|
Log-Analyse und Auswertung: Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.03.2012, 21:44 | #1 | |
| Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Hallo Wenn mein Rechner hochfährt, bekomme ich immer eine Meldung von Avast. Was kann das sein? Zusätzlich ist mir etwas bei meinen installierten Programmen aufgefallen. Das Programm Audiograbber habe ich mal vor zwei Jahren installiert und seit Ewigkeiten nicht mehr verwendet. Wieso wurde es neu installiert? Auch Windows Live Essentials habe ich nicht neu installiert. Bzw. das habe ich noch nie installiert. Anbei sind ein paar Log Dateien. Seht ihr dort was auffälliges? Zitat:
|
06.03.2012, 14:37 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
06.03.2012, 20:41 | #3 | ||
| Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Erstmal danke für deine Mühe.
__________________So und hier die Logs. Zitat:
Eset hingegen findet eine Menge. Ich hoffe man kann die infizierten Sachen ohne Formatierung löschen? Zitat:
|
06.03.2012, 21:17 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert?Zitat:
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt? Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.
__________________ Logfiles bitte immer in CODE-Tags posten |
06.03.2012, 21:37 | #5 |
| Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Diese Darky Dateien sind neue bzw. waren neue Versionen von Android für Samsung Handy. Das sind keine originalen Firmwares, sondern von mehreren Leuten bearbeitete und verbesserte Versionen. Die Gruppe ist ziemlich bekannt und die Firmware ist sehr verbreitet. Muss ich mir da trotzdem Gedanken machen? Ich habe Malwarebytes nicht mehr auf meinem Rechner?! Bis vor ein paar Stunden war es noch installiert. Wie kann das denn sein? |
06.03.2012, 23:50 | #6 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert?Zitat:
Zitat:
__________________ --> Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? |
07.03.2012, 12:07 | #7 |
| Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Ich habe dort ca. 100 Logdateien. Bei keinem ist eine infizierte Datei gefunden worden. |
07.03.2012, 12:39 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Ok. Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start wininit.exe userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
07.03.2012, 14:01 | #9 |
| Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? So hier ist die Auswertung. Ich kenne mich damit nicht aus und habe es nur kurz überflogen. Auch hier ist vom License Validator zu lesen. OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.03.2012 13:27:02 - Run 1 OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\mrxdu\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 54,79% Memory free 4,00 Gb Paging File | 2,85 Gb Available in Paging File | 71,19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 99,01 Gb Total Space | 27,95 Gb Free Space | 28,23% Space Free | Partition Type: NTFS Drive D: | 302,69 Gb Total Space | 200,60 Gb Free Space | 66,27% Space Free | Partition Type: NTFS Drive E: | 64,06 Gb Total Space | 44,01 Gb Free Space | 68,70% Space Free | Partition Type: NTFS Computer Name: MRXDU-PC | User Name: mrxdu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.03.07 13:20:29 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\mrxdu\Desktop\OTL.exe PRC - [2012.02.23 17:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2012.02.23 17:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2012.02.09 11:59:08 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012.02.09 11:59:08 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011.10.14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011.07.06 21:43:43 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011.07.06 21:43:34 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011.06.24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.07.09 00:32:19 | 000,018,432 | ---- | M] (Apache Software Foundation) -- C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe PRC - [2010.07.06 16:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe PRC - [2010.02.12 09:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe PRC - [2009.10.07 13:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe PRC - [2009.09.08 08:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe PRC - [2009.09.08 08:47:07 | 004,513,792 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.4\bin\postgres.exe PRC - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2007.02.02 16:26:44 | 000,283,136 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\FRITZWLANMini.exe ========== Modules (No Company Name) ========== MOD - [2012.01.03 14:10:54 | 000,123,904 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroIEFavClient.DEU MOD - [2011.05.22 18:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll MOD - [2011.01.23 14:47:51 | 000,139,776 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400) SRV - File not found [On_Demand | Stopped] -- -- (RLSSTUQBJ) SRV - File not found [On_Demand | Stopped] -- -- (PTSUT) SRV - File not found [On_Demand | Stopped] -- -- (JWLDLLYVYY) SRV - [2012.02.23 17:23:21 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.02.09 11:59:08 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.02.09 11:59:06 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.10.14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.07.06 21:43:43 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.03.16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.02.11 00:23:21 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.09.04 17:07:16 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe -- (Creative Dolby Digital Live Pack Licensing Service) SRV - [2010.07.09 00:32:19 | 000,018,432 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe -- (EnterpriseDBApachePHP) SRV - [2010.07.06 16:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010.06.15 16:19:03 | 003,583,592 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010.02.12 09:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2009.10.28 16:15:06 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2009.10.07 13:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4) SRV - [2009.09.08 08:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4) SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (pccsmcfd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (nmwcdnsuc) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (nmwcdnsu) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MEMSWEEP2) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (LGVMODEM) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (lgbusenum) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (LgBttPort) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleNT) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (dgderdrv) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (CTSBLFX.DLL) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (CTERFXFX.DLL) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (CTAUDFX.DLL) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (COMMONFX.DLL) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ANDModem) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (AndGps) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (AndDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Andbus) DRV - [2012.02.23 17:12:28 | 000,610,648 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.02.23 17:12:16 | 000,337,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.02.23 17:10:59 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr) DRV - [2012.02.23 17:10:39 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.02.23 17:10:34 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012.02.23 17:10:16 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011.12.12 19:31:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011.07.06 21:45:13 | 007,800,832 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2011.07.06 21:45:13 | 007,800,832 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011.07.06 21:44:38 | 000,245,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011.06.19 18:57:18 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2011.06.19 18:57:17 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011.04.24 23:14:38 | 000,225,856 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\keyscrambler.sys -- (KeyScrambler) DRV - [2011.03.30 19:46:36 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.11.10 13:36:41 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.08.27 05:32:08 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2010.08.27 05:32:08 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) DRV - [2010.08.27 05:32:08 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV - [2010.08.27 05:32:08 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2010.08.27 05:32:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV - [2010.07.26 14:15:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010.05.13 23:05:40 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss) DRV - [2010.04.27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010.04.27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010.04.27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2010.03.19 00:50:12 | 000,189,528 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\haP17v2k.sys -- (hap17v2k) DRV - [2010.03.19 00:50:04 | 000,162,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\haP16v2k.sys -- (hap16v2k) DRV - [2010.03.19 00:49:56 | 000,798,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha10kx2k.sys -- (ha10kx2k) DRV - [2010.03.19 00:45:42 | 000,092,760 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia) DRV - [2010.03.19 00:45:28 | 000,157,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2010.03.19 00:45:20 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k) DRV - [2010.03.19 00:45:12 | 000,127,576 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv) DRV - [2010.03.19 00:40:56 | 000,018,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctgame.sys -- (ctgame) DRV - [2010.03.19 00:40:48 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k) DRV - [2010.03.19 00:40:40 | 000,528,472 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV - [2010.03.19 00:40:32 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k) DRV - [2010.03.19 00:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTERFXFX.SYS -- (CTERFXFX.SYS) DRV - [2010.03.19 00:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTERFXFX.sys -- (CTERFXFX) DRV - [2010.03.19 00:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTSBLFX.SYS -- (CTSBLFX.SYS) DRV - [2010.03.19 00:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTSBLFX.sys -- (CTSBLFX) DRV - [2010.03.19 00:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTAUDFX.SYS -- (CTAUDFX.SYS) DRV - [2010.03.19 00:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTAUDFX.sys -- (CTAUDFX) DRV - [2010.03.19 00:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\COMMONFX.SYS -- (COMMONFX.SYS) DRV - [2010.03.19 00:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COMMONFX.sys -- (COMMONFX) DRV - [2010.02.23 10:51:14 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv) DRV - [2010.02.23 10:51:14 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009.07.13 06:34:38 | 000,265,744 | ---- | M] (TechniSat Provide) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MtsBda.sys -- (MTSBDA) DRV - [2009.07.13 06:34:38 | 000,023,568 | ---- | M] (TechniSat Provide) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MtsHID.sys -- (MtsHID) DRV - [2008.11.14 01:11:30 | 000,017,184 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys -- (UltraMonUtility) DRV - [2007.04.12 07:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CT20XUT.DLL -- (CT20XUT.DLL) DRV - [2007.04.12 07:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTHWIUT.DLL -- (CTHWIUT.DLL) DRV - [2007.04.12 07:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEXFIFX.DLL -- (CTEXFIFX.DLL) DRV - [2007.04.12 07:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPSY.DLL -- (CTEDSPSY.DLL) DRV - [2007.04.12 07:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPIO.DLL -- (CTEDSPIO.DLL) DRV - [2007.04.12 07:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPFX.DLL -- (CTEDSPFX.DLL) DRV - [2007.04.12 07:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEAPSFX.DLL -- (CTEAPSFX.DLL) DRV - [2007.01.31 14:33:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\avgarkt.sys -- (AVG Anti-Rootkit) DRV - [2007.01.26 00:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB) DRV - [2007.01.26 00:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject) DRV - [2007.01.18 13:00:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\AvgArCln.sys -- (AvgArCln) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 5C 65 03 3B D1 CA 01 [binary data] IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\SearchScopes\{5A6751A0-DE58-4EAC-90FE-81490AE6D14F}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms} IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "TableRatings" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..extensions.enabledItems: {de1b245c-de57-11da-ba2d-0050c2490048}:1.0.8 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.2.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {af5514fc-7603-4cec-9894-f07f3d8672a5}:1.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.6 FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.6.6 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100805 FF - prefs.js..network.proxy.autoconfig_url: "file:///E:/Music/Temp/Tunebite/.downloading/profile/rrproxy_ffox_4a9ea39e.pac" FF - prefs.js..network.proxy.type: 2 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mrxdu\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mrxdu\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.01.13 19:01:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.01.26 19:45:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.23 18:11:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.03.05 18:01:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.17 18:36:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.13 19:02:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.11.14 12:01:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.01.13 19:02:05 | 000,000,000 | ---D | M] [2010.09.04 15:43:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Extensions [2009.12.22 20:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009.12.23 01:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2010.09.04 15:40:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions [2010.09.04 15:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{3713a489-0634-4472-8456-dc7abd7eba00} [2010.09.04 15:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} [2010.09.04 15:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.09.04 15:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2010.09.04 15:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2010.09.04 15:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42} [2010.09.04 15:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{af5514fc-7603-4cec-9894-f07f3d8672a5} [2010.09.04 15:35:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.09.04 15:35:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.09.04 15:35:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.09.04 15:35:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048} [2010.09.04 15:40:49 | 000,000,000 | ---D | M] (NASA Night Launch) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\awo9dtr6.default\extensions\nasanightlaunch@example.com [2012.03.05 17:12:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions [2012.02.15 16:11:45 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011.02.04 15:03:59 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2010.09.04 16:18:44 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42} [2011.12.25 21:27:46 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.11.18 19:03:39 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions\de-DE@dictionaries.addons.mozilla.org [2010.09.04 16:11:07 | 000,000,000 | ---D | M] (Fast Youtube Downloader) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions\fastYoutubeDownloader@yevgenyandrov.net [2011.06.22 13:25:22 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions\keyscrambler@qfx.software.corporation [2010.10.19 20:02:09 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\mrxdu\AppData\Roaming\mozilla\Firefox\Profiles\zx3rgilf.default\extensions\vshare@toolbar [2012.03.04 16:54:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2012.02.17 18:36:20 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012.01.02 19:46:10 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.02 19:46:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.01.02 19:46:10 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.01.02 19:46:10 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.02 19:46:10 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.02 19:46:10 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Disabled) = C:\Users\mrxdu\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\mrxdu\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\mrxdu\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\mrxdu\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\mrxdu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\mrxdu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\ CHR - Extension: AdBlock = C:\Users\mrxdu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.19_0\ CHR - Extension: avast! WebRep = C:\Users\mrxdu\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1407_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\mrxdu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\mrxdu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Users\mrxdu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011.01.20 22:10:11 | 000,344,217 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123haustiereundmehr.com O1 - Hosts: 11798 more lines... O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll () O3 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) O4 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000..\Run: [UpgradeChecker] C:\Users\mrxdu\AppData\Roaming\TeamViewer\{6B9F98E7-D245-4215-9694-12A2B407DDA6}\UpgradeChecker.exe () O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html () O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1007..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html () O4 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta () O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\mrxdu\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe File not found O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe File not found O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\mrxdu\Desktop\PartyPoker.lnk File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\mrxdu\Desktop\PartyPoker.lnk File not found O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24FC59BC-6D26-443D-8766-DCAD2F04972A}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A83D432-4027-457F-8587-EFA6DE804EE4}: DhcpNameServer = 192.168.42.129 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.07.31 18:30:53 | 000,001,352 | ---- | M] () - D:\AutoHotkey.ahk -- [ NTFS ] O33 - MountPoints2\{1289848e-7311-11e0-95a6-00196636b259}\Shell - "" = AutoRun O33 - MountPoints2\{1289848e-7311-11e0-95a6-00196636b259}\Shell\AutoRun\command - "" = H:\pushinst.exe O33 - MountPoints2\{95cb1b3e-bbe2-11de-9d43-00196636b259}\Shell - "" = AutoRun O33 - MountPoints2\{95cb1b3e-bbe2-11de-9d43-00196636b259}\Shell\AutoRun\command - "" = G:\Install.cmd O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk - C:\Windows\Installer\{537056B7-32A4-4408-9B54-0341963C7C9C}\IcoUltraMon.ico - () MsConfig - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) MsConfig - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics) MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\mrxdu\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: Intel AppUp(SM) center - hkey= - key= - C:\Program Files\Intel\IntelAppStore\bin\serviceManager.lnk () MsConfig - StartUpReg: LicenseValidator - hkey= - key= - C:\Users\mrxdu\AppData\Roaming\Identities\{97E4FFC3-47A3-4208-BC3E-3F37B6E483DF}\LicenseValidator.exe () MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) MsConfig - StartUpReg: Steam - hkey= - key= - E:\Games\Steam\Steam.exe (Valve Corporation) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm () Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.IV32 - C:\Windows\System32\ir32.dll () Drivers32: vidc.IV45 - C:\Windows\System32\ir41_qc.dll (Intel Corporation.) Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.03.07 13:20:23 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\mrxdu\Desktop\OTL.exe [2012.03.07 11:39:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.03.07 11:39:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.03.07 11:39:55 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.03.07 11:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.03.06 22:00:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.03.06 15:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.03.06 15:12:11 | 002,322,184 | ---- | C] (ESET) -- C:\Users\mrxdu\Desktop\esetsmartinstaller_enu.exe [2012.03.05 20:05:27 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\mrxdu\Desktop\dds.com [2012.03.05 18:50:47 | 000,000,000 | ---D | C] -- C:\Users\mrxdu\AppData\Roaming\MrJobs [2012.03.05 18:01:42 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys [2012.03.04 10:56:25 | 000,000,000 | ---D | C] -- C:\Users\mrxdu\Desktop\Ski 2012 [2012.03.04 10:47:58 | 000,000,000 | ---D | C] -- C:\Users\mrxdu\AppData\Roaming\Help [2012.03.04 10:43:53 | 000,000,000 | ---D | C] -- C:\Users\mrxdu\AppData\Roaming\Windows Search [2012.02.21 14:01:10 | 000,000,000 | ---D | C] -- D:\HM Backup [2012.02.21 14:00:52 | 000,000,000 | ---D | C] -- C:\Users\mrxdu\AppData\Roaming\HoldemManager [2012.02.16 16:02:52 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.02.16 16:02:48 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2012.02.15 22:45:44 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA% [1 D:\*.tmp files -> D:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.03.07 13:20:29 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\mrxdu\Desktop\OTL.exe [2012.03.07 12:42:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2498521526-3322181197-3109250805-1000UA.job [2012.03.07 12:31:02 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.03.07 11:42:02 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2498521526-3322181197-3109250805-1000Core.job [2012.03.07 11:31:16 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.03.07 11:31:16 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.03.07 11:28:28 | 009,024,840 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.03.07 11:28:28 | 003,101,432 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.03.07 11:28:28 | 002,740,924 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.03.07 11:28:28 | 002,450,770 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.03.07 11:23:53 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.03.07 11:23:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.03.06 23:03:03 | 000,011,564 | ---- | M] () -- C:\Windows\System32\DVCState-{00000004-00000000-00000002-00001102-00000004-00531102}.rfx [2012.03.06 23:03:02 | 000,031,632 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000004-00000000-00000002-00001102-00000004-00531102}.rfx [2012.03.06 23:03:02 | 000,028,848 | ---- | M] () -- C:\Windows\System32\BMXCtrlState-{00000004-00000000-00000002-00001102-00000004-00531102}.rfx [2012.03.06 23:03:02 | 000,028,848 | ---- | M] () -- C:\Windows\System32\BMXBkpCtrlState-{00000004-00000000-00000002-00001102-00000004-00531102}.rfx [2012.03.06 23:03:01 | 000,031,632 | ---- | M] () -- C:\Windows\System32\BMXState-{00000004-00000000-00000002-00001102-00000004-00531102}.rfx [2012.03.06 15:11:27 | 002,322,184 | ---- | M] (ESET) -- C:\Users\mrxdu\Desktop\esetsmartinstaller_enu.exe [2012.03.05 20:22:24 | 000,302,592 | ---- | M] () -- C:\Users\mrxdu\Desktop\b6q341tq.exe [2012.03.05 20:09:34 | 000,000,020 | ---- | M] () -- C:\Users\mrxdu\defogger_reenable [2012.03.05 20:05:53 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\mrxdu\Desktop\dds.com [2012.03.05 20:04:54 | 000,050,477 | ---- | M] () -- C:\Users\mrxdu\Desktop\Defogger.exe [2012.03.05 18:01:42 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012.02.23 17:23:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012.02.23 17:23:21 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012.02.23 17:12:28 | 000,610,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012.02.23 17:12:16 | 000,337,112 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012.02.23 17:10:59 | 000,044,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys [2012.02.23 17:10:39 | 000,053,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012.02.23 17:10:34 | 000,057,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012.02.23 17:10:16 | 000,020,696 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012.02.21 14:47:29 | 000,000,918 | -H-- | M] () -- C:\Windows\EPMBatch.ept [2012.02.16 15:51:53 | 000,294,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.02.09 11:59:10 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.02.09 11:59:08 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.02.09 11:59:06 | 000,028,992 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [1 D:\*.tmp files -> D:\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.03.05 20:22:27 | 000,302,592 | ---- | C] () -- C:\Users\mrxdu\Desktop\b6q341tq.exe [2012.03.05 20:09:11 | 000,000,020 | ---- | C] () -- C:\Users\mrxdu\defogger_reenable [2012.03.05 20:04:34 | 000,050,477 | ---- | C] () -- C:\Users\mrxdu\Desktop\Defogger.exe [2011.10.14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011.08.18 16:07:02 | 000,000,600 | ---- | C] () -- C:\Users\mrxdu\AppData\Local\PUTTY.RND [2011.07.31 19:10:18 | 000,000,045 | ---- | C] () -- C:\Users\mrxdu\AppData\Local\machpro.dat [2011.07.06 21:43:40 | 000,233,765 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.07.03 21:23:05 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2011.07.03 21:23:05 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2011.06.19 18:57:18 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2011.06.19 18:57:17 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2011.06.16 01:21:15 | 000,004,608 | ---- | C] () -- C:\Users\mrxdu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2011.04.30 11:40:59 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin [2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.03.24 18:59:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2011.03.24 18:59:26 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011.03.09 19:35:11 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat [2011.02.22 20:43:50 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.01.29 19:31:35 | 000,000,000 | ---- | C] () -- C:\Windows\MC-Version.INI [2011.01.29 19:30:40 | 000,000,032 | ---- | C] () -- C:\Windows\MineCraft.INI [2011.01.20 22:02:08 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2011.01.13 01:50:23 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2010.11.12 14:28:57 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini [2010.10.05 00:59:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\StarOpen.sys [2010.09.04 16:58:07 | 000,177,664 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL [2010.09.04 16:58:07 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL [2010.09.04 16:54:02 | 000,077,824 | ---- | C] () -- C:\Windows\System32\ctmmactl.dll [2010.09.04 16:54:02 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CTBurst.dll [2010.09.04 16:54:02 | 000,037,888 | ---- | C] () -- C:\Windows\System32\psconv.exe [2010.09.04 16:54:02 | 000,013,312 | ---- | C] () -- C:\Windows\System32\regplib.exe [2010.09.04 16:54:02 | 000,010,752 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll [2010.09.04 16:54:02 | 000,010,240 | ---- | C] ( ) -- C:\Windows\System32\killapps.exe [2010.09.04 16:54:02 | 000,005,120 | ---- | C] () -- C:\Windows\System32\enlocstr.exe [2010.09.04 16:54:00 | 000,386,852 | ---- | C] () -- C:\Windows\System32\ctdnlstr.dat [2010.09.04 16:54:00 | 000,313,207 | ---- | C] () -- C:\Windows\System32\ctstatic.dat [2010.09.04 16:54:00 | 000,274,587 | ---- | C] () -- C:\Windows\System32\ctsbas2w.dat [2010.09.04 16:54:00 | 000,149,838 | ---- | C] () -- C:\Windows\System32\ctbas2w.dat [2010.09.04 16:54:00 | 000,053,932 | ---- | C] () -- C:\Windows\System32\ctdaught.dat [2010.09.04 16:54:00 | 000,051,787 | ---- | C] () -- C:\Windows\System32\ctdlang.dat [2010.09.04 16:54:00 | 000,050,466 | ---- | C] () -- C:\Windows\System32\instwdm.ini [2010.09.04 16:54:00 | 000,000,307 | ---- | C] () -- C:\Windows\System32\kill.ini [2010.09.04 16:54:00 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini [2010.08.13 18:01:41 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010.08.13 18:01:41 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010.07.26 20:47:50 | 000,000,600 | ---- | C] () -- C:\Users\mrxdu\AppData\Roaming\winscp.rnd [2010.04.19 18:31:57 | 001,711,232 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2010.04.19 18:31:57 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2010.04.19 18:31:57 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2010.04.19 18:31:57 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2010.04.19 18:31:57 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2010.04.19 18:25:44 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI [2010.03.25 18:13:55 | 000,019,456 | ---- | C] () -- C:\Users\mrxdu\AppData\Local\WebpageIcons.db ========== LOP Check ========== [2011.02.24 13:49:04 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Canneverbe Limited [2009.10.18 15:03:17 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\DAEMON Tools Lite [2010.05.28 11:04:28 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\DVDVideoSoftIEHelpers [2010.11.22 09:46:43 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\EPSON [2011.08.21 22:22:17 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\FileZilla [2011.01.17 12:47:25 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\FreeFLVConverter [2010.11.27 12:24:59 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\GrabPro [2010.08.28 02:56:29 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\gtk-2.0 [2011.01.26 19:54:09 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\HEM Data [2012.02.21 14:00:52 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\HoldemManager [2010.07.28 21:43:20 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\ijjigame [2011.01.26 19:21:13 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\IrfanView [2012.02.21 23:12:34 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\KeePass [2009.10.18 15:12:15 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Leadertech [2011.01.13 23:51:39 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\MFSM-Tasks [2011.07.11 21:42:54 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Miranda Fusion [2011.03.10 15:27:23 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Mp3tag [2012.03.05 18:50:59 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\MrJobs [2009.12.23 01:07:41 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Nokia [2009.10.17 17:57:09 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\OpenOffice.org [2011.01.26 19:44:32 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Orbit [2009.10.20 23:01:17 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\PC Suite [2010.01.06 16:47:28 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\postgresql [2010.02.20 03:14:12 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Prish [2010.11.27 12:25:07 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\ProgSense [2011.06.22 13:30:20 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\QFX Software [2011.04.04 20:18:49 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Roaming [2011.03.23 21:31:11 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Rovio [2012.02.17 18:23:51 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Samsung [2011.08.13 09:37:34 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Simfy [2012.03.06 15:03:56 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\TeamViewer [2010.08.06 11:32:53 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Teleca [2009.12.22 20:26:51 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Thunderbird [2009.12.23 01:48:33 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\TomTom [2011.12.24 12:29:13 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\TuneUp Software [2012.03.04 10:43:53 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Windows Search [2011.08.18 16:01:15 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\XnView [2011.12.25 20:12:09 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.04.11 22:02:49 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Adobe [2010.02.22 17:25:18 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Apple Computer [2009.10.17 16:44:32 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\ATI [2011.01.26 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\AVS4YOU [2011.02.24 13:49:04 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Canneverbe Limited [2009.10.18 15:03:17 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\DAEMON Tools Lite [2011.01.13 21:29:01 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\DivX [2010.07.22 21:56:24 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\dvdcss [2010.05.28 11:04:28 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\DVDVideoSoftIEHelpers [2010.11.22 09:46:43 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\EPSON [2011.08.21 22:22:17 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\FileZilla [2011.01.17 12:47:25 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\FreeFLVConverter [2010.11.27 12:24:59 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\GrabPro [2010.08.28 02:56:29 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\gtk-2.0 [2012.03.04 10:47:58 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Help [2011.01.26 19:54:09 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\HEM Data [2012.02.21 14:00:52 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\HoldemManager [2012.03.07 13:04:18 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Identities [2010.07.28 21:43:20 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\ijjigame [2011.01.26 19:21:13 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\IrfanView [2012.02.21 23:12:34 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\KeePass [2009.10.18 15:12:15 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Leadertech [2009.10.17 15:36:17 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Macromedia [2009.10.17 15:53:00 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Malwarebytes [2009.07.14 09:56:56 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Media Center Programs [2012.01.14 16:08:31 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Media Player Classic [2011.01.13 23:51:39 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\MFSM-Tasks [2011.06.07 20:18:22 | 000,000,000 | --SD | M] -- C:\Users\mrxdu\AppData\Roaming\Microsoft [2011.07.11 21:42:54 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Miranda Fusion [2009.10.17 15:18:36 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Mozilla [2010.07.28 12:10:33 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Mozilla-Cache [2011.03.10 15:27:23 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Mp3tag [2012.03.05 18:50:59 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\MrJobs [2009.10.17 17:42:02 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Nero [2009.12.23 01:07:41 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Nokia [2011.12.23 18:26:23 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\NVIDIA [2009.10.17 17:57:09 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\OpenOffice.org [2011.01.26 19:44:32 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Orbit [2009.10.20 23:01:17 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\PC Suite [2010.01.06 16:47:28 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\postgresql [2010.02.20 03:14:12 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Prish [2010.11.27 12:25:07 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\ProgSense [2011.06.22 13:30:20 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\QFX Software [2011.01.26 19:45:34 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Real [2011.09.05 19:45:26 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Realtime Soft [2011.04.04 20:18:49 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Roaming [2011.03.23 21:31:11 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Rovio [2012.02.17 18:23:51 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Samsung [2011.08.13 09:37:34 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Simfy [2011.10.08 19:03:24 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Skype [2011.07.28 00:38:49 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\skypePM [2009.10.17 15:18:38 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Talkback [2009.12.08 00:17:18 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\teamspeak2 [2012.03.06 15:03:56 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\TeamViewer [2010.08.06 11:32:53 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Teleca [2009.12.22 20:26:51 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Thunderbird [2009.12.23 01:48:33 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\TomTom [2011.12.24 12:29:13 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\TuneUp Software [2011.12.21 11:35:18 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\vlc [2010.07.13 14:04:08 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Winamp [2012.03.04 10:43:53 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\Windows Search [2009.10.17 16:13:47 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\WinRAR [2011.08.18 16:01:15 | 000,000,000 | ---D | M] -- C:\Users\mrxdu\AppData\Roaming\XnView < %APPDATA%\*.exe /s > [2012.03.06 14:57:37 | 000,272,384 | ---- | M] () -- C:\Users\mrxdu\AppData\Roaming\Identities\{97E4FFC3-47A3-4208-BC3E-3F37B6E483DF}\LicenseValidator.exe [2011.10.08 13:03:44 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\mrxdu\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2009.12.10 15:46:02 | 000,319,488 | ---- | M] (Octoshape ApS) -- C:\Users\mrxdu\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe [2010.07.26 21:27:17 | 000,010,134 | R--- | M] () -- C:\Users\mrxdu\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\Foren.exe [2010.07.26 21:27:17 | 000,000,766 | R--- | M] () -- C:\Users\mrxdu\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\htmledit.exe [2010.07.28 12:34:19 | 000,738,824 | ---- | M] (RealNetworks, Inc.) -- C:\Users\mrxdu\AppData\Roaming\Real\RealPlayer\setup\AU_setup20100218.exe [2011.01.26 19:38:23 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\mrxdu\AppData\Roaming\Real\RealPlayer\setup\AU_setup20101108.exe [2012.03.07 13:04:18 | 000,271,360 | ---- | M] () -- C:\Users\mrxdu\AppData\Roaming\TeamViewer\{6B9F98E7-D245-4215-9694-12A2B407DDA6}\UpgradeChecker.exe [2009.12.23 01:49:32 | 020,299,200 | ---- | M] (TomTom International B.V.) -- C:\Users\mrxdu\AppData\Roaming\TomTom\HOME\Profiles\auhdt0y7.default\Updates\v2_7_3_1894_win.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: IASTORV.SYS > [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > |
07.03.2012, 14:46 | #10 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert?Zitat:
Wenn ja: in Zukunft Finger weg, diese illegalen Portale verbreiten Malware und wenn du in Zukunft malwarefrei sein wilst, musst du auf legale Alternativen ausweichen und auf solche riskanten Streamingseiten verzichten!
__________________ Logfiles bitte immer in CODE-Tags posten |
07.03.2012, 15:07 | #11 |
| Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Hmm ja, ich kann mich davon nicht freisprechen. Habe mal auf solchen Seiten Serien geguckt. Aber das ist auch schon Ewigkeiten her. Das aktuelle Problem ist allerdings für mich neu. Diese Meldung hatte ich früher nie. Ist der Player denn an sich gefährlich? Den habe ich von Chip.de und der müsste doch Virenfrei sein, oder? |
07.03.2012, 15:33 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Die Seiten sind gefährlich! Die werden von Kriminellen betrieben, dort werden Exploits verbreitet! Die Exploits auf den Seiten klopfen deinen Rechner auf alte Versionen ab um Sicherheitslücken zB im Flashplayer zu finden und schwuppdiwupp hast du sowas wie BKA-Windows-Blockierer drauf! Also einfach Finger weg von solchen Seiten Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL SRV - File not found [On_Demand | Stopped] -- -- (RLSSTUQBJ) SRV - File not found [On_Demand | Stopped] -- -- (PTSUT) SRV - File not found [On_Demand | Stopped] -- -- (JWLDLLYVYY) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 5C 65 03 3B D1 CA 01 [binary data] IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\SearchScopes\{5A6751A0-DE58-4EAC-90FE-81490AE6D14F}: "URL" = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms} O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe File not found O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe File not found O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\mrxdu\Desktop\PartyPoker.lnk File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\mrxdu\Desktop\PartyPoker.lnk File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.07.31 18:30:53 | 000,001,352 | ---- | M] () - D:\AutoHotkey.ahk -- [ NTFS ] O33 - MountPoints2\{1289848e-7311-11e0-95a6-00196636b259}\Shell - "" = AutoRun O33 - MountPoints2\{1289848e-7311-11e0-95a6-00196636b259}\Shell\AutoRun\command - "" = H:\pushinst.exe O33 - MountPoints2\{95cb1b3e-bbe2-11de-9d43-00196636b259}\Shell - "" = AutoRun O33 - MountPoints2\{95cb1b3e-bbe2-11de-9d43-00196636b259}\Shell\AutoRun\command - "" = G:\Install.cmd MsConfig - StartUpReg: LicenseValidator - hkey= - key= - C:\Users\mrxdu\AppData\Roaming\Identities\{97E4FFC3-47A3-4208-BC3E-3F37B6E483DF}\LicenseValidator.exe () [2012.03.06 14:57:37 | 000,272,384 | ---- | M] () -- C:\Users\mrxdu\AppData\Roaming\Identities\{97E4FFC3-47A3-4208-BC3E-3F37B6E483DF}\LicenseValidator.exe :Commands [emptytemp] [resethosts] Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
07.03.2012, 18:03 | #13 |
| Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Hier ist die Log Datei. Alles bereinigt worden? Spybot - Search & Destroy bzw. der Teatimer funktioniert jetzt nicht mehr. War das gewollt bzw. ist das ein schlechtes Programm? Und nochmal vielen Dank für deine Mühe. Code:
ATTFilter All processes killed ========== OTL ========== Service RLSSTUQBJ stopped successfully! Service RLSSTUQBJ deleted successfully! Service PTSUT stopped successfully! Service PTSUT deleted successfully! Service JWLDLLYVYY stopped successfully! Service JWLDLLYVYY deleted successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully. C:\Program Files\DVDVideoSoftTB\tbDVDV.dll moved successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully! HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully! HKU\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-2498521526-3322181197-3109250805-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files\DVDVideoSoftTB\tbDVDV.dll not found. HKEY_USERS\S-1-5-21-2498521526-3322181197-3109250805-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-2498521526-3322181197-3109250805-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_USERS\S-1-5-21-2498521526-3322181197-3109250805-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5A6751A0-DE58-4EAC-90FE-81490AE6D14F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A6751A0-DE58-4EAC-90FE-81490AE6D14F}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files\DVDVideoSoftTB\tbDVDV.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files\DVDVideoSoftTB\tbDVDV.dll not found. Registry value HKEY_USERS\S-1-5-21-2498521526-3322181197-3109250805-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. File C:\Program Files\DVDVideoSoftTB\tbDVDV.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-2498521526-3322181197-3109250805-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully. C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully. Registry value HKEY_USERS\S-1-5-21-2498521526-3322181197-3109250805-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. D:\AutoHotkey.ahk moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1289848e-7311-11e0-95a6-00196636b259}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1289848e-7311-11e0-95a6-00196636b259}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1289848e-7311-11e0-95a6-00196636b259}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1289848e-7311-11e0-95a6-00196636b259}\ not found. File H:\pushinst.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95cb1b3e-bbe2-11de-9d43-00196636b259}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95cb1b3e-bbe2-11de-9d43-00196636b259}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95cb1b3e-bbe2-11de-9d43-00196636b259}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95cb1b3e-bbe2-11de-9d43-00196636b259}\ not found. File G:\Install.cmd not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\LicenseValidator\ deleted successfully. C:\Users\mrxdu\AppData\Roaming\Identities\{97E4FFC3-47A3-4208-BC3E-3F37B6E483DF}\LicenseValidator.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: mrxdu ->Temp folder emptied: 169273632 bytes ->Temporary Internet Files folder emptied: 5214499 bytes ->Java cache emptied: 45915119 bytes ->FireFox cache emptied: 284675192 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 1529615 bytes User: postgres ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: postgres.mrxdu-PC ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: postgres.mrxdu-PC.000 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: postgres.mrxdu-PC.001 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56504 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56468 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2704648 bytes RecycleBin emptied: 16716545056 bytes Total Files Cleaned = 16.428,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.35.1 log created on 03072012_175248 Files\Folders moved on Reboot... C:\Users\mrxdu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\715SJ36T\pgcb1_2[1].htm moved successfully. Registry entries deleted on Reboot... Geändert von hotte83 (07.03.2012 um 18:47 Uhr) |
07.03.2012, 22:30 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Den dämlichen Teatimer hab ich deaktiviert Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
07.03.2012, 22:47 | #15 |
| Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? Hier das Ergebnis. Code:
ATTFilter 22:44:07.0730 4580 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39 22:44:09.0730 4580 ============================================================ 22:44:09.0730 4580 Current date / time: 2012/03/07 22:44:09.0730 22:44:09.0730 4580 SystemInfo: 22:44:09.0730 4580 22:44:09.0730 4580 OS Version: 6.1.7601 ServicePack: 1.0 22:44:09.0730 4580 Product type: Workstation 22:44:09.0730 4580 ComputerName: MRXDU-PC 22:44:09.0730 4580 UserName: mrxdu 22:44:09.0730 4580 Windows directory: C:\Windows 22:44:09.0730 4580 System windows directory: C:\Windows 22:44:09.0730 4580 Processor architecture: Intel x86 22:44:09.0730 4580 Number of processors: 2 22:44:09.0730 4580 Page size: 0x1000 22:44:09.0730 4580 Boot type: Normal boot 22:44:09.0730 4580 ============================================================ 22:44:10.0777 4580 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 22:44:10.0792 4580 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 22:44:10.0792 4580 \Device\Harddisk0\DR0: 22:44:10.0792 4580 MBR used 22:44:10.0792 4580 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0xC6055FD 22:44:10.0808 4580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC60567C, BlocksNum 0x25D6299B 22:44:10.0824 4580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32368056, BlocksNum 0x801CBEB 22:44:10.0824 4580 \Device\Harddisk1\DR1: 22:44:10.0824 4580 MBR used 22:44:10.0824 4580 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000 22:44:10.0917 4580 Initialize success 22:44:10.0917 4580 ============================================================ 22:44:29.0183 1116 ============================================================ 22:44:29.0183 1116 Scan started 22:44:29.0183 1116 Mode: Manual; SigCheck; TDLFS; 22:44:29.0183 1116 ============================================================ 22:44:29.0667 1116 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\DRIVERS\1394ohci.sys 22:44:29.0746 1116 1394ohci - ok 22:44:29.0777 1116 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 22:44:29.0792 1116 ACPI - ok 22:44:29.0824 1116 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 22:44:29.0839 1116 AcpiPmi - ok 22:44:29.0871 1116 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 22:44:29.0902 1116 adp94xx - ok 22:44:29.0917 1116 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 22:44:29.0933 1116 adpahci - ok 22:44:29.0949 1116 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 22:44:29.0964 1116 adpu320 - ok 22:44:29.0996 1116 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 22:44:30.0027 1116 AFD - ok 22:44:30.0042 1116 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 22:44:30.0058 1116 agp440 - ok 22:44:30.0089 1116 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 22:44:30.0105 1116 aic78xx - ok 22:44:30.0121 1116 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 22:44:30.0136 1116 aliide - ok 22:44:30.0152 1116 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 22:44:30.0152 1116 amdagp - ok 22:44:30.0167 1116 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 22:44:30.0183 1116 amdide - ok 22:44:30.0199 1116 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 22:44:30.0214 1116 AmdK8 - ok 22:44:30.0355 1116 amdkmdag (aeae5ecbeaa0107d36c0b94ef341abc7) C:\Windows\system32\DRIVERS\atikmdag.sys 22:44:30.0542 1116 amdkmdag - ok 22:44:30.0574 1116 amdkmdap (60643c3abe28015269a62eb3dd4a49f4) C:\Windows\system32\DRIVERS\atikmpag.sys 22:44:30.0605 1116 amdkmdap - ok 22:44:30.0621 1116 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 22:44:30.0636 1116 AmdPPM - ok 22:44:30.0667 1116 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 22:44:30.0667 1116 amdsata - ok 22:44:30.0699 1116 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 22:44:30.0714 1116 amdsbs - ok 22:44:30.0730 1116 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 22:44:30.0730 1116 amdxata - ok 22:44:30.0746 1116 Andbus - ok 22:44:30.0761 1116 AndDiag - ok 22:44:30.0761 1116 AndGps - ok 22:44:30.0777 1116 ANDModem - ok 22:44:30.0808 1116 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys 22:44:30.0824 1116 androidusb - ok 22:44:30.0839 1116 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 22:44:30.0871 1116 AppID - ok 22:44:30.0902 1116 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 22:44:30.0917 1116 arc - ok 22:44:30.0933 1116 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 22:44:30.0949 1116 arcsas - ok 22:44:30.0980 1116 aswFsBlk (581b82df5dbcc1dda6b775fac0d92472) C:\Windows\system32\drivers\aswFsBlk.sys 22:44:30.0996 1116 aswFsBlk - ok 22:44:31.0027 1116 aswMonFlt (0787b434e9098840966c23bb1c77df49) C:\Windows\system32\drivers\aswMonFlt.sys 22:44:31.0027 1116 aswMonFlt - ok 22:44:31.0074 1116 aswRdr (03a901b0ba42aac44d7669c7c71dbbc0) C:\Windows\System32\Drivers\aswrdr2.sys 22:44:31.0074 1116 aswRdr - ok 22:44:31.0121 1116 aswSnx (ca9601cd277a1e510b80422a40240a95) C:\Windows\system32\drivers\aswSnx.sys 22:44:31.0136 1116 aswSnx - ok 22:44:31.0152 1116 aswSP (05ea22dde5ca7ee3a865046aff2f0229) C:\Windows\system32\drivers\aswSP.sys 22:44:31.0167 1116 aswSP - ok 22:44:31.0199 1116 aswTdi (3ac73a9e7378848d1bde174b4bb39212) C:\Windows\system32\drivers\aswTdi.sys 22:44:31.0199 1116 aswTdi - ok 22:44:31.0230 1116 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 22:44:31.0246 1116 AsyncMac - ok 22:44:31.0277 1116 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 22:44:31.0277 1116 atapi - ok 22:44:31.0308 1116 AtiHDAudioService (45fe74599fba4070e7c7dac928896474) C:\Windows\system32\drivers\AtihdW73.sys 22:44:31.0324 1116 AtiHDAudioService - ok 22:44:31.0339 1116 AtiHdmiService (36a49b49e982450ac117eda6ab35bdf5) C:\Windows\system32\drivers\AtiHdmi.sys 22:44:31.0355 1116 AtiHdmiService - ok 22:44:31.0683 1116 atikmdag (aeae5ecbeaa0107d36c0b94ef341abc7) C:\Windows\system32\DRIVERS\atikmdag.sys 22:44:31.0777 1116 atikmdag - ok 22:44:31.0917 1116 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys 22:44:31.0964 1116 atksgt - ok 22:44:31.0996 1116 AVG Anti-Rootkit (e8054a423e5d2bdae6062bab6da159c4) C:\Windows\system32\DRIVERS\avgarkt.sys 22:44:31.0996 1116 AVG Anti-Rootkit ( UnsignedFile.Multi.Generic ) - warning 22:44:31.0996 1116 AVG Anti-Rootkit - detected UnsignedFile.Multi.Generic (1) 22:44:32.0027 1116 AvgArCln (ec08d1625f5c6cf2a57b79eb35186f8c) C:\Windows\system32\DRIVERS\AvgArCln.sys 22:44:32.0027 1116 AvgArCln ( UnsignedFile.Multi.Generic ) - warning 22:44:32.0027 1116 AvgArCln - detected UnsignedFile.Multi.Generic (1) 22:44:32.0074 1116 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys 22:44:32.0089 1116 avmeject ( UnsignedFile.Multi.Generic ) - warning 22:44:32.0089 1116 avmeject - detected UnsignedFile.Multi.Generic (1) 22:44:32.0121 1116 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 22:44:32.0152 1116 b06bdrv - ok 22:44:32.0167 1116 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 22:44:32.0183 1116 b57nd60x - ok 22:44:32.0199 1116 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 22:44:32.0246 1116 Beep - ok 22:44:32.0261 1116 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 22:44:32.0277 1116 blbdrive - ok 22:44:32.0308 1116 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 22:44:32.0324 1116 bowser - ok 22:44:32.0355 1116 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 22:44:32.0371 1116 BrFiltLo - ok 22:44:32.0386 1116 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 22:44:32.0417 1116 BrFiltUp - ok 22:44:32.0433 1116 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 22:44:32.0449 1116 Brserid - ok 22:44:32.0464 1116 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 22:44:32.0496 1116 BrSerWdm - ok 22:44:32.0511 1116 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 22:44:32.0542 1116 BrUsbMdm - ok 22:44:32.0558 1116 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 22:44:32.0574 1116 BrUsbSer - ok 22:44:32.0589 1116 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 22:44:32.0605 1116 BTHMODEM - ok 22:44:32.0636 1116 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 22:44:32.0667 1116 cdfs - ok 22:44:32.0683 1116 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 22:44:32.0714 1116 cdrom - ok 22:44:32.0730 1116 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 22:44:32.0746 1116 circlass - ok 22:44:32.0777 1116 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 22:44:32.0792 1116 CLFS - ok 22:44:32.0824 1116 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 22:44:32.0824 1116 CmBatt - ok 22:44:32.0855 1116 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 22:44:32.0871 1116 cmdide - ok 22:44:32.0917 1116 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 22:44:32.0933 1116 CNG - ok 22:44:32.0964 1116 COMMONFX (ef44c32b1aef62380426b260bf2c66f1) C:\Windows\system32\drivers\COMMONFX.SYS 22:44:32.0980 1116 COMMONFX - ok 22:44:32.0980 1116 COMMONFX.DLL - ok 22:44:32.0996 1116 COMMONFX.SYS (ef44c32b1aef62380426b260bf2c66f1) C:\Windows\System32\drivers\COMMONFX.SYS 22:44:33.0011 1116 COMMONFX.SYS - ok 22:44:33.0011 1116 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 22:44:33.0027 1116 Compbatt - ok 22:44:33.0042 1116 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 22:44:33.0074 1116 CompositeBus - ok 22:44:33.0089 1116 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 22:44:33.0089 1116 crcdisk - ok 22:44:33.0136 1116 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 22:44:33.0152 1116 CSC - ok 22:44:33.0183 1116 CT20XUT.DLL (6191a973461852a09d643609e1d5f7c6) C:\Windows\system32\CT20XUT.DLL 22:44:33.0199 1116 CT20XUT.DLL ( UnsignedFile.Multi.Generic ) - warning 22:44:33.0199 1116 CT20XUT.DLL - detected UnsignedFile.Multi.Generic (1) 22:44:33.0230 1116 ctac32k (357c534b38019b597f51c8bf7186c118) C:\Windows\system32\drivers\ctac32k.sys 22:44:33.0246 1116 ctac32k - ok 22:44:33.0277 1116 ctaud2k (691f8259a1f9c983356d8db2cde8043c) C:\Windows\system32\drivers\ctaud2k.sys 22:44:33.0308 1116 ctaud2k - ok 22:44:33.0324 1116 CTAUDFX (7fc78aa6521ef3d9f16e51efab0bf13b) C:\Windows\system32\drivers\CTAUDFX.SYS 22:44:33.0355 1116 CTAUDFX - ok 22:44:33.0371 1116 CTAUDFX.DLL - ok 22:44:33.0386 1116 CTAUDFX.SYS (7fc78aa6521ef3d9f16e51efab0bf13b) C:\Windows\System32\drivers\CTAUDFX.SYS 22:44:33.0402 1116 CTAUDFX.SYS - ok 22:44:33.0433 1116 ctdvda2k (8545d70b0335a05498f34e7e3f8ca9a2) C:\Windows\system32\drivers\ctdvda2k.sys 22:44:33.0433 1116 ctdvda2k - ok 22:44:33.0449 1116 CTEAPSFX.DLL (6a57f82009563aee8826f117e1d3c72c) C:\Windows\system32\CTEAPSFX.DLL 22:44:33.0464 1116 CTEAPSFX.DLL ( UnsignedFile.Multi.Generic ) - warning 22:44:33.0464 1116 CTEAPSFX.DLL - detected UnsignedFile.Multi.Generic (1) 22:44:33.0480 1116 CTEDSPFX.DLL (c8ac1ffaeadd655193d7b1811a572d8d) C:\Windows\system32\CTEDSPFX.DLL 22:44:33.0511 1116 CTEDSPFX.DLL ( UnsignedFile.Multi.Generic ) - warning 22:44:33.0511 1116 CTEDSPFX.DLL - detected UnsignedFile.Multi.Generic (1) 22:44:33.0527 1116 CTEDSPIO.DLL (44495d9daf675257d00b25b041ee6667) C:\Windows\system32\CTEDSPIO.DLL 22:44:33.0542 1116 CTEDSPIO.DLL ( UnsignedFile.Multi.Generic ) - warning 22:44:33.0542 1116 CTEDSPIO.DLL - detected UnsignedFile.Multi.Generic (1) 22:44:33.0558 1116 CTEDSPSY.DLL (8e90b1762cb42e2fc76dac9210c83c66) C:\Windows\system32\CTEDSPSY.DLL 22:44:33.0574 1116 CTEDSPSY.DLL ( UnsignedFile.Multi.Generic ) - warning 22:44:33.0574 1116 CTEDSPSY.DLL - detected UnsignedFile.Multi.Generic (1) 22:44:33.0605 1116 CTERFXFX (16f448354067914e7deaea709011bd60) C:\Windows\system32\drivers\CTERFXFX.SYS 22:44:33.0605 1116 CTERFXFX - ok 22:44:33.0621 1116 CTERFXFX.DLL - ok 22:44:33.0636 1116 CTERFXFX.SYS (16f448354067914e7deaea709011bd60) C:\Windows\System32\drivers\CTERFXFX.SYS 22:44:33.0636 1116 CTERFXFX.SYS - ok 22:44:33.0683 1116 CTEXFIFX.DLL (2c48e9d8ca703964463f27ae341115b7) C:\Windows\system32\CTEXFIFX.DLL 22:44:33.0730 1116 CTEXFIFX.DLL ( UnsignedFile.Multi.Generic ) - warning 22:44:33.0730 1116 CTEXFIFX.DLL - detected UnsignedFile.Multi.Generic (1) 22:44:33.0746 1116 ctgame (b4f6b60feed3eb5f85be85e8fa4c0cc1) C:\Windows\system32\DRIVERS\ctgame.sys 22:44:33.0761 1116 ctgame - ok 22:44:33.0777 1116 CTHWIUT.DLL (f7657c598e7c29c6683c1e4a8dd68884) C:\Windows\system32\CTHWIUT.DLL 22:44:33.0792 1116 CTHWIUT.DLL ( UnsignedFile.Multi.Generic ) - warning 22:44:33.0792 1116 CTHWIUT.DLL - detected UnsignedFile.Multi.Generic (1) 22:44:33.0808 1116 ctprxy2k (4d71541283aea28fb839007be90b5fc7) C:\Windows\system32\drivers\ctprxy2k.sys 22:44:33.0808 1116 ctprxy2k - ok 22:44:33.0839 1116 CTSBLFX (64c83684661be137023f5186a612cf34) C:\Windows\system32\drivers\CTSBLFX.SYS 22:44:33.0855 1116 CTSBLFX - ok 22:44:33.0871 1116 CTSBLFX.DLL - ok 22:44:33.0886 1116 CTSBLFX.SYS (64c83684661be137023f5186a612cf34) C:\Windows\System32\drivers\CTSBLFX.SYS 22:44:33.0902 1116 CTSBLFX.SYS - ok 22:44:33.0917 1116 ctsfm2k (632194572ebde8d461728cf382a7e964) C:\Windows\system32\drivers\ctsfm2k.sys 22:44:33.0933 1116 ctsfm2k - ok 22:44:33.0949 1116 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 22:44:33.0980 1116 DfsC - ok 22:44:33.0996 1116 dgderdrv - ok 22:44:34.0011 1116 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 22:44:34.0042 1116 discache - ok 22:44:34.0058 1116 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 22:44:34.0074 1116 Disk - ok 22:44:34.0121 1116 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 22:44:34.0136 1116 drmkaud - ok 22:44:34.0183 1116 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 22:44:34.0214 1116 DXGKrnl - ok 22:44:34.0230 1116 EagleNT - ok 22:44:34.0246 1116 EagleXNt - ok 22:44:34.0339 1116 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 22:44:34.0433 1116 ebdrv - ok 22:44:34.0464 1116 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 22:44:34.0480 1116 elxstor - ok 22:44:34.0511 1116 emupia (bacd9cc06d7a787e529e7ebf56b671aa) C:\Windows\system32\drivers\emupia2k.sys 22:44:34.0527 1116 emupia - ok 22:44:34.0589 1116 epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\Windows\system32\epmntdrv.sys 22:44:34.0621 1116 epmntdrv ( UnsignedFile.Multi.Generic ) - warning 22:44:34.0621 1116 epmntdrv - detected UnsignedFile.Multi.Generic (1) 22:44:34.0636 1116 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 22:44:34.0652 1116 ErrDev - ok 22:44:34.0667 1116 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\Windows\system32\EuGdiDrv.sys 22:44:34.0683 1116 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning 22:44:34.0683 1116 EuGdiDrv - detected UnsignedFile.Multi.Generic (1) 22:44:34.0714 1116 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 22:44:34.0746 1116 exfat - ok 22:44:34.0761 1116 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 22:44:34.0792 1116 fastfat - ok 22:44:34.0824 1116 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 22:44:34.0839 1116 fdc - ok 22:44:34.0855 1116 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 22:44:34.0871 1116 FileInfo - ok 22:44:34.0886 1116 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 22:44:34.0917 1116 Filetrace - ok 22:44:34.0933 1116 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 22:44:34.0949 1116 flpydisk - ok 22:44:34.0964 1116 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 22:44:34.0980 1116 FltMgr - ok 22:44:35.0011 1116 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 22:44:35.0011 1116 FsDepends - ok 22:44:35.0058 1116 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS 22:44:35.0074 1116 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 22:44:35.0074 1116 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 22:44:35.0105 1116 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 22:44:35.0121 1116 Fs_Rec - ok 22:44:35.0136 1116 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 22:44:35.0152 1116 fvevol - ok 22:44:35.0183 1116 FWLANUSB (ff12fa487265da2ac7de4be53f72ff1a) C:\Windows\system32\DRIVERS\fwlanusb.sys 22:44:35.0199 1116 FWLANUSB - ok 22:44:35.0230 1116 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 22:44:35.0230 1116 gagp30kx - ok 22:44:35.0277 1116 ha10kx2k (70606233f3ed0e53cb3ea17f846d6a4f) C:\Windows\system32\drivers\ha10kx2k.sys 22:44:35.0308 1116 ha10kx2k - ok 22:44:35.0324 1116 hap16v2k (a0c69ad2a61e576b0207acdd9626e167) C:\Windows\system32\drivers\hap16v2k.sys 22:44:35.0339 1116 hap16v2k - ok 22:44:35.0355 1116 hap17v2k (2ee89452c574d259ada4fc9fc1c07243) C:\Windows\system32\drivers\hap17v2k.sys 22:44:35.0371 1116 hap17v2k - ok 22:44:35.0386 1116 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 22:44:35.0402 1116 hcw85cir - ok 22:44:35.0417 1116 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 22:44:35.0449 1116 HdAudAddService - ok 22:44:35.0464 1116 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 22:44:35.0480 1116 HDAudBus - ok 22:44:35.0496 1116 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 22:44:35.0527 1116 HidBatt - ok 22:44:35.0542 1116 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 22:44:35.0574 1116 HidBth - ok 22:44:35.0589 1116 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 22:44:35.0605 1116 HidIr - ok 22:44:35.0652 1116 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 22:44:35.0667 1116 HidUsb - ok 22:44:35.0714 1116 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 22:44:35.0714 1116 HpSAMD - ok 22:44:35.0761 1116 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 22:44:35.0792 1116 HTTP - ok 22:44:35.0808 1116 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 22:44:35.0824 1116 hwpolicy - ok 22:44:35.0855 1116 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 22:44:35.0871 1116 i8042prt - ok 22:44:35.0902 1116 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 22:44:35.0917 1116 iaStorV - ok 22:44:36.0308 1116 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys 22:44:36.0433 1116 igfx - ok 22:44:36.0480 1116 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 22:44:36.0496 1116 iirsp - ok 22:44:36.0542 1116 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 22:44:36.0542 1116 intelide - ok 22:44:36.0558 1116 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 22:44:36.0574 1116 intelppm - ok 22:44:36.0605 1116 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:44:36.0652 1116 IpFilterDriver - ok 22:44:36.0667 1116 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 22:44:36.0699 1116 IPMIDRV - ok 22:44:36.0714 1116 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 22:44:36.0730 1116 IPNAT - ok 22:44:36.0761 1116 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 22:44:36.0777 1116 IRENUM - ok 22:44:36.0792 1116 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 22:44:36.0808 1116 isapnp - ok 22:44:36.0824 1116 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 22:44:36.0855 1116 iScsiPrt - ok 22:44:36.0871 1116 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 22:44:36.0871 1116 kbdclass - ok 22:44:36.0917 1116 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 22:44:36.0933 1116 kbdhid - ok 22:44:36.0964 1116 KeyScrambler (8f1bb80d589affb9c5e9cd7544251b29) C:\Windows\system32\drivers\keyscrambler.sys 22:44:36.0980 1116 KeyScrambler - ok 22:44:37.0011 1116 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 22:44:37.0027 1116 KSecDD - ok 22:44:37.0058 1116 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 22:44:37.0074 1116 KSecPkg - ok 22:44:37.0105 1116 LgBttPort - ok 22:44:37.0121 1116 lgbusenum - ok 22:44:37.0136 1116 LGVMODEM - ok 22:44:37.0199 1116 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys 22:44:37.0199 1116 lirsgt - ok 22:44:37.0355 1116 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 22:44:37.0386 1116 lltdio - ok 22:44:37.0417 1116 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 22:44:37.0417 1116 LSI_FC - ok 22:44:37.0449 1116 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 22:44:37.0449 1116 LSI_SAS - ok 22:44:37.0480 1116 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 22:44:37.0496 1116 LSI_SAS2 - ok 22:44:37.0511 1116 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 22:44:37.0527 1116 LSI_SCSI - ok 22:44:37.0542 1116 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 22:44:37.0574 1116 luafv - ok 22:44:37.0621 1116 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys 22:44:37.0636 1116 MBAMSwissArmy - ok 22:44:37.0652 1116 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 22:44:37.0667 1116 megasas - ok 22:44:37.0683 1116 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 22:44:37.0699 1116 MegaSR - ok 22:44:37.0714 1116 MEMSWEEP2 - ok 22:44:37.0746 1116 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 22:44:37.0761 1116 Modem - ok 22:44:37.0792 1116 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 22:44:37.0808 1116 monitor - ok 22:44:37.0839 1116 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 22:44:37.0839 1116 mouclass - ok 22:44:37.0871 1116 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 22:44:37.0886 1116 mouhid - ok 22:44:37.0902 1116 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 22:44:37.0917 1116 mountmgr - ok 22:44:37.0949 1116 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 22:44:37.0964 1116 mpio - ok 22:44:37.0996 1116 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 22:44:38.0027 1116 mpsdrv - ok 22:44:38.0074 1116 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 22:44:38.0105 1116 MRxDAV - ok 22:44:38.0136 1116 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 22:44:38.0167 1116 mrxsmb - ok 22:44:38.0199 1116 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:44:38.0230 1116 mrxsmb10 - ok 22:44:38.0246 1116 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:44:38.0246 1116 mrxsmb20 - ok 22:44:38.0277 1116 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 22:44:38.0292 1116 msahci - ok 22:44:38.0308 1116 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 22:44:38.0324 1116 msdsm - ok 22:44:38.0339 1116 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 22:44:38.0371 1116 Msfs - ok 22:44:38.0386 1116 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 22:44:38.0417 1116 mshidkmdf - ok 22:44:38.0433 1116 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 22:44:38.0433 1116 msisadrv - ok 22:44:38.0464 1116 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 22:44:38.0511 1116 MSKSSRV - ok 22:44:38.0527 1116 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 22:44:38.0558 1116 MSPCLOCK - ok 22:44:38.0558 1116 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 22:44:38.0589 1116 MSPQM - ok 22:44:38.0621 1116 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 22:44:38.0636 1116 MsRPC - ok 22:44:38.0652 1116 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 22:44:38.0667 1116 mssmbios - ok 22:44:38.0683 1116 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 22:44:38.0714 1116 MSTEE - ok 22:44:38.0730 1116 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 22:44:38.0746 1116 MTConfig - ok 22:44:38.0792 1116 MTSBDA (283cd3e86f98a18eb0566df56d99fd90) C:\Windows\system32\Drivers\MtsBda.sys 22:44:38.0808 1116 MTSBDA - ok 22:44:38.0839 1116 MtsHID (cda98c3a905da0e5a773be412bb190b3) C:\Windows\system32\drivers\MtsHID.sys 22:44:38.0839 1116 MtsHID - ok 22:44:38.0855 1116 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 22:44:38.0871 1116 Mup - ok 22:44:38.0886 1116 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 22:44:38.0902 1116 NativeWifiP - ok 22:44:38.0949 1116 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 22:44:38.0980 1116 NDIS - ok 22:44:38.0996 1116 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 22:44:39.0027 1116 NdisCap - ok 22:44:39.0042 1116 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 22:44:39.0074 1116 NdisTapi - ok 22:44:39.0105 1116 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 22:44:39.0136 1116 Ndisuio - ok 22:44:39.0167 1116 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 22:44:39.0199 1116 NdisWan - ok 22:44:39.0230 1116 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 22:44:39.0261 1116 NDProxy - ok 22:44:39.0261 1116 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 22:44:39.0292 1116 NetBIOS - ok 22:44:39.0324 1116 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 22:44:39.0355 1116 NetBT - ok 22:44:39.0402 1116 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 22:44:39.0402 1116 nfrd960 - ok 22:44:39.0433 1116 nmwcdnsu - ok 22:44:39.0449 1116 nmwcdnsuc - ok 22:44:39.0464 1116 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 22:44:39.0480 1116 Npfs - ok 22:44:39.0496 1116 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 22:44:39.0542 1116 nsiproxy - ok 22:44:39.0589 1116 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 22:44:39.0636 1116 Ntfs - ok 22:44:39.0636 1116 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 22:44:39.0667 1116 Null - ok 22:44:40.0105 1116 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys 22:44:40.0355 1116 nvlddmkm - ok 22:44:40.0417 1116 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 22:44:40.0433 1116 nvraid - ok 22:44:40.0464 1116 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 22:44:40.0480 1116 nvstor - ok 22:44:40.0527 1116 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 22:44:40.0527 1116 nv_agp - ok 22:44:40.0558 1116 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 22:44:40.0574 1116 ohci1394 - ok 22:44:40.0605 1116 ossrv (ae896073e1bbf98fefc2ec52f62c0fba) C:\Windows\system32\drivers\ctoss2k.sys 22:44:40.0621 1116 ossrv - ok 22:44:40.0652 1116 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 22:44:40.0667 1116 Parport - ok 22:44:40.0699 1116 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 22:44:40.0714 1116 partmgr - ok 22:44:40.0730 1116 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 22:44:40.0746 1116 Parvdm - ok 22:44:40.0761 1116 pccsmcfd - ok 22:44:40.0777 1116 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 22:44:40.0792 1116 pci - ok 22:44:40.0824 1116 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 22:44:40.0839 1116 pciide - ok 22:44:40.0855 1116 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 22:44:40.0871 1116 pcmcia - ok 22:44:40.0886 1116 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 22:44:40.0902 1116 pcw - ok 22:44:40.0917 1116 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 22:44:40.0964 1116 PEAUTH - ok 22:44:41.0027 1116 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 22:44:41.0058 1116 PptpMiniport - ok 22:44:41.0089 1116 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 22:44:41.0105 1116 Processor - ok 22:44:41.0136 1116 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 22:44:41.0183 1116 Psched - ok 22:44:41.0230 1116 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 22:44:41.0277 1116 ql2300 - ok 22:44:41.0292 1116 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 22:44:41.0308 1116 ql40xx - ok 22:44:41.0339 1116 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 22:44:41.0355 1116 QWAVEdrv - ok 22:44:41.0371 1116 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 22:44:41.0402 1116 RasAcd - ok 22:44:41.0449 1116 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 22:44:41.0464 1116 RasAgileVpn - ok 22:44:41.0496 1116 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 22:44:41.0527 1116 Rasl2tp - ok 22:44:41.0542 1116 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 22:44:41.0574 1116 RasPppoe - ok 22:44:41.0589 1116 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 22:44:41.0621 1116 RasSstp - ok 22:44:41.0636 1116 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 22:44:41.0667 1116 rdbss - ok 22:44:41.0683 1116 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 22:44:41.0699 1116 rdpbus - ok 22:44:41.0714 1116 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 22:44:41.0746 1116 RDPCDD - ok 22:44:41.0777 1116 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 22:44:41.0808 1116 RDPDR - ok 22:44:41.0808 1116 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 22:44:41.0839 1116 RDPENCDD - ok 22:44:41.0855 1116 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 22:44:41.0871 1116 RDPREFMP - ok 22:44:41.0902 1116 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 22:44:41.0933 1116 RDPWD - ok 22:44:41.0964 1116 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 22:44:41.0980 1116 rdyboost - ok 22:44:42.0027 1116 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 22:44:42.0042 1116 rspndr - ok 22:44:42.0074 1116 RTL8167 (60647bfa2fef7f6d6fbbaf661312f2ce) C:\Windows\system32\DRIVERS\Rt86win7.sys 22:44:42.0089 1116 RTL8167 - ok 22:44:42.0121 1116 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 22:44:42.0136 1116 s3cap - ok 22:44:42.0183 1116 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 22:44:42.0199 1116 sbp2port - ok 22:44:42.0230 1116 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 22:44:42.0261 1116 scfilter - ok 22:44:42.0292 1116 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 22:44:42.0324 1116 secdrv - ok 22:44:42.0355 1116 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 22:44:42.0371 1116 Serenum - ok 22:44:42.0402 1116 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 22:44:42.0417 1116 Serial - ok 22:44:42.0449 1116 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 22:44:42.0449 1116 sermouse - ok 22:44:42.0496 1116 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 22:44:42.0527 1116 sffdisk - ok 22:44:42.0542 1116 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 22:44:42.0558 1116 sffp_mmc - ok 22:44:42.0574 1116 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 22:44:42.0605 1116 sffp_sd - ok 22:44:42.0621 1116 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 22:44:42.0636 1116 sfloppy - ok 22:44:42.0683 1116 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 22:44:42.0699 1116 sisagp - ok 22:44:42.0730 1116 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 22:44:42.0746 1116 SiSRaid2 - ok 22:44:42.0761 1116 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 22:44:42.0777 1116 SiSRaid4 - ok 22:44:42.0792 1116 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 22:44:42.0824 1116 Smb - ok 22:44:42.0871 1116 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 22:44:42.0871 1116 spldr - ok 22:44:42.0933 1116 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys 22:44:42.0949 1116 sptd - ok 22:44:42.0980 1116 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 22:44:42.0996 1116 srv - ok 22:44:43.0027 1116 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 22:44:43.0042 1116 srv2 - ok 22:44:43.0058 1116 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 22:44:43.0074 1116 srvnet - ok 22:44:43.0105 1116 ssadbus (6d83ff6722baf7e82a4521dbec363e5a) C:\Windows\system32\DRIVERS\ssadbus.sys 22:44:43.0105 1116 ssadbus - ok 22:44:43.0136 1116 ssadmdfl (5ae42e90f99749e0e35b9989a2d0275c) C:\Windows\system32\DRIVERS\ssadmdfl.sys 22:44:43.0152 1116 ssadmdfl - ok 22:44:43.0183 1116 ssadmdm (9285d8aba50a4d6482b1574448f9eb76) C:\Windows\system32\DRIVERS\ssadmdm.sys 22:44:43.0199 1116 ssadmdm - ok 22:44:43.0230 1116 ssadserd (8e6f645a098aa8e2e0947eee70dccb89) C:\Windows\system32\DRIVERS\ssadserd.sys 22:44:43.0230 1116 ssadserd - ok 22:44:43.0261 1116 sscdbus (ffe42941e0326c322f40b0b79a46493c) C:\Windows\system32\DRIVERS\sscdbus.sys 22:44:43.0277 1116 sscdbus - ok 22:44:43.0308 1116 sscdmdfl (a68e7d87adfbb8c50d88cd58230c6819) C:\Windows\system32\DRIVERS\sscdmdfl.sys 22:44:43.0324 1116 sscdmdfl - ok 22:44:43.0339 1116 sscdmdm (b534b24151281856ec2f69ed3d6d60dd) C:\Windows\system32\DRIVERS\sscdmdm.sys 22:44:43.0355 1116 sscdmdm - ok 22:44:43.0402 1116 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 22:44:43.0402 1116 stexstor - ok 22:44:43.0449 1116 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 22:44:43.0464 1116 storflt - ok 22:44:43.0496 1116 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 22:44:43.0496 1116 storvsc - ok 22:44:43.0527 1116 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 22:44:43.0527 1116 swenum - ok 22:44:43.0574 1116 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys 22:44:43.0589 1116 taphss - ok 22:44:43.0683 1116 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 22:44:43.0730 1116 Tcpip - ok 22:44:43.0746 1116 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 22:44:43.0777 1116 TCPIP6 - ok 22:44:43.0824 1116 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 22:44:43.0855 1116 tcpipreg - ok 22:44:43.0886 1116 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 22:44:43.0917 1116 TDPIPE - ok 22:44:43.0933 1116 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 22:44:43.0964 1116 TDTCP - ok 22:44:43.0996 1116 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 22:44:44.0042 1116 tdx - ok 22:44:44.0058 1116 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 22:44:44.0074 1116 TermDD - ok 22:44:44.0121 1116 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 22:44:44.0152 1116 tssecsrv - ok 22:44:44.0183 1116 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 22:44:44.0214 1116 TsUsbFlt - ok 22:44:44.0277 1116 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys 22:44:44.0277 1116 TuneUpUtilitiesDrv - ok 22:44:44.0308 1116 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 22:44:44.0339 1116 tunnel - ok 22:44:44.0386 1116 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 22:44:44.0386 1116 uagp35 - ok 22:44:44.0433 1116 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 22:44:44.0449 1116 udfs - ok 22:44:44.0496 1116 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 22:44:44.0511 1116 uliagpkx - ok 22:44:44.0558 1116 UltraMonUtility (5a5bd0f66e84eb039cb227520d49908c) C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys 22:44:44.0574 1116 UltraMonUtility - ok 22:44:44.0589 1116 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 22:44:44.0605 1116 umbus - ok 22:44:44.0621 1116 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 22:44:44.0636 1116 UmPass - ok 22:44:44.0667 1116 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys 22:44:44.0683 1116 USBAAPL ( UnsignedFile.Multi.Generic ) - warning 22:44:44.0683 1116 USBAAPL - detected UnsignedFile.Multi.Generic (1) 22:44:44.0699 1116 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 22:44:44.0730 1116 usbccgp - ok 22:44:44.0777 1116 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 22:44:44.0792 1116 usbcir - ok 22:44:44.0824 1116 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 22:44:44.0839 1116 usbehci - ok 22:44:44.0871 1116 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 22:44:44.0886 1116 usbhub - ok 22:44:44.0917 1116 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 22:44:44.0933 1116 usbohci - ok 22:44:44.0964 1116 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 22:44:44.0980 1116 usbprint - ok 22:44:45.0011 1116 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 22:44:45.0027 1116 usbscan - ok 22:44:45.0042 1116 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:44:45.0058 1116 USBSTOR - ok 22:44:45.0089 1116 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 22:44:45.0089 1116 usbuhci - ok 22:44:45.0121 1116 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys 22:44:45.0136 1116 usb_rndisx - ok 22:44:45.0183 1116 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 22:44:45.0199 1116 vdrvroot - ok 22:44:45.0214 1116 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 22:44:45.0246 1116 vga - ok 22:44:45.0261 1116 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 22:44:45.0292 1116 VgaSave - ok 22:44:45.0324 1116 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 22:44:45.0339 1116 vhdmp - ok 22:44:45.0355 1116 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 22:44:45.0371 1116 viaagp - ok 22:44:45.0386 1116 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 22:44:45.0417 1116 ViaC7 - ok 22:44:45.0449 1116 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 22:44:45.0449 1116 viaide - ok 22:44:45.0480 1116 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 22:44:45.0496 1116 vmbus - ok 22:44:45.0527 1116 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 22:44:45.0542 1116 VMBusHID - ok 22:44:45.0558 1116 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 22:44:45.0574 1116 volmgr - ok 22:44:45.0589 1116 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 22:44:45.0605 1116 volmgrx - ok 22:44:45.0621 1116 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 22:44:45.0636 1116 volsnap - ok 22:44:45.0667 1116 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 22:44:45.0667 1116 vsmraid - ok 22:44:45.0699 1116 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 22:44:45.0714 1116 vwifibus - ok 22:44:45.0746 1116 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 22:44:45.0761 1116 WacomPen - ok 22:44:45.0792 1116 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 22:44:45.0808 1116 WANARP - ok 22:44:45.0824 1116 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 22:44:45.0839 1116 Wanarpv6 - ok 22:44:45.0886 1116 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 22:44:45.0886 1116 Wd - ok 22:44:45.0917 1116 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 22:44:45.0980 1116 Wdf01000 - ok 22:44:46.0027 1116 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 22:44:46.0058 1116 WfpLwf - ok 22:44:46.0074 1116 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 22:44:46.0089 1116 WIMMount - ok 22:44:46.0152 1116 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 22:44:46.0167 1116 WinUsb - ok 22:44:46.0199 1116 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 22:44:46.0230 1116 WmiAcpi - ok 22:44:46.0277 1116 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 22:44:46.0308 1116 ws2ifsl - ok 22:44:46.0339 1116 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 22:44:46.0371 1116 WudfPf - ok 22:44:46.0402 1116 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 22:44:46.0417 1116 WUDFRd - ok 22:44:46.0480 1116 xnacc (ce0c846127d6abb1e2a22e59682b2527) C:\Windows\system32\DRIVERS\xnacc.sys 22:44:46.0496 1116 xnacc - ok 22:44:46.0527 1116 xusb21 (c26c68bcbac1f33f890c226769759209) C:\Windows\system32\DRIVERS\xusb21.sys 22:44:46.0542 1116 xusb21 - ok 22:44:46.0574 1116 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 22:44:46.0699 1116 \Device\Harddisk0\DR0 - ok 22:44:46.0699 1116 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 22:44:47.0167 1116 \Device\Harddisk1\DR1 - ok 22:44:47.0167 1116 Boot (0x1200) (b36aedb9d4bd7dac825d009431607386) \Device\Harddisk0\DR0\Partition0 22:44:47.0183 1116 \Device\Harddisk0\DR0\Partition0 - ok 22:44:47.0183 1116 Boot (0x1200) (0da61460d0d105ef27c8eed8e506f493) \Device\Harddisk0\DR0\Partition1 22:44:47.0199 1116 \Device\Harddisk0\DR0\Partition1 - ok 22:44:47.0214 1116 Boot (0x1200) (dbd985747f722415679b6fa4a47f8ee2) \Device\Harddisk0\DR0\Partition2 22:44:47.0246 1116 \Device\Harddisk0\DR0\Partition2 - ok 22:44:47.0246 1116 Boot (0x1200) (f9e0feea1b1231de92df66a92d87675b) \Device\Harddisk1\DR1\Partition0 22:44:47.0261 1116 \Device\Harddisk1\DR1\Partition0 - ok 22:44:47.0261 1116 ============================================================ 22:44:47.0261 1116 Scan finished 22:44:47.0261 1116 ============================================================ 22:44:47.0261 4032 Detected object count: 14 22:44:47.0261 4032 Actual detected object count: 14 22:45:10.0917 4032 AVG Anti-Rootkit ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0917 4032 AVG Anti-Rootkit ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0917 4032 AvgArCln ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0917 4032 AvgArCln ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0917 4032 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0917 4032 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0917 4032 CT20XUT.DLL ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0917 4032 CT20XUT.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0917 4032 CTEAPSFX.DLL ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0917 4032 CTEAPSFX.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 CTEDSPFX.DLL ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 CTEDSPFX.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 CTEDSPIO.DLL ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 CTEDSPIO.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 CTEDSPSY.DLL ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 CTEDSPSY.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 CTEXFIFX.DLL ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 CTEXFIFX.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 CTHWIUT.DLL ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 CTHWIUT.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:45:10.0933 4032 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user 22:45:10.0933 4032 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip |
Themen zu Avast Meldung beim Hochfahren "LicenseValidator.exe" . Neue Programme installiert? |
adobe, antivirus, audiograbber, avast, avg, converter, defender, device driver, downloader, explorer, firefox, google earth, helper, hängen, meldung beim hochfahren, mozilla, mp3, nvidia, nvidia update, pdf, plug-in, realtek, security, software, stick, svchost.exe, system, temp, tracker, updates, usb, windows |