.23 15:04:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2009.01.23 15:04:23 | 000,026,082 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009.01.23 15:03:13 | 000,000,680 | ---- | C] () -- C:\Users\Kevin\AppData\Local\d3d9caps.dat [2008.01.21 08:15:58 | 000,699,116 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 08:15:58 | 000,156,440 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.12.28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2007.02.22 18:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbccoin.dll [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,296,152 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,655,278 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,128,292 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.10.25 14:51:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbcvs.dll [1999.01.22 21:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL [1998.06.10 00:00:00 | 000,015,120 | ---- | C] () -- C:\Windows\System32\REPUTIL.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 72 bytes -> C:\Windows:437DA1922D9BCD1B @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:A7D1EA69 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A064CECC @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:41ADDB8A @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:05EE1EEF < End of report > [/code] |
|
23.02.2012, 20:53
| #20 |
| | Windows wurde blockiert OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.02.2012 19:48:59 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 33,96% Memory free
10,99 Gb Paging File | 9,03 Gb Available in Paging File | 82,19% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 73,32 Gb Free Space | 37,54% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 23,50 Gb Free Space | 8,69% Space Free | Partition Type: NTFS
Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BC15B64-C369-496B-A7D8-CFFFC4738F54}" = lport=2869 | protocol=6 | dir=in | app=system |
"{93D28C7D-657A-4A6C-9A39-E8811B331A93}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9B414A25-7921-4077-8A59-B68AA7302B3D}" = lport=6112 | protocol=6 | dir=in | name=6112 |
"{A380219C-62BF-43B3-A6B1-09D5BDF70280}" = lport=1338 | protocol=6 | dir=in | name=1338 |
"{AC91602A-E785-452B-8567-15E5539F3047}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{C6D9711C-F8FC-4968-B369-15E51F4CA809}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{C84A652A-8EBA-4CB9-99A5-A971B83D8A81}" = lport=6112 | protocol=17 | dir=in | name=6112 |
"{DFEAD0CC-CDB7-455C-9249-93B9580096CA}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{FDFCFF18-B31E-40CD-BD14-B5E380366C3A}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02260DC9-E8BB-4709-AE40-AC121E1B75C4}" = protocol=6 | dir=in | app=d:\program files\tunngle\tunngle.exe |
"{050717F2-A386-453C-9E2F-3E820C983899}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{0B15D919-5D5E-44A1-87D3-A138A09B8863}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"{0CE501C0-FDCF-4D73-B12C-314C4B52CC81}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{102B6718-FC6C-417E-9224-A7EB457B3B58}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{10FAA7ED-BF56-49A0-9FE0-9B82B277744C}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{13EDE2F6-A665-4156-AF37-9447DE82A910}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe |
"{1711F7DC-8DB9-4F7A-8479-F04A13225919}" = protocol=6 | dir=in | app=d:\program files\microsoft games\age of empires iii\age3.exe |
"{1B2A3F2F-1146-4727-97EA-2CCF7BD51B64}" = protocol=17 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe |
"{2292A04C-B868-459D-B9FC-C131350CA1ED}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{23CEBD8A-3C1D-4B0E-882C-A4FCF90AB311}" = protocol=17 | dir=in | app=d:\program files\origin games\fifa 12\game\fifa.exe |
"{2424D9BB-DF60-4D8F-AE13-BC1FCB900C72}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2B8C018F-B057-4F7A-85A4-3ECF943216F9}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{3235C9BD-E643-4991-A705-710F9EA4A2D1}" = protocol=6 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe |
"{3518C955-624F-496D-B0BA-B30391ADAA38}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe |
"{3630A9D1-6A51-4B39-BEC9-4D15CCD4DDC0}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{36C40B64-DA14-4D51-8CCC-9BBDCAFA559D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{39E71065-55BB-4394-BA3A-EF8F1A446F4A}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{3A483245-06E6-43D5-8775-CE3D6B3036F7}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\empire total war\empire.exe |
"{3DA9F65D-0F1B-4AC4-93FF-931F8E04C48C}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{3E262613-34F5-40BC-9945-DD865C30B995}" = protocol=17 | dir=in | app=d:\program files\guild wars\gw.exe |
"{3EC05ED4-1271-4608-A9C0-5553C6A9AFD5}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{435BA85B-268F-4C94-9075-CEF504A1F201}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4A6297F7-5AAB-451F-AB63-6DCDC1EBEE4A}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{4C9FDD42-5D44-4FC3-8E72-410A9266A9A5}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\holdemmanager.exe |
"{4E48D4A7-54F5-4CB8-BCE4-D3D267E2B647}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{538A5A86-8353-45C0-ACAC-0C5A64CDE326}" = protocol=17 | dir=in | app=c:\windows\system32\lxbccoms.exe |
"{563115A1-0AB3-403A-A358-8CC8169C7C92}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{64526B2B-07FE-4CB9-995A-EC99BD56CEC4}" = protocol=6 | dir=in | app=d:\program files\origin games\fifa 12\game\fifa.exe |
"{67992397-B7F7-48C9-AFB8-4D2413AED5C2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{68D0A40B-8F8C-450C-AFB0-108EFC58CA95}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{690B9E13-F0F1-4C73-BE7F-F9D7DE3AB7D9}" = protocol=6 | dir=in | app=d:\program files\itunes\itunes.exe |
"{6A07AFBB-4BCF-4EA3-B508-52A3610868DC}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{6B061DED-E945-4814-B47A-FC9F738527B4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{6D04846C-3871-404E-8733-DD022C80F67F}" = protocol=17 | dir=in | app=d:\program files\tunngle\tunngle.exe |
"{723E5170-3CBE-40B8-8F55-7AD9AC5820A3}" = protocol=17 | dir=in | app=d:\program files\rockstar games\eflc\launcheflc.exe |
"{72B0DB13-159F-4B56-BE61-0FAC797EB6FF}" = protocol=6 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe |
"{750974CD-2435-4972-ADF3-F528CBC8235B}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{76DAFFCF-C701-4127-A0F9-BB5BA3FD1BB1}" = protocol=17 | dir=in | app=d:\program files\jdownloader\jdownloader.exe |
"{790146CC-0E13-491D-B8B4-BBB41C56F905}" = protocol=17 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe |
"{816D2944-2DDC-4CA2-82B1-FD5A19CBECB7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{82D89747-9AB8-4AE0-9EF0-BC90C1F3AD2B}" = protocol=6 | dir=in | app=d:\program files\rockstar games\eflc\launcheflc.exe |
"{8395DC00-59CF-451E-98B3-AA3B56F4BFE8}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{84ECAE31-FC9E-4C68-8E94-D26484B812F5}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{878CF526-CDEE-4F0B-9B48-3A33B6456523}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"{88779E37-82FB-4FF0-B070-B60C5C67BB61}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{89D5CA6B-C59E-421F-B29A-C3139E64C405}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{8D9080F5-CBB9-4D78-9741-EB29E4137EC8}" = protocol=17 | dir=in | app=d:\program files\tunngle\tnglctrl.exe |
"{8DD8DE8D-5C60-431F-94A2-2085321DF1A0}" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{8E10E4F2-102D-4313-A0C2-49FC0F8A9780}" = protocol=6 | dir=in | app=c:\windows\system32\lxbccoms.exe |
"{8F352AF1-718E-478D-A562-B315AF975D36}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\dbcontrolpanel.exe |
"{9066254F-CA05-4EAD-A4F2-C51E4E680FB5}" = protocol=17 | dir=in | app=d:\program files\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe |
"{90EE8DC0-423B-4889-8746-4EAA937158D5}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe |
"{91371408-6EF0-4D66-BA1A-CE2273A4C934}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{954EADF2-6428-4413-BDAA-9B642E192696}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{98A92B9B-2335-41B4-95F7-07262B5991EF}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\holdemmanager.exe |
"{9C32CA59-2829-4D89-9165-B97478D864BF}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{A2A87C3B-F9F4-4756-AD7E-E9AF4FC1330B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{A3D2E1C9-2EEE-4A9C-AA5F-070D9DF59537}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{B10D5103-085B-4117-9133-F70B2C643F75}" = protocol=6 | dir=in | app=d:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{B2DF138E-9D08-481D-A35C-3DF328E167AD}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{B2E8F5FC-C809-4468-89C7-7BC5F4A98AEE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3740786-CCE7-4F72-94A8-2144178CE1DC}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{B5F30A51-1A31-4C51-BA5B-81D57F176B3A}" = protocol=17 | dir=in | app=d:\program files\microsoft games\age of empires iii\age3.exe |
"{B9BA56B4-9973-4FCE-BB3F-FE3BA14D123E}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{C2C7D9BA-F032-4721-BE08-FC5CC192779B}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{C3FCFC0F-6786-4BCD-8E90-7FAC5F771B8E}" = protocol=6 | dir=in | app=d:\program files\dragon age\daoriginslauncher.exe |
"{C6EE227B-D4C8-447A-9839-F4180B9B47B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9227D88-0738-4AAF-8B83-FC1EC143C487}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{CC4BBF49-1B60-442E-89A9-B06A529E79EF}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fearxp\fearxp.exe |
"{CF275D39-5B34-4F54-9AAC-E67D11014EF2}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{D0A342DE-47F0-40E5-9DDC-26A00D484ADE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D0FF87E1-C68C-4DD2-B2D0-94E4CFC3FF1C}" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D155E9CF-FB09-493B-A41C-49B03EC8F8DB}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{D7C61099-0E88-4FC1-A2A7-BBD4B33A57D9}" = protocol=6 | dir=in | app=d:\program files\tunngle\tnglctrl.exe |
"{DA2244EA-B8AF-4632-9ED7-17EDC40614BC}" = protocol=6 | dir=in | app=d:\program files\jdownloader\jdownloader.exe |
"{DEF5CCD5-D345-4C7B-9B5E-7204566625EC}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{E013AFFF-F7CB-4D5B-AFDC-7A867571087C}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\empire total war\empire.exe |
"{E07CD312-6F7C-45E7-BA3B-DCCF6DDC235E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0C4163B-AFA6-4B91-A36D-BA5A74848E85}" = protocol=17 | dir=in | app=d:\program files\dragon age\bin_ship\daorigins.exe |
"{E1694F0D-443C-4AF3-B632-53A516E6E2D6}" = protocol=6 | dir=in | app=d:\program files\rvg software\holdem manager\hmhud.exe |
"{E2A90B3E-2D2F-4451-98BD-3965C1E50BE7}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\dbcontrolpanel.exe |
"{E2D38A28-619B-4834-AF19-44745E421847}" = protocol=6 | dir=in | app=d:\program files\guild wars\gw.exe |
"{E3419925-96B7-4252-8A83-793EC1FC6CCF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe |
"{E9B24E58-D222-416D-9A21-7000279F0571}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{EE8BC520-C3F9-4AD8-B582-718CB0F6D022}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F322ECEA-F096-411A-949E-5C828DD2E3E5}" = protocol=17 | dir=in | app=d:\program files\rvg software\holdem manager\hmhud.exe |
"{F32BC7EA-EE55-451E-83BA-2390596BCF5D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{F59FDB2E-6B16-4D9E-9E79-BAE045C89F89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA037785-B456-43D8-B5C1-23B33479A2CF}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{FA640713-D0A0-48F1-965A-F8C400DE261C}" = protocol=6 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{FBB8494F-3FBD-49A7-97CA-179BDB9729D2}" = protocol=17 | dir=in | app=d:\program files\itunes\itunes.exe |
"{FC00CB47-D4D8-400F-9E57-D4446BD637A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCD0F2B3-1DDD-4755-96DF-1356DAE8E10C}" = protocol=17 | dir=in | app=d:\program files\icq7.5\icq.exe |
"{FD842E24-0121-4040-9F34-B835AF063345}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{FE49D6DF-5DF5-4677-81B4-9CD40252F8C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{049D0E66-0298-4E8B-9358-D47E8FDB0C3F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{04F344EC-5E4D-43F6-AFCE-22EE95F7FB50}D:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=d:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"TCP Query User{08174836-18B6-4FAA-A655-2571C7877725}D:\program files\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=d:\program files\rockstar games\eflc\eflc.exe |
"TCP Query User{0C126593-312B-4AD3-863D-8400420B58B9}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{0C1461D8-90F6-4C35-AFAC-24D5E8C44CA4}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=6 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe |
"TCP Query User{0CE0CFA6-E3A7-4CD4-B0DE-3B57D98C23EB}D:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe |
"TCP Query User{124E94B1-4E62-42E7-99E3-CC7BF683C40E}D:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=d:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{1416E868-8826-47F9-BDD3-F75ED2C5181B}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{14308610-31A2-4E31-AC07-0DDBA6690333}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{1B7FE7CC-DBF3-458A-80D3-5FEA509CCE67}D:\program files\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\launcher.exe |
"TCP Query User{1D2E2B02-D8A0-42C1-8466-0A36F0902BC9}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{3C0AB35C-276B-414D-A213-E54BBBB838DF}D:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"TCP Query User{49D913CB-E95A-4154-88F6-C93E1752763F}D:\program files\winhttrack\winhttrack.exe" = protocol=6 | dir=in | app=d:\program files\winhttrack\winhttrack.exe |
"TCP Query User{4FE52CA6-24AA-40ED-BDFA-005BF946FC2A}D:\program files\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\program files\valve\portal 2\portal2.exe |
"TCP Query User{6AF44318-D101-489A-9755-24201C6661E6}D:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{6B07766E-D96C-49E9-9A06-8DA31F794839}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{6E85616E-0AC0-4DBB-A33C-812E9E52B214}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=6 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe |
"TCP Query User{74F4E9B8-5458-4F9F-98D5-44928363DB1E}D:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\program files\sopcast\sopcast.exe |
"TCP Query User{836C65D3-9920-4A7B-9412-98DB2ED728E8}D:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{90414F95-AB68-4239-BCB5-B36E9C41F391}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"TCP Query User{94F32068-74E9-43E9-99DF-E6ADAE1FC09C}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{96097F71-1DAA-461B-829A-AB480AE296D1}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{96C6F46D-7F7E-4E33-ACEB-C16A1FE2F753}D:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"TCP Query User{9ABA2525-3565-4259-A03E-24ADEF7EABE3}D:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe" = protocol=6 | dir=in | app=d:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe |
"TCP Query User{9B5354C6-39D5-4310-BC11-D6CE303EB780}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{A3890824-D3F6-4F4F-ADF3-D4E2F7ACFED5}C:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe" = protocol=6 | dir=in | app=c:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe |
"TCP Query User{AFFDAD41-1AF0-4AA9-A89B-BF912C6520A3}D:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"TCP Query User{B9B481CC-80B5-410D-9E1D-3A38ADEE3F58}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{C3276851-E358-4B72-9A07-ED0D8BF93299}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E0831070-2F42-4BA3-95CC-25B22F88277D}C:\program files\x-chat 2\xchat.exe" = protocol=6 | dir=in | app=c:\program files\x-chat 2\xchat.exe |
"TCP Query User{E4782409-E453-45AA-8C55-6FB1B41B9E28}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"TCP Query User{E89CBB6F-3FDC-4543-B1F3-49D067CCD41C}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe |
"TCP Query User{F8783AAA-F8E2-4820-884A-9E8C25DBD531}D:\program files\ubisoft\related designs\anno 1404\addon.exe" = protocol=6 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\addon.exe |
"UDP Query User{02993BB8-1AEE-451D-8FEB-F9B2BC730D15}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{0378D491-90D0-47E8-9F5F-B5BD4BA7D2D7}D:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=d:\program files\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"UDP Query User{0576D843-2AB9-4805-800C-F65355E2553E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0FBE7B06-3488-4C92-ABBF-813488D24215}D:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\program files\sopcast\sopcast.exe |
"UDP Query User{126CC74A-8A3C-42DD-AA55-32C1862A9A4A}C:\program files\activision\empires dawn of the modern world\empires_dmw.exe" = protocol=17 | dir=in | app=c:\program files\activision\empires dawn of the modern world\empires_dmw.exe |
"UDP Query User{2135D95F-6179-48A4-AB5F-23E6A6683DDE}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{22DC7004-F415-4A63-A3AB-CEA9D14A2A4D}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{24CF0632-9E3A-427B-9A89-6CFA95A0CF0F}D:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{2B0C7EDD-9757-4908-839E-CE60AD3AAB94}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{2ED5D616-E6CA-40E5-8295-2F8260D4C2D2}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{33234148-933E-406B-867E-4F6FE70750C6}D:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe" = protocol=17 | dir=in | app=d:\program files\pokerstrategy.com\pokerstrategy.com equilator\equilator.exe |
"UDP Query User{397800EC-ADF1-4E68-97E7-623353BC6BBB}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"UDP Query User{39876B57-9949-4193-B7BB-62965B7CA361}C:\program files\x-chat 2\xchat.exe" = protocol=17 | dir=in | app=c:\program files\x-chat 2\xchat.exe |
"UDP Query User{3CEC3EB6-213D-4754-AAA0-F70A7DF77DB9}D:\program files\winhttrack\winhttrack.exe" = protocol=17 | dir=in | app=d:\program files\winhttrack\winhttrack.exe |
"UDP Query User{48C2ECB9-17B2-48C5-87DB-F9B1317EB174}D:\program files\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\program files\valve\portal 2\portal2.exe |
"UDP Query User{48FBD34E-91B9-43EB-935F-3A037D8934F1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{4BF507AB-6E70-46A7-AE59-4B242C49FF87}D:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{4EB37FA1-7A9F-448A-A0B2-49D36334763F}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=17 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe |
"UDP Query User{520A5AFE-1914-4276-82DE-EFF1AB4C6528}D:\program files\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\launcher.exe |
"UDP Query User{61C080E2-1D35-4A75-AFB4-9EE03D9486F4}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{638DCCE4-D8A3-40C7-8C48-D3CF6D496BF8}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{6396DB85-D5BB-485F-87B7-A29190E1D724}D:\program files\ubisoft\related designs\anno 1404\addon.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\addon.exe |
"UDP Query User{73909B1C-8977-416E-B65E-0E7D64AB199D}D:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"UDP Query User{7EA54910-C7E0-40AB-85D4-8C00AC544246}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{810E8CAE-E004-4F84-A689-8D452C9459AB}C:\users\kevin\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\kevin\temp\teamviewer\version4\teamviewer.exe |
"UDP Query User{84787A75-BB9D-481F-88E0-DFEAFDB53536}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{8946B41A-3B34-4FD8-B8DB-25A8A8690BC0}D:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=d:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"UDP Query User{8FAF48EF-3C10-452B-AEF0-BCECCD682355}C:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe" = protocol=17 | dir=in | app=c:\users\kevin\appdata\locallow\dyyno receiver\dppm.exe |
"UDP Query User{A0FB9F23-81DB-4467-A9D0-96B933FC272A}D:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\kester532\dawn of war 2\dow2.exe |
"UDP Query User{BE02FC87-B499-4FAA-BE33-B9E5700844E5}D:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=d:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{C0D295DE-8E05-4585-843E-93FC298484EA}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"UDP Query User{F473267A-E72F-4133-B22F-74F39EAC164F}D:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{F4B67866-96DB-4695-84A5-484A19FA9DA8}D:\program files\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=d:\program files\rockstar games\eflc\eflc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{04440044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Enzyklopädie 2004
"{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{0E9389C0-0E8A-4174-A430-CFAFF29CC3A7}" = PokerStrategy.com Equilab
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{1459C671-45F3-4A58-8EA6-3B675460E51A}" = DO Kopfrechnen
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars(TM): Knights of the Old Republic (TM)
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2F8BE683-EF69-4D18-9974-DB0C1832A516}" = ICM Trainer Light
"{3230518C-2953-4FB9-8485-B3CDFCC36A70}" = Rosetta Stone Ltd Services
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{39930321-4C58-4B8B-BCBF-342698C9801D}" = Max Payne
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE2032D-B1DA-4057-9D1E-4120F8B64367}" = DSLaufzeit
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{45B4FF51-D048-46A1-AE2C-3786F2221F47}" = DSRechner
"{47EA4DDF-FD99-46B3-846C-9F3F315268AD}" = ICM Trainer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{628C3D50-F524-4C49-A958-672CE7953756}" = Der Herr der Ringe® - Die Eroberung™
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7AF9D464-6627-4FB9-AEF9-15D6C972CA84}_is1" = Minecraft Beta Version 1.7.3
"{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}" = Tom Clancy's EndWar
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{909BBDB7-BABE-434C-9124-863A9F8D1CF8}" = FEAR Extraction Point
"{90DA7F39-B9D4-4FB1-93A0-6B10F83E35E2}" = Wer wird Millionär - Party-Edition
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{99889189-C739-4A46-BA02-3B271A118957}" = F.E.A.R. Mission Perseus
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A1416622-0DDE-45B5-B06C-DFC3ED94C53B}" = Der Pate® II
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53BEB85-A538-4F93-BF0C-2D9770532D10}" = Lost Horizon
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BB47D7EA-7EF1-475C-9C14-AF5B8FCA45E2}" = Condemned - Criminal Origins
"{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}" = Clive Barker's Jericho
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C2F8468F-85AB-4D08-A68E-01D328E7B261}" = PokerStrategy.com Elephant
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms
"{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: The Complete Saga
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DC158DF7-6B36-4C6F-BC91-109014297994}" = FIFA 11 Demo
"{DEED33EE-4357-4907-8F20-C1A50CC68A5A}" = USB Joystick
"{E184BB79-61A3-4B0A-86D1-12A56C0A7270}" = Painkiller Resurrection
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E71AC707-179D-458D-A1E8-F52977CAEAB4}" = M.U.D. TV
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}" = F.E.A.R. 2 SP Demo
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB32F52B-0D1C-4214-91A6-5B2DA15A5238}" = Ad-Aware
"{FD025150-EEA0-4CAC-BED1-B9837783FCC8}" = ActivePerl 5.10.0 Build 1005
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"abgx360" = abgx360 v1.0.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"APP-Codejock.SuitePro.ActiveX.v12.0.1_is1" = Xtreme SuitePro ActiveX v12.0.1
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ask Toolbar_is1" = Ask Toolbar
"Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Black Mirror 2_is1" = Black Mirror 2
"Black Mirror III_is1" = Black Mirror III
"Brain Workshop_is1" = Brain Workshop 4.4
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dues Ex Human Revolution_is1" = Dues Ex Human Revolution
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"DyynoPlayer" = DyynoPlayer 0.8.6f.2
"EFCL SecuLauncher Error Fix v1.1 by TokZic 1.1" = EFCL SecuLauncher Error Fix v1.1 by TokZic 1.1
"Empires Dawn of the Modern World" = Empires Dawn of the Modern World
"Eraser" = Eraser
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F.E.A.R. 3_is1" = F.E.A.R. 3
"F.E.A.R.2 Reborn_is1" = F.E.A.R.2 Reborn
"FeedReader_is1" = FeedReader
"FileZilla Client" = FileZilla Client 3.3.4.1
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Billiards 2008_is1" = Free Billiards 2008
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Game Booster_is1" = Game Booster
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"GNU Aspell_is1" = GNU Aspell 0.50-3
"Google Updater" = Google Updater
"Graffiti Studio 2.0_is1" = Graffiti Studio 2.0
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"Guild Wars" = GUILD WARS
"HijackThis" = HijackThis 2.0.2
"HoldemManager" = Holdem Manager
"ICQToolbar" = ICQ Toolbar
"ImgBurn" = ImgBurn
"InstallShield_{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: Die Komplette Saga
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"JDownloader" = JDownloader
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Lexmark 510 Series" = Lexmark 510 Series
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mikogo" = Mikogo
"MobMap_is1" = MobMap 3.55
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MyMDb_0" = MyMDb 3.6
"Nero - Burning Rom!UninstallKey" = Ahead Nero OEM
"NeroVision!UninstallKey" = Ahead NeroVision Express
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.0.9-gui-1.0.3
"Origin" = Origin
"PartyPoker" = PartyPoker
"Pidgin" = Pidgin
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"Postal 2_is1" = Portal 2
"PostgreSQL 8.3" = PostgreSQL 8.3
"PostgreSQL 8.4" = PostgreSQL 8.4
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Proxifier_is1" = Proxifier version 2.7
"PunkBusterSvc" = PunkBuster Services
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"QuickPar" = QuickPar 0.9
"RealPlayer 12.0" = RealPlayer
"Schlag den Raab_is1" = Schlag den Raab
"Shockwave" = Shockwave
"SitNGoWizard" = SitNGo Wizard
"SMPlayer_is1" = SMPlayer 0.6.6
"SopCast" = SopCast 3.2.4
"Steam App 10500" = Empire: Total War
"Steam App 240" = Counter-Strike: Source
"Steam App 400" = Portal
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 500" = Left 4 Dead
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"TeamViewer 6" = TeamViewer 6
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TrueCrypt" = TrueCrypt
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"UseNeXT_is1" = UseNeXT
"VirusTotalUploader" = VirusTotal Uploader
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"Visual Basic 6.0 Professional Edition (deu)" = Microsoft Visual Basic 6.0 Professional Edition (Deutsch)
"VLC media player" = VLC media player 0.9.8a
"Warcraft III" = Warcraft III
"WebMoney Agent" = WebMoney Agent
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.5
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Wecker 2.2" = Wecker 2.2 2.2
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
"WinPatrol" = WinPatrol 2008
"WinRAR archiver" = WinRAR
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"World of Warcraft" = World of Warcraft
"xampp" = XAMPP 1.7.1
"X-Chat 2_is1" = X-Chat 2.8.6-2
"Xfire" = Xfire (remove only)
"XnView_is1" = XnView 1.96.5
"xp-AntiSpy" = xp-AntiSpy 3.97
"Zygor Guides" = Zygor Guides
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"360WAVESPATCHERCLT" = 360WavesPatcher (Client setup)
"BrainGame" = Dr Kawashima
"Google Chrome" = Google Chrome
"Runic Games Torchlight" = Torchlight
"sc10-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Universal Replayer" = Universal Replayer
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 23.02.2012 13:13:01 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-23 18:13:01 CETFATAL: role "SYSTEM" does not exist
Error - 23.02.2012 13:13:03 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-23 18:13:03 CETFATAL: role "SYSTEM" does not exist
Error - 23.02.2012 13:13:04 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-23 18:13:04 CETFATAL: role "SYSTEM" does not exist
Error - 23.02.2012 13:13:05 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-23 18:13:05 CETFATAL: role "SYSTEM" does not exist
Error - 23.02.2012 13:13:06 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-23 18:13:06 CETFATAL: role "SYSTEM" does not exist
Error - 23.02.2012 13:13:07 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-23 18:13:07 CETFATAL: role "SYSTEM" does not exist
Error - 23.02.2012 13:13:08 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-23 18:13:08 CETFATAL: role "SYSTEM" does not exist
Error - 23.02.2012 13:13:09 | Computer Name = Kevin-PC | Source = PostgreSQL | ID = 0
Description = 2012-02-23 18:13:09 CETFATAL: role "SYSTEM" does not exist
Error - 23.02.2012 15:04:54 | Computer Name = Kevin-PC | Source = ESENT | ID = 490
Description = Windows (3232) Windows: Versuch, Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 23.02.2012 15:04:54 | Computer Name = Kevin-PC | Source = ESENT | ID = 439
Description = Windows (3232) Windows: Die Shadowkopfzeile für Datei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
konnte nicht geschrieben werden. Fehler -1032.
[ SitNGoWizard Events ]
Error - 18.10.2011 13:22:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:20 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:21 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:30 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:30 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 26.12.2011 13:44:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 26.12.2011 13:44:40 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 12.01.2012 16:45:46 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
Error - 12.01.2012 16:45:47 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = bei System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) bei System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) bei System.Windows.Forms.Control.Invoke(Delegate method)
bei SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e)
bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)
Error - 05.02.2012 17:31:48 | Computer Name = Kevin-PC | Source = SitNGoWizard | ID = 1
Description = Invoke oder BeginInvoke kann für ein Steuerelement erst aufgerufen
werden, wenn das Fensterhandle erstellt wurde.
[ System Events ]
Error - 23.02.2012 13:06:21 | Computer Name = Kevin-PC | Source = DCOM | ID = 10005
Description =
Error - 23.02.2012 13:06:21 | Computer Name = Kevin-PC | Source = DCOM | ID = 10005
Description =
Error - 23.02.2012 13:06:21 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.02.2012 13:06:21 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.02.2012 13:06:30 | Computer Name = Kevin-PC | Source = DCOM | ID = 10005
Description =
Error - 23.02.2012 13:06:55 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.02.2012 13:06:59 | Computer Name = Kevin-PC | Source = DCOM | ID = 10005
Description =
Error - 23.02.2012 13:07:01 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.02.2012 13:11:52 | Computer Name = Kevin-PC | Source = HTTP | ID = 15016
Description =
Error - 23.02.2012 13:13:11 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description =
[ TuneUp Events ]
Error - 19.02.2012 06:07:25 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-19 11:07:25', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','728',0)
Error - 19.02.2012 10:30:41 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-19 15:30:41', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','3208',0)
Error - 20.02.2012 07:11:41 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-20 12:11:41', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4244',0)
Error - 20.02.2012 17:25:52 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-20 22:25:52', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4452',0)
Error - 21.02.2012 06:11:38 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-21 11:11:38', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4152',0)
Error - 21.02.2012 18:28:32 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-21 23:28:32', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','2212',0)
Error - 22.02.2012 07:01:43 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-22 12:01:43', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4292',0)
Error - 23.02.2012 07:13:30 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-23 12:13:30', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','1248',0)
Error - 23.02.2012 12:51:27 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-23 17:51:27', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','5876',0)
Error - 23.02.2012 13:15:15 | Computer Name = Kevin-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-02-23 18:15:15', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','4700',0)
< End of report >
[/code] |
|
24.02.2012, 12:43
| #21 |
| | Windows wurde blockiert Hi, das Teil kommt über eine Sicherheitslücke beim Surfen rein, daher nur noch einen Guest-Account nutzen... Fix für OTL:
Code:
ATTFilter
:OTL
SRV - (BVWYVEOMKJJ) -- File not found
IE - HKLM\..\URLSearchHook: - SOFTWARE\Classes\CLSID\\LocalServer32 File not found
O1 - Hosts: ::1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
@Alternate Data Stream - 72 bytes -> C:\Windows:437DA1922D9BCD1B
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:A7D1EA69
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A064CECC
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:41ADDB8A
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:05EE1EEF
:Commands
[emptytemp]
[Reboot]
Zustätzlich MAM updaten und Fullscan... Es wurde ein Treiber installiert, daher auch noch mal den Killer laufen lassen... und MBR-Check Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.
chris
__________________ --> Windows wurde blockiert |
|
27.02.2012, 12:30
| #22 |
| | Windows wurde blockiert Sorry wiedermal das ich solang brauch um zu antworten. OTL: Code:
ATTFilter All processes killed
========== OTL ==========
Service BVWYVEOMKJJ stopped successfully!
Service BVWYVEOMKJJ deleted successfully!
File File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
::1 localhost removed from HOSTS file successfully
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ deleted successfully.
C:\Programme\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
ADS C:\Windows:437DA1922D9BCD1B deleted successfully.
ADS C:\ProgramData\Temp:A7D1EA69 deleted successfully.
ADS C:\ProgramData\Temp:A064CECC deleted successfully.
ADS C:\ProgramData\Temp:41ADDB8A deleted successfully.
ADS C:\ProgramData\Temp:05EE1EEF deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kevin
->Temp folder emptied: 14069581 bytes
->Temporary Internet Files folder emptied: 4366143 bytes
->Java cache emptied: 7972 bytes
->FireFox cache emptied: 45266896 bytes
->Google Chrome cache emptied: 56490186 bytes
->Flash cache emptied: 2113 bytes
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: x
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 590304 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 115,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 02242012_211441
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
27.02.2012, 12:30
| #23 |
| | Windows wurde blockiert MAM Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.02.23.02 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 7.0.6001.18000 Kevin :: KEVIN-PC [Administrator] Schutz: Deaktiviert 23.02.2012 18:53:24 mbam-log-2012-02-23 (18-53-24).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 536603 Laufzeit: 3 Stunde(n), 25 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende)  |
|
27.02.2012, 15:38
| #24 |
| | Windows wurde blockiertCode:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 1 (build 6001), 32-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x0000007d
Kernel Drivers (total 148):
0x81C13000 \SystemRoot\system32\ntkrnlpa.exe
0x81FCC000 \SystemRoot\system32\hal.dll
0x8040A000 \SystemRoot\system32\kdcom.dll
0x80412000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80472000 \SystemRoot\system32\PSHED.dll
0x80483000 \SystemRoot\system32\BOOTVID.dll
0x8048B000 \SystemRoot\system32\CLFS.SYS
0x804CC000 \SystemRoot\system32\CI.dll
0x8060A000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80686000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80693000 \SystemRoot\system32\drivers\acpi.sys
0x806D9000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806E2000 \SystemRoot\system32\drivers\msisadrv.sys
0x806EA000 \SystemRoot\system32\drivers\pci.sys
0x80711000 \SystemRoot\System32\drivers\partmgr.sys
0x80720000 \SystemRoot\system32\drivers\volmgr.sys
0x8072F000 \SystemRoot\System32\drivers\volmgrx.sys
0x80779000 \SystemRoot\system32\drivers\pciide.sys
0x80780000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8078E000 \SystemRoot\System32\drivers\mountmgr.sys
0x8079E000 \SystemRoot\system32\drivers\atapi.sys
0x807A6000 \SystemRoot\system32\drivers\ataport.SYS
0x807C4000 \SystemRoot\system32\drivers\fltmgr.sys
0x805AC000 \SystemRoot\system32\drivers\fileinfo.sys
0x805BC000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x8220A000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8227B000 \SystemRoot\system32\drivers\ndis.sys
0x82386000 \SystemRoot\system32\drivers\msrpc.sys
0x823B1000 \SystemRoot\system32\drivers\NETIO.SYS
0x8A60A000 \SystemRoot\System32\drivers\tcpip.sys
0x8A6F1000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8A803000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8A912000 \SystemRoot\system32\drivers\volsnap.sys
0x8A94B000 \SystemRoot\System32\Drivers\spldr.sys
0x8A953000 \SystemRoot\System32\Drivers\mup.sys
0x8A962000 \SystemRoot\System32\drivers\ecache.sys
0x8A989000 \SystemRoot\system32\drivers\disk.sys
0x8A99A000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8A9BB000 \SystemRoot\system32\drivers\crcdisk.sys
0x8A9E4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8A9EF000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8A70C000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8EE00000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8F562000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x8A71B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8F564000 \SystemRoot\System32\drivers\watchdog.sys
0x8F571000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8F57C000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F5BA000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F5C9000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8F5DB000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8A7BA000 \SystemRoot\system32\DRIVERS\fdc.sys
0x8A9F8000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x8A7C5000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8A7D8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8A7E3000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x805CB000 \SystemRoot\system32\DRIVERS\serial.sys
0x8A7EE000 \SystemRoot\system32\DRIVERS\serenum.sys
0x8A7F8000 \SystemRoot\System32\Drivers\ElbyCDFL.sys
0x805E5000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8A600000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8F60E000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8F63C000 \SystemRoot\system32\DRIVERS\storport.sys
0x8F67D000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8F688000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F69F000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8F6AA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8F6CD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8F6DC000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8F6F0000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8F705000 \SystemRoot\system32\DRIVERS\hamachi.sys
0x8F70A000 \SystemRoot\system32\DRIVERS\tap0801.sys
0x8F715000 \SystemRoot\system32\DRIVERS\tap0901t.sys
0x8F720000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8F730000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8F732000 \SystemRoot\system32\DRIVERS\ks.sys
0x8F75C000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x8F799000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8F7A3000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8F7B0000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8F7E4000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0x8F7EE000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x91C06000 \SystemRoot\system32\drivers\viahduaa.sys
0x91CE3000 \SystemRoot\system32\drivers\portcls.sys
0x91D10000 \SystemRoot\system32\drivers\drmk.sys
0x91D35000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x91D3E000 \SystemRoot\System32\Drivers\Null.SYS
0x91D45000 \SystemRoot\System32\Drivers\Beep.SYS
0x91D4C000 \SystemRoot\System32\drivers\vga.sys
0x91D58000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x91D79000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x91D81000 \SystemRoot\system32\drivers\rdpencdd.sys
0x91D89000 \SystemRoot\System32\Drivers\Msfs.SYS
0x91D94000 \SystemRoot\System32\Drivers\Npfs.SYS
0x91DA2000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x91DAB000 \SystemRoot\system32\DRIVERS\tdx.sys
0x91DC1000 \SystemRoot\system32\DRIVERS\smb.sys
0x91E02000 \SystemRoot\system32\drivers\afd.sys
0x91E4A000 \SystemRoot\System32\DRIVERS\netbt.sys
0x91E7C000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x91E85000 \SystemRoot\system32\DRIVERS\pacer.sys
0x91E9B000 \SystemRoot\system32\DRIVERS\netbios.sys
0x91EA9000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x91EBC000 \SystemRoot\System32\drivers\truecrypt.sys
0x91EF1000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x91EF7000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x91F33000 \SystemRoot\system32\drivers\nsiproxy.sys
0x91F3D000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x91F42000 \SystemRoot\System32\Drivers\dfsc.sys
0x91F59000 \SystemRoot\system32\DRIVERS\avkmgr.sys
0x91F65000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x91F8A000 \SystemRoot\System32\Drivers\crashdmp.sys
0x91F97000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x91FA2000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x91FAA000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x91FB4000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x996F0000 \SystemRoot\System32\win32k.sys
0x91FB6000 \SystemRoot\System32\drivers\Dxapi.sys
0x91FC0000 \SystemRoot\system32\DRIVERS\monitor.sys
0x99910000 \SystemRoot\System32\TSDDD.dll
0x99930000 \SystemRoot\System32\cdd.dll
0x91FCF000 \SystemRoot\system32\drivers\luafv.sys
0x91DD5000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x9EE0D000 \SystemRoot\system32\drivers\spsys.sys
0x9EEBC000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9EECC000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9EEDF000 \SystemRoot\system32\drivers\HTTP.sys
0x9EF4A000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x9EF53000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9EF70000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9EF89000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9EF9E000 \SystemRoot\system32\drivers\mrxdav.sys
0x9EFBE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA240E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA2447000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA245F000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA2486000 \SystemRoot\System32\DRIVERS\srv.sys
0xA24D2000 \??\C:\Windows\system32\drivers\acedrv11.sys
0xA24FE000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xA2541000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xAD20C000 \SystemRoot\system32\drivers\peauth.sys
0xAD2EA000 \SystemRoot\System32\Drivers\secdrv.SYS
0xAD2F4000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAD300000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xAD316000 \??\C:\Windows\system32\FsUsbExDisk.SYS
0xAD31F000 \??\C:\Windows\system32\drivers\mbam.sys
0xAD323000 \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
0x77700000 \Windows\System32\ntdll.dll
Processes (total 89):
0 System Idle Process
4 SYSTEM
416 C:\Windows\System32\smss.exe
492 csrss.exe
556 C:\Windows\System32\wininit.exe
568 csrss.exe
600 C:\Windows\System32\services.exe
612 C:\Windows\System32\lsass.exe
620 C:\Windows\System32\lsm.exe
660 C:\Windows\System32\winlogon.exe
824 C:\Windows\System32\svchost.exe
876 C:\Windows\System32\nvvsvc.exe
888 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
924 C:\Windows\System32\svchost.exe
976 C:\Windows\System32\svchost.exe
1048 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\svchost.exe
1216 C:\Windows\System32\audiodg.exe
1240 C:\Windows\System32\svchost.exe
1260 C:\Windows\System32\SLsvc.exe
1316 C:\Windows\System32\svchost.exe
1364 C:\Windows\System32\rundll32.exe
1468 C:\Windows\System32\svchost.exe
1560 C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
1764 C:\Windows\System32\LEXBCES.EXE
1788 C:\Windows\System32\LEXPPS.EXE
1856 C:\Windows\System32\spoolsv.exe
1908 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1932 C:\Windows\System32\svchost.exe
316 C:\Windows\System32\dwm.exe
320 C:\Windows\System32\taskeng.exe
12 C:\Windows\explorer.exe
1348 C:\Windows\System32\taskeng.exe
2296 C:\Program Files\Windows Defender\MSASCui.exe
2312 C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
2320 C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
2340 C:\Program Files\Real\RealPlayer\Update\realsched.exe
2392 C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
2440 C:\Windows\System32\rundll32.exe
2464 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
2472 C:\Program Files\Windows Sidebar\sidebar.exe
2480 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
2492 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2516 D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
2936 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
2964 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
2984 C:\Program Files\Bonjour\mDNSResponder.exe
3020 C:\Windows\System32\FsUsbExService.Exe
3200 C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
3272 C:\Program Files\ICQ6Toolbar\ICQ Service.exe
3288 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
3316 C:\Windows\System32\lxbccoms.exe
3364 C:\Windows\System32\PnkBstrA.exe
3376 C:\Windows\System32\PnkBstrB.exe
3388 C:\Windows\System32\svchost.exe
3448 C:\Windows\System32\svchost.exe
3664 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
3708 C:\Windows\System32\TUProgSt.exe
3728 D:\Program Files\Tunngle\TnglCtrl.exe
3760 C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
3868 C:\Windows\System32\svchost.exe
3912 C:\Windows\System32\SearchIndexer.exe
4004 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
808 C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
2056 C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
2052 C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
1592 C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
820 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
1508 unsecapp.exe
3840 WmiPrvSE.exe
1292 C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
1196 C:\Program Files\Google\Update\GoogleUpdate.exe
3832 C:\Program Files\Google\Update\1.3.21.99\GoogleCrashHandler.exe
2696 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
3816 C:\Program Files\Avira\AntiVir Desktop\avscan.exe
464 C:\Program Files\Avira\AntiVir Desktop\avscan.exe
1732 C:\Windows\System32\VSSVC.exe
2292 C:\Windows\System32\svchost.exe
2148 C:\Users\Kevin\AppData\Local\Google\Chrome\Application\chrome.exe
916 C:\Users\Kevin\AppData\Local\Google\Chrome\Application\chrome.exe
4220 C:\Windows\System32\rundll32.exe
4228 C:\Users\Kevin\AppData\Local\Google\Chrome\Application\chrome.exe
4928 D:\Program Files\Mozilla Firefox\firefox.exe
5296 D:\Program Files\Mozilla Firefox\plugin-container.exe
3604 C:\Windows\System32\SearchProtocolHost.exe
5676 C:\Windows\System32\SearchFilterHost.exe
5584 C:\Users\Kevin\Desktop\MBRCheck.exe
5844 C:\Windows\System32\conime.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000030`d4100000 (NTFS)
PhysicalDrive0 Model Number: SAMSUNGHD501LJ, Rev: CR100-13
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
Done!
|
|
27.02.2012, 16:47
| #25 |
| | Windows wurde blockiert Hi, bitte noch Killer... Da der Treiber "unsichtbar" war, sollten wir noch GMER bemühen... Gmer: http://www.trojaner-board.de/74908-a...t-scanner.html Den Downloadlink findest Du links oben (GMER - Rootkit Detector and Remover), dort dann auf den Button "Download EXE", dabei wird ein zufälliger Name generiert (den und den Pfad wo Du sie gespeichert hast bitte merken). Starte GMER und schaue, ob es schon was meldet. Macht es das, bitte alle Fragen mit "nein" beantworten, auf den Reiter "rootkit" gehen, wiederum die Frage mit "nein" beantworten und mit Hilfe von copy den Bericht in den Thread einfügen. Meldet es so nichts, gehe auf den Reiter Rootkit und mache einen Scan. Ist dieser beendet, wähle Copy und füge den Bericht ein. Stürzt GMER ab, bitte im abgesicherten Modus (F8 beim Booten) probieren! chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
27.02.2012, 18:28
| #26 |
| | Windows wurde blockiert Hi, sorry das mit dem Killer hab ich ganz überlesen... Hab wieder bei allen Fünden Skip gemacht. Code:
ATTFilter 18:26:29.0154 5824 TDSS rootkit removing tool 2.7.15.0 Feb 27 2012 12:59:02
18:26:29.0263 5824 ============================================================
18:26:29.0263 5824 Current date / time: 2012/02/27 18:26:29.0263
18:26:29.0263 5824 SystemInfo:
18:26:29.0263 5824
18:26:29.0263 5824 OS Version: 6.0.6001 ServicePack: 1.0
18:26:29.0263 5824 Product type: Workstation
18:26:29.0263 5824 ComputerName: KEVIN-PC
18:26:29.0263 5824 UserName: Kevin
18:26:29.0263 5824 Windows directory: C:\Windows
18:26:29.0263 5824 System windows directory: C:\Windows
18:26:29.0263 5824 Processor architecture: Intel x86
18:26:29.0263 5824 Number of processors: 4
18:26:29.0263 5824 Page size: 0x1000
18:26:29.0263 5824 Boot type: Normal boot
18:26:29.0263 5824 ============================================================
18:26:30.0417 5824 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:26:30.0417 5824 \Device\Harddisk0\DR0:
18:26:30.0433 5824 MBR used
18:26:30.0433 5824 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x186A0000
18:26:30.0433 5824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x21CE5000
18:26:30.0542 5824 Initialize success
18:26:30.0542 5824 ============================================================
18:26:55.0611 5336 ============================================================
18:26:55.0611 5336 Scan started
18:26:55.0611 5336 Mode: Manual; SigCheck; TDLFS;
18:26:55.0611 5336 ============================================================
18:26:56.0345 5336 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
18:26:56.0485 5336 acedrv11 - ok
18:26:56.0516 5336 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
18:26:56.0532 5336 ACPI - ok
18:26:56.0563 5336 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
18:26:56.0579 5336 adp94xx - ok
18:26:56.0594 5336 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
18:26:56.0610 5336 adpahci - ok
18:26:56.0625 5336 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
18:26:56.0641 5336 adpu160m - ok
18:26:56.0641 5336 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
18:26:56.0657 5336 adpu320 - ok
18:26:56.0688 5336 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
18:26:56.0781 5336 AFD - ok
18:26:56.0781 5336 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:26:56.0797 5336 agp440 - ok
18:26:56.0797 5336 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:26:56.0813 5336 aic78xx - ok
18:26:56.0844 5336 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:26:56.0859 5336 aliide - ok
18:26:56.0875 5336 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:26:56.0875 5336 amdagp - ok
18:26:56.0891 5336 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:26:56.0906 5336 amdide - ok
18:26:56.0906 5336 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:26:56.0953 5336 AmdK7 - ok
18:26:56.0953 5336 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
18:26:56.0984 5336 AmdK8 - ok
18:26:57.0047 5336 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:26:57.0047 5336 arc - ok
18:26:57.0062 5336 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:26:57.0062 5336 arcsas - ok
18:26:57.0078 5336 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:26:57.0109 5336 AsyncMac - ok
18:26:57.0140 5336 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
18:26:57.0140 5336 atapi - ok
18:26:57.0171 5336 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
18:26:57.0187 5336 atksgt - ok
18:26:57.0218 5336 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
18:26:57.0234 5336 avgntflt - ok
18:26:57.0249 5336 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
18:26:57.0249 5336 avipbb - ok
18:26:57.0281 5336 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
18:26:57.0281 5336 avkmgr - ok
18:26:57.0296 5336 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:26:57.0359 5336 Beep - ok
18:26:57.0374 5336 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
18:26:57.0421 5336 blbdrive - ok
18:26:57.0437 5336 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
18:26:57.0468 5336 bowser - ok
18:26:57.0483 5336 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:26:57.0530 5336 BrFiltLo - ok
18:26:57.0530 5336 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:26:57.0561 5336 BrFiltUp - ok
18:26:57.0593 5336 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:26:57.0717 5336 Brserid - ok
18:26:57.0733 5336 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:26:57.0780 5336 BrSerWdm - ok
18:26:57.0795 5336 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:26:57.0842 5336 BrUsbMdm - ok
18:26:57.0858 5336 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:26:57.0905 5336 BrUsbSer - ok
18:26:57.0920 5336 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:26:57.0967 5336 BTHMODEM - ok
18:26:57.0983 5336 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:26:57.0998 5336 cdfs - ok
18:26:58.0029 5336 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
18:26:58.0045 5336 cdrom - ok
18:26:58.0076 5336 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
18:26:58.0107 5336 circlass - ok
18:26:58.0123 5336 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
18:26:58.0139 5336 CLFS - ok
18:26:58.0154 5336 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
18:26:58.0170 5336 cmdide - ok
18:26:58.0170 5336 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
18:26:58.0185 5336 Compbatt - ok
18:26:58.0201 5336 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
18:26:58.0217 5336 crcdisk - ok
18:26:58.0232 5336 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
18:26:58.0248 5336 Crusoe - ok
18:26:58.0279 5336 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
18:26:58.0310 5336 DfsC - ok
18:26:58.0310 5336 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
18:26:58.0326 5336 disk - ok
18:26:58.0357 5336 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:26:58.0388 5336 drmkaud - ok
18:26:58.0419 5336 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:26:58.0419 5336 dtsoftbus01 - ok
18:26:58.0451 5336 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
18:26:58.0497 5336 DXGKrnl - ok
18:26:58.0529 5336 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:26:58.0560 5336 E1G60 - ok
18:26:58.0575 5336 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
18:26:58.0591 5336 Ecache - ok
18:26:58.0622 5336 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
18:26:58.0638 5336 ElbyCDFL - ok
18:26:58.0653 5336 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\Windows\system32\Drivers\ElbyCDIO.sys
18:26:58.0669 5336 ElbyCDIO - ok
18:26:58.0685 5336 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
18:26:58.0700 5336 elxstor - ok
18:26:58.0731 5336 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
18:26:58.0763 5336 ErrDev - ok
18:26:58.0794 5336 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
18:26:58.0856 5336 exfat - ok
18:26:58.0887 5336 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
18:26:58.0950 5336 fastfat - ok
18:26:58.0981 5336 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
18:26:59.0012 5336 fdc - ok
18:26:59.0028 5336 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:26:59.0028 5336 FileInfo - ok
18:26:59.0059 5336 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:26:59.0090 5336 Filetrace - ok
18:26:59.0106 5336 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:26:59.0153 5336 flpydisk - ok
18:26:59.0168 5336 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
18:26:59.0184 5336 FltMgr - ok
18:26:59.0231 5336 FsUsbExDisk (10398b515653442a5b89fdf6a1d06180) C:\Windows\system32\FsUsbExDisk.SYS
18:26:59.0246 5336 FsUsbExDisk - ok
18:26:59.0246 5336 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:26:59.0293 5336 Fs_Rec - ok
18:26:59.0309 5336 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
18:26:59.0324 5336 gagp30kx - ok
18:26:59.0340 5336 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:26:59.0340 5336 GEARAspiWDM - ok
18:26:59.0387 5336 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
18:26:59.0387 5336 hamachi - ok
18:26:59.0418 5336 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:26:59.0465 5336 HdAudAddService - ok
18:26:59.0480 5336 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:26:59.0511 5336 HDAudBus - ok
18:26:59.0527 5336 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:26:59.0574 5336 HidBth - ok
18:26:59.0621 5336 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:26:59.0683 5336 HidIr - ok
18:26:59.0730 5336 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
18:26:59.0761 5336 HidUsb - ok
18:26:59.0777 5336 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
18:26:59.0792 5336 HpCISSs - ok
18:26:59.0823 5336 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
18:26:59.0870 5336 HTTP - ok
18:26:59.0886 5336 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
18:26:59.0901 5336 i2omp - ok
18:26:59.0901 5336 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:26:59.0933 5336 i8042prt - ok
18:26:59.0948 5336 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
18:26:59.0964 5336 iaStorV - ok
18:26:59.0979 5336 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:26:59.0995 5336 iirsp - ok
18:27:00.0011 5336 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:27:00.0026 5336 intelide - ok
18:27:00.0042 5336 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:27:00.0073 5336 intelppm - ok
18:27:00.0089 5336 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:27:00.0120 5336 IpFilterDriver - ok
18:27:00.0120 5336 IpInIp - ok
18:27:00.0167 5336 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
18:27:00.0198 5336 IPMIDRV - ok
18:27:00.0229 5336 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:27:00.0260 5336 IPNAT - ok
18:27:00.0276 5336 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:27:00.0307 5336 IRENUM - ok
18:27:00.0323 5336 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
18:27:00.0338 5336 isapnp - ok
18:27:00.0369 5336 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
18:27:00.0385 5336 iScsiPrt - ok
18:27:00.0401 5336 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:27:00.0416 5336 iteatapi - ok
18:27:00.0432 5336 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:27:00.0432 5336 iteraid - ok
18:27:00.0463 5336 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:27:00.0463 5336 kbdclass - ok
18:27:00.0479 5336 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
18:27:00.0494 5336 kbdhid - ok
18:27:00.0525 5336 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
18:27:00.0541 5336 KSecDD - ok
18:27:00.0650 5336 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
18:27:00.0666 5336 Lavasoft Kernexplorer - ok
18:27:00.0681 5336 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
18:27:00.0681 5336 Lbd - ok
18:27:00.0713 5336 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
18:27:00.0728 5336 lirsgt - ok
18:27:00.0744 5336 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:27:00.0775 5336 lltdio - ok
18:27:00.0806 5336 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
18:27:00.0822 5336 LSI_FC - ok
18:27:00.0837 5336 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
18:27:00.0853 5336 LSI_SAS - ok
18:27:00.0869 5336 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
18:27:00.0884 5336 LSI_SCSI - ok
18:27:00.0884 5336 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:27:00.0915 5336 luafv - ok
18:27:00.0962 5336 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
18:27:00.0978 5336 MBAMProtector - ok
18:27:00.0993 5336 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
18:27:01.0009 5336 megasas - ok
18:27:01.0025 5336 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
18:27:01.0040 5336 MegaSR - ok
18:27:01.0071 5336 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:27:01.0087 5336 Modem - ok
18:27:01.0118 5336 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:27:01.0165 5336 monitor - ok
18:27:01.0290 5336 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:27:01.0290 5336 mouclass - ok
18:27:01.0337 5336 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
18:27:01.0368 5336 mouhid - ok
18:27:01.0383 5336 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:27:01.0383 5336 MountMgr - ok
18:27:01.0415 5336 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
18:27:01.0415 5336 mpio - ok
18:27:01.0446 5336 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:27:01.0477 5336 mpsdrv - ok
18:27:01.0508 5336 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:27:01.0524 5336 Mraid35x - ok
18:27:01.0539 5336 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
18:27:01.0586 5336 MRxDAV - ok
18:27:01.0602 5336 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:27:01.0633 5336 mrxsmb - ok
18:27:01.0664 5336 mrxsmb10 (0a986b34f1678a2697574d7b1664e2dd) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:27:01.0727 5336 mrxsmb10 - ok
18:27:01.0727 5336 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:27:01.0758 5336 mrxsmb20 - ok
18:27:01.0789 5336 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
18:27:01.0789 5336 msahci - ok
18:27:01.0820 5336 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
18:27:01.0820 5336 msdsm - ok
18:27:01.0836 5336 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:27:01.0883 5336 Msfs - ok
18:27:01.0883 5336 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:27:01.0898 5336 msisadrv - ok
18:27:01.0914 5336 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:27:01.0945 5336 MSKSSRV - ok
18:27:01.0976 5336 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:27:02.0007 5336 MSPCLOCK - ok
18:27:02.0023 5336 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:27:02.0039 5336 MSPQM - ok
18:27:02.0054 5336 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
18:27:02.0070 5336 MsRPC - ok
18:27:02.0085 5336 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:27:02.0101 5336 mssmbios - ok
18:27:02.0117 5336 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:27:02.0163 5336 MSTEE - ok
18:27:02.0195 5336 MTsensor (dcdaab8697a47894a554050ce18d0b56) C:\Windows\system32\DRIVERS\ASACPI.sys
18:27:02.0226 5336 MTsensor - ok
18:27:02.0257 5336 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
18:27:02.0257 5336 Mup - ok
18:27:02.0288 5336 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
18:27:02.0319 5336 NativeWifiP - ok
18:27:02.0366 5336 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
18:27:02.0382 5336 NDIS - ok
18:27:02.0397 5336 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:27:02.0429 5336 NdisTapi - ok
18:27:02.0444 5336 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:27:02.0475 5336 Ndisuio - ok
18:27:02.0491 5336 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
18:27:02.0507 5336 NdisWan - ok
18:27:02.0522 5336 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:27:02.0569 5336 NDProxy - ok
18:27:02.0585 5336 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:27:02.0616 5336 NetBIOS - ok
18:27:02.0647 5336 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
18:27:02.0694 5336 netbt - ok
18:27:02.0709 5336 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:27:02.0725 5336 nfrd960 - ok
18:27:02.0741 5336 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
18:27:02.0772 5336 Npfs - ok
18:27:02.0803 5336 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:27:02.0834 5336 nsiproxy - ok
18:27:02.0865 5336 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
18:27:02.0912 5336 Ntfs - ok
18:27:02.0928 5336 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:27:03.0068 5336 ntrigdigi - ok
18:27:03.0084 5336 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:27:03.0115 5336 Null - ok
18:27:03.0365 5336 nvlddmkm (0013f8cf1322487fb247eae56ef0ed90) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:27:03.0614 5336 nvlddmkm - ok
18:27:03.0630 5336 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
18:27:03.0645 5336 nvraid - ok
18:27:03.0661 5336 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
18:27:03.0677 5336 nvstor - ok
18:27:03.0692 5336 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
18:27:03.0708 5336 nv_agp - ok
18:27:03.0708 5336 NwlnkFlt - ok
18:27:03.0723 5336 NwlnkFwd - ok
18:27:03.0739 5336 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
18:27:03.0786 5336 ohci1394 - ok
18:27:03.0817 5336 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:27:03.0879 5336 Parport - ok
18:27:03.0895 5336 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
18:27:03.0895 5336 partmgr - ok
18:27:03.0911 5336 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:27:03.0973 5336 Parvdm - ok
18:27:03.0989 5336 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
18:27:04.0004 5336 pci - ok
18:27:04.0020 5336 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
18:27:04.0035 5336 pciide - ok
18:27:04.0051 5336 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:27:04.0067 5336 pcmcia - ok
18:27:04.0113 5336 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:27:04.0176 5336 PEAUTH - ok
18:27:04.0238 5336 PnkBstrK (db7f8840c92865ca6f3d2db063a5b999) C:\Windows\system32\drivers\PnkBstrK.sys
18:27:04.0238 5336 PnkBstrK - ok
18:27:04.0269 5336 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:27:04.0316 5336 PptpMiniport - ok
18:27:04.0316 5336 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
18:27:04.0347 5336 Processor - ok
18:27:04.0394 5336 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
18:27:04.0441 5336 PSched - ok
18:27:04.0472 5336 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
18:27:04.0503 5336 ql2300 - ok
18:27:04.0535 5336 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:27:04.0535 5336 ql40xx - ok
18:27:04.0566 5336 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:27:04.0581 5336 QWAVEdrv - ok
18:27:04.0597 5336 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:27:04.0628 5336 RasAcd - ok
18:27:04.0644 5336 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:27:04.0659 5336 Rasl2tp - ok
18:27:04.0675 5336 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
18:27:04.0706 5336 RasPppoe - ok
18:27:04.0737 5336 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
18:27:04.0753 5336 RasSstp - ok
18:27:04.0784 5336 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
18:27:04.0800 5336 rdbss - ok
18:27:04.0815 5336 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:27:04.0831 5336 RDPCDD - ok
18:27:04.0862 5336 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
18:27:04.0893 5336 rdpdr - ok
18:27:04.0893 5336 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:27:04.0925 5336 RDPENCDD - ok
18:27:04.0956 5336 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
18:27:05.0018 5336 RDPWD - ok
18:27:05.0049 5336 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:27:05.0081 5336 rspndr - ok
18:27:05.0112 5336 RTL8169 (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys
18:27:05.0159 5336 RTL8169 - ok
18:27:05.0174 5336 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:27:05.0190 5336 sbp2port - ok
18:27:05.0205 5336 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:27:05.0268 5336 secdrv - ok
18:27:05.0283 5336 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
18:27:05.0330 5336 Serenum - ok
18:27:05.0346 5336 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
18:27:05.0377 5336 Serial - ok
18:27:05.0393 5336 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:27:05.0424 5336 sermouse - ok
18:27:05.0439 5336 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
18:27:05.0471 5336 sffdisk - ok
18:27:05.0486 5336 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
18:27:05.0517 5336 sffp_mmc - ok
18:27:05.0533 5336 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
18:27:05.0564 5336 sffp_sd - ok
18:27:05.0580 5336 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:27:05.0642 5336 sfloppy - ok
18:27:05.0689 5336 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
18:27:05.0705 5336 sisagp - ok
18:27:05.0720 5336 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
18:27:05.0736 5336 SiSRaid2 - ok
18:27:05.0751 5336 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
18:27:05.0751 5336 SiSRaid4 - ok
18:27:05.0783 5336 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
18:27:05.0814 5336 Smb - ok
18:27:05.0829 5336 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:27:05.0845 5336 spldr - ok
18:27:05.0861 5336 sptd - ok
18:27:05.0892 5336 srv (73dddbeec61e78568082916a27aadaee) C:\Windows\system32\DRIVERS\srv.sys
18:27:05.0939 5336 srv - ok
18:27:05.0954 5336 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
18:27:05.0970 5336 srv2 - ok
18:27:05.0985 5336 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
18:27:06.0017 5336 srvnet - ok
18:27:06.0032 5336 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:27:06.0048 5336 ssmdrv - ok
18:27:06.0079 5336 ss_bbus (3f0164fbc0bd1adbd02df9759181451a) C:\Windows\system32\DRIVERS\ss_bbus.sys
18:27:06.0079 5336 ss_bbus - ok
18:27:06.0126 5336 ss_bmdfl (b89d62206034e5fe573c80a24dd55675) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
18:27:06.0126 5336 ss_bmdfl - ok
18:27:06.0141 5336 ss_bmdm (1ed0fcea586fe2a416ee15196e5631dd) C:\Windows\system32\DRIVERS\ss_bmdm.sys
18:27:06.0157 5336 ss_bmdm - ok
18:27:06.0173 5336 ss_bserd (994d2e5378cc337ec7dd73c1e04fcaa4) C:\Windows\system32\DRIVERS\ss_bserd.sys
18:27:06.0188 5336 ss_bserd - ok
18:27:06.0204 5336 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:27:06.0219 5336 swenum - ok
18:27:06.0251 5336 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:27:06.0251 5336 Symc8xx - ok
18:27:06.0266 5336 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:27:06.0282 5336 Sym_hi - ok
18:27:06.0297 5336 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:27:06.0313 5336 Sym_u3 - ok
18:27:06.0344 5336 tap0801 (0c82061920a2de35d33c2c2bb83b1e98) C:\Windows\system32\DRIVERS\tap0801.sys
18:27:06.0360 5336 tap0801 ( UnsignedFile.Multi.Generic ) - warning
18:27:06.0360 5336 tap0801 - detected UnsignedFile.Multi.Generic (1)
18:27:06.0407 5336 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\Windows\system32\DRIVERS\tap0901t.sys
18:27:06.0438 5336 tap0901t ( UnsignedFile.Multi.Generic ) - warning
18:27:06.0438 5336 tap0901t - detected UnsignedFile.Multi.Generic (1)
18:27:06.0485 5336 Tcpip (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\drivers\tcpip.sys
18:27:06.0531 5336 Tcpip - ok
18:27:06.0563 5336 Tcpip6 (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\DRIVERS\tcpip.sys
18:27:06.0594 5336 Tcpip6 - ok
18:27:06.0641 5336 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
18:27:06.0672 5336 tcpipreg - ok
18:27:06.0703 5336 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:27:06.0734 5336 TDPIPE - ok
18:27:06.0765 5336 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:27:06.0781 5336 TDTCP - ok
18:27:06.0843 5336 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
18:27:06.0875 5336 tdx - ok
18:27:06.0921 5336 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
18:27:06.0921 5336 TermDD - ok
18:27:06.0953 5336 truecrypt (aceb4f4f83b895e15c8c1a2f55009783) C:\Windows\system32\drivers\truecrypt.sys
18:27:06.0968 5336 truecrypt - ok
18:27:06.0984 5336 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:27:07.0015 5336 tssecsrv - ok
18:27:07.0046 5336 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:27:07.0077 5336 tunmp - ok
18:27:07.0093 5336 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
18:27:07.0124 5336 tunnel - ok
18:27:07.0140 5336 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
18:27:07.0155 5336 uagp35 - ok
18:27:07.0187 5336 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
18:27:07.0202 5336 udfs - ok
18:27:07.0233 5336 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
18:27:07.0233 5336 uliagpkx - ok
18:27:07.0265 5336 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
18:27:07.0280 5336 uliahci - ok
18:27:07.0296 5336 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:27:07.0311 5336 UlSata - ok
18:27:07.0327 5336 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:27:07.0343 5336 ulsata2 - ok
18:27:07.0343 5336 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:27:07.0374 5336 umbus - ok
18:27:07.0452 5336 UnlockerDriver5 (4847639d852763ee39415c929470f672) D:\Program Files\Unlocker\UnlockerDriver5.sys
18:27:07.0467 5336 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
18:27:07.0467 5336 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
18:27:07.0483 5336 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
18:27:07.0545 5336 usbccgp - ok
18:27:07.0561 5336 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:27:07.0608 5336 usbcir - ok
18:27:07.0623 5336 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
18:27:07.0639 5336 usbehci - ok
18:27:07.0670 5336 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
18:27:07.0686 5336 usbhub - ok
18:27:07.0701 5336 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:27:07.0748 5336 usbohci - ok
18:27:07.0764 5336 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:27:07.0795 5336 usbprint - ok
18:27:07.0826 5336 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:27:07.0857 5336 USBSTOR - ok
18:27:07.0889 5336 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:27:07.0904 5336 usbuhci - ok
18:27:07.0920 5336 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:27:07.0951 5336 vga - ok
18:27:07.0982 5336 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:27:08.0013 5336 VgaSave - ok
18:27:08.0029 5336 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
18:27:08.0045 5336 viaagp - ok
18:27:08.0060 5336 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
18:27:08.0091 5336 ViaC7 - ok
18:27:08.0123 5336 VIAHdAudAddService (dbac5431300999968f01772c4162459b) C:\Windows\system32\drivers\viahduaa.sys
18:27:08.0185 5336 VIAHdAudAddService - ok
18:27:08.0201 5336 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
18:27:08.0201 5336 viaide - ok
18:27:08.0216 5336 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:27:08.0216 5336 volmgr - ok
18:27:08.0247 5336 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
18:27:08.0263 5336 volmgrx - ok
18:27:08.0263 5336 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
18:27:08.0279 5336 volsnap - ok
18:27:08.0294 5336 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
18:27:08.0310 5336 vsmraid - ok
18:27:08.0341 5336 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:27:08.0388 5336 WacomPen - ok
18:27:08.0403 5336 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:27:08.0435 5336 Wanarp - ok
18:27:08.0435 5336 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:27:08.0450 5336 Wanarpv6 - ok
18:27:08.0481 5336 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
18:27:08.0497 5336 Wd - ok
18:27:08.0528 5336 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:27:08.0544 5336 Wdf01000 - ok
18:27:08.0591 5336 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
18:27:08.0622 5336 WmiAcpi - ok
18:27:08.0669 5336 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
18:27:08.0700 5336 WpdUsb - ok
18:27:08.0715 5336 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:27:08.0747 5336 ws2ifsl - ok
18:27:08.0778 5336 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:27:08.0793 5336 WUDFRd - ok
18:27:08.0825 5336 xusb21 (09e5340bd9b2cb730bf4dc6be7721291) C:\Windows\system32\DRIVERS\xusb21.sys
18:27:08.0840 5336 xusb21 - ok
18:27:08.0856 5336 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:27:08.0949 5336 \Device\Harddisk0\DR0 - ok
18:27:08.0949 5336 Boot (0x1200) (3ff2536bbf76f6bf2f12a49c28aeddb5) \Device\Harddisk0\DR0\Partition0
18:27:08.0949 5336 \Device\Harddisk0\DR0\Partition0 - ok
18:27:08.0981 5336 Boot (0x1200) (fc63592dad1cf7caa0aa2295b766e5e7) \Device\Harddisk0\DR0\Partition1
18:27:08.0981 5336 \Device\Harddisk0\DR0\Partition1 - ok
18:27:08.0981 5336 ============================================================
18:27:08.0981 5336 Scan finished
18:27:08.0981 5336 ============================================================
18:27:08.0996 3744 Detected object count: 3
18:27:08.0996 3744 Actual detected object count: 3
18:27:36.0062 3744 tap0801 ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:36.0062 3744 tap0801 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:36.0062 3744 tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:36.0062 3744 tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:36.0062 3744 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:36.0062 3744 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Vielen Dank schonmal für alles |
|
28.02.2012, 07:32
| #27 |
| | Windows wurde blockiert Hi, sieht bisher ok aus (die "Virtual Network Drive" hatten wir ja schon, und unlocker auch)... Mich interessiert der unsichtbare Treiber, daher alle Files in dem Ordner C:\_OTL\MovedFiles\ packen und dann wie folgt hochladen: Datei hochladen: http://www.trojaner-board.de/54791-a...ner-board.html Folge den Anweisungen dort und lade die Datei: Code:
ATTFilter -> gepacktes File von C:\_OTL\MovedFiles\
chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
29.02.2012, 18:13
| #28 |
| | Windows wurde blockiert Hab ich gemacht |
|
29.02.2012, 19:57
| #29 |
| | Windows wurde blockiert Hi, Danke, schaue es mir morgen an... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
04.03.2012, 17:13
| #30 | |
| | Windows wurde blockiertZitat:
|
|
| Themen zu Windows wurde blockiert |
| 32bit, antworten, arbeiten, blockiert, durchgeführt, gelöscht, gestern, größte, inter, interne, internet, nachfrage, notfall, problem, schonmal, systemwiederherstellung, verloren, version, vista, vista 32bit, wahrscheinlich, windows, windows vista, worte, würde |
Linear-Darstellung
