Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 22.03.2012, 11:23   #1
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



Ich habe mir heute einen Trojaner eingefangen der die im Thema genannte Meldung bringt und mich auffordert ein kostenpflichtiges Update herunterzuladen.ich weiß das viele Nutzer hier dasselbe Problem haben aber es wird ja empfohlen nicht einfach die Schritte von anderen Threads zu wiederholen

Bin jetzt über mein 2. Benutzerkonto reingegangen im 1. geht garnixmehr ohne die 50€ zu bezahlen! Habe mir (da es ja egtl immer als erster schritt empfohlen wird) malewarebytes heruntergeladen und einen vollständigen scan gestartet

Windwos 7, 64 Bit System

vielen dank schonmal im vorraus

Alt 22.03.2012, 12:20   #2
markusg
/// Malware-holic
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



hi
malwarebytes abbrechen.
neustarten, f8 drücken abgesicherter modus mit netzwerk wählen, im betroffenen konto anmelden, internet verbindung herstellen.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 22.03.2012, 13:11   #3
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



hier die extra.txt

Code:
ATTFilter
OTL Extras logfile created on: 22.03.2012 12:50:32 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\pip\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 3,14 Gb Available Physical Memory | 81,36% Memory free
7,73 Gb Paging File | 7,10 Gb Available in Paging File | 91,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,97 Gb Total Space | 74,12 Gb Free Space | 16,36% Space Free | Partition Type: NTFS
Drive D: | 7,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PIP | User Name: pip | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0D98B285-0777-B3B7-7A3D-9C85422203B9}" = ccc-utility64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{418A8D89-B9AA-B872-5927-3D1A052CEAA8}" = AMD Media Foundation Decoders
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{45CB0703-D49C-31B2-0DBD-FDD98D7DEF7A}" = AMD Drag and Drop Transcoding
"{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}" = GEAR driver installer for AMD64 and Intel EM64T
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{709BE6E5-DE39-4E2F-9B9B-8DE299519495}" = Windows Live MIME IFilter
"{76C32FF0-2957-4F56-8B5D-F62E3FB6B609}" = Windows Live ID Sign-in Assistant
"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8924F1FE-8AC5-C2AE-59EF-C5D65B226933}" = AMD Catalyst Install Manager
"{8B963746-228D-35B2-BAFC-EFB79B4DF053}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}" = Broadcom Gigabit NetLink Controller
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E4E8CCFD-621C-E05A-47FB-AB96E4F5CB50}" = ATI AVIVO64 Codecs
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"C-Media CM106 Like Sound Driver" = MEDUSA NX USB 5.1 Gaming Headset
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{035C76D2-7D8E-484D-8CA3-686C0B474A2B}" = MSVCRT
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06870F63-4D1C-171F-9552-368D3890D92F}" = CCC Help French
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0ADF1B89-17EA-489C-86DF-6E33DA8520A6}_is1" = flatster
"{0B3689FB-8AF1-7C0E-58AF-C9B7CDC0D3AE}" = CCC Help Czech
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{11728A17-412A-4A08-91C4-ACD8ADEDCE82}" = Angry Birds
"{1178262C-BA31-9A27-8507-0143DD55BCDD}" = CCC Help Hungarian
"{11EFF057-8ED2-4321-A19D-D673DECB36CC}" = Junk Mail filter update
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14CE04AF-0EBC-B865-382F-1FB466CAC301}" = CCC Help English
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.7
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1DBC5882-96E2-3A01-A32C-9B6F6EF6CF25}" = CCC Help Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F36B20F-7408-EC75-2825-E9FE81B0339D}" = CCC Help Norwegian
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{224935E4-2014-4B22-95DC-2CCF5428B4BF}" = Windows Live Writer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.2
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{250DA7DE-37D3-ED70-90D6-90B99EE0D110}" = CCC Help Turkish
"{2578D94A-A88A-4643-9DAA-F0A5E981EB04}" = Windows Live Messenger
"{2607FE6B-1D61-46E5-A544-54666B0EF908}" = Windows Live Mail
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2E32576B-75F7-2D13-4809-FF14DA271930}" = CCC Help Dutch
"{30DAAF05-3679-C10C-953C-BB422FCDF557}" = CCC Help Swedish
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{32E2F180-247C-4077-B06A-20F9868568E0}_is1" = UltraMixer 2.4.2
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{33E5C80C-8D37-541E-74A6-51D527336A31}" = CCC Help Portuguese
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{34A0FF07-F11A-4157-84A3-92F8AD688CBF}" = Vodafone Mobile Broadband via the phone
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E0D0742-45BF-4438-8CE2-1AAADE878DBD}" = Vodafone Mobile Broadband via the phone
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{428536FB-25A0-8531-75EF-D7A7C340B0A4}" = Catalyst Control Center
"{43BB11DF-96BE-011A-46C4-338B7432E278}" = CCC Help English
"{43D494C7-3F5B-BD67-7C09-323725A7DBA0}" = CCC Help Korean
"{46BAF2A0-3789-4E49-B000-4BB64426D1BF}" = Windows Live Installer
"{46C106C9-3856-4A6A-AAC8-7070FBA02D2F}" = Windows Live Movie Maker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BA6B7C9-65AE-BE8B-687A-6F1A2D7F9705}" = CCC Help Czech
"{4C8E1E1B-175F-AF47-8B21-E12C7C8B5D40}" = CCC Help Thai
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D565319-8B91-41CB-961C-0DDC86101AC5}" = Dragon Age II
"{4EAF46A2-DB90-6B67-F640-5CC876A2B5C4}" = CCC Help Greek
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.1.0.0
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52CDDA92-56B6-4BA5-BD8D-E13B186008CB}" = D3DX10
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57D89CD5-09D1-6775-5D28-FBF8E62D5906}" = CCC Help Danish
"{584E5DA5-F6A4-90EA-C9D6-9D36638055A6}" = CCC Help Norwegian
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{59569A68-C301-4EDD-2DEC-A555851AEE5E}" = Catalyst Control Center Localization All
"{5A2F371F-8B5D-46B4-833C-0612B065BEC7}" = GameShadow
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}" = msxml4
"{5D5B8455-50E0-F94A-4C82-0F9303BB4C0E}" = CCC Help Danish
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61E7F654-7D99-4C69-94D8-DF53E297AF9B}" = Windows Live Photo Common
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{6416B002-B022-4350-BFFB-9CA95D0857A8}_is1" = flatster Recorder
"{6510C671-1D30-7669-18A8-2F13DC818E4B}" = CCC Help Greek
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6592C2B8-949A-4C88-BCB9-0990A218B215}" = Windows Live UX Platform
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528D}" = Command & Conquer Die ersten 10 Jahre
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6917F87D-921D-4EFA-9AA5-8CDEA9E28520}" = MSVCRT_amd64
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B0AE911-A3F4-4D55-9CA7-C76DC2BCEA86}" = Windows Live UX Platform Language Pack
"{6D863265-A79F-9214-9F2A-C4D1FC8FDFF6}" = ccc-core-static
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"{74B0BEB0-2EB3-448F-B8E9-40983BC902E1}" = Windows Live SOXE Definitions
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{76DC93F5-9C94-79F6-B39F-11055EF7A582}" = CCC Help Thai
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7765BB73-D985-42C9-C7EE-AB434D59429F}" = CCC Help Chinese Traditional
"{78225D0F-D12C-09E4-5D6D-A64D763E8982}" = BBC iPlayer Desktop
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7ADFB885-8E98-6AAE-8687-D6EFB5127F6B}" = Catalyst Control Center Graphics Previews Common
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7BEB1F41-755A-C8CB-45B0-C5DEBEA241C9}" = CCC Help Chinese Traditional
"{7EFA8362-CE86-46E7-BEB9-B2DB4F0D0EE6}" = Windows Live Photo Gallery Beta
"{7F5DD739-DB41-DA6A-9912-89C04E20C130}" = CCC Help Finnish
"{7F7C616E-6971-77D9-7D59-82DC35DF81AC}" = CCC Help Russian
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{830ECBA3-2D98-2174-93A4-DDF90A2C41D5}" = Catalyst Control Center Core Implementation
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BC206C-98A5-4CF3-B884-2B58CD4AB951}" = Windows Live Writer
"{8496B9A5-F260-4DF0-BCB3-4BA59FDC10BB}" = MOUSE Editor
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D0DF06F-6AC2-D9C3-B29F-810CB9E836D8}" = CCC Help Swedish
"{8DFE0123-0723-165C-29CF-28409D8E462C}" = CCC Help French
"{8E74FC72-018A-4EC5-86AA-D8021309D484}" = Windows Live Messenger
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{901AB58E-FB3C-1F64-7795-5BE7F7DB66A6}" = CCC Help Russian
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91803386-4FBD-4C38-9644-26B0F9464031}" = Windows Live Photo Gallery
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FA5B08F-9162-BCCB-AFAC-28DF1751BEC3}" = Catalyst Control Center Localization All
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1683CA7-4850-4A21-982B-C6D853C79AF7}" = Mass Effect™ 3 Demo
"{A18B2647-60E3-0A6E-AF17-2FD9DF46DC41}" = CCC Help Italian
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.4 MUI
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{AF859F36-5F97-F6EC-A617-62771A8B4FDC}" = CCC Help Finnish
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B0559ABA-D32C-55AD-5943-3E8BF9E6D749}" = Catalyst Control Center Graphics Full New
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1AC5371-C952-99DC-1C0C-2C0BE8A0F1F8}" = CCC Help Chinese Standard
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3B2E45F-A0FC-47C6-B399-72D9D8482C8A}" = Visual Basic for Applications (R) Core - German
"{B5BD2B33-FDB8-4DE5-87B3-2810CAF4A6E4}" = Windows Live PIMT Platform
"{B7F9F9C6-8F06-2E00-63E2-DC8F1E73EE54}" = CCC Help Polish
"{BB095F3E-0A7D-7DD4-B2A8-47CB12E416B0}" = CCC Help Japanese
"{BC71B06F-BFAE-6A73-091C-F18ACF00A04C}" = CCC Help Italian
"{BDCBA80C-A3BD-9DA5-E43F-EBBBE779C032}" = CCC Help Hungarian
"{BFB0B026-99E7-4D9D-A80B-CC39A9DE775B}" = Samsung Theme Designer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2687C43-507E-4D4B-A30A-3C836C756226}" = Windows Live Mail
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C3E67109-58DF-1C4A-BB9A-14BEC5787BFC}" = Catalyst Control Center Graphics Full Existing
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CBB0ABFA-4668-4172-952D-2CEF5C14F4D2}" = Command & Conquer™ Die ersten 10 Jahre-Patch
"{CBB0ABFB-4668-4172-952D-2CEF5C14F4D2}" = Command & Conquer™ Die ersten 10 Jahre-Patch 1.02
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CE4120DD-97B3-78AD-2535-00031F6ED246}" = Catalyst Control Center Graphics Light
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CEEA6219-8792-3E40-D361-4FB5F0FBBB0F}" = CCC Help Portuguese
"{CF053286-7F4C-CAFB-616B-58EC562BB28E}" = CCC Help Chinese Standard
"{D07BB56A-7DB4-4564-A1F9-EBCE75FBE3C6}" = Catalyst Control Center InstallProxy
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3689EED-3943-9E90-1D65-D2246EB58AD1}" = CCC Help Turkish
"{D4790ACB-4BB4-4FE6-9F64-1D4486C8E40C}" = Windows Live Photo Common Beta
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D6B6F7CB-6807-41E1-B393-375A4508892C}" = Band2PlaySetup
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D943C8AC-9E03-4C2D-B54C-A28ABE931665}" = Windows Live Movie Maker
"{DAD9BED2-5833-4EA2-57EC-550F94F8588B}" = Catalyst Control Center Graphics Previews Vista
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DBA5EE42-A143-A658-9F86-C611BFDBEFCA}" = CCC Help Dutch
"{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}" = Command & Conquer™ Alarmstufe Rot 3 Der Aufstand
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E24DFAA7-9495-4F7D-BB9E-211C2D0A76E5}" = Windows Live Writer Resources
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48F1CB2-4D52-B847-5442-7C3897983BBD}" = CCC Help Spanish
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EACF374B-9D4C-4A07-8EB3-706BD8DAA650}" = Windows Live Essentials Beta
"{EAF0F475-CFE2-9F4D-F26A-875FF09AD40E}" = CCC Help Spanish
"{EB646CCD-FA56-CEC6-A91A-C18EF9D5C3B5}" = CCC Help German
"{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1" = VshareComplete
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE338AB8-4E85-4C04-AC07-1357A266DD35}" = Windows Live Writer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EFBE9DAB-9C80-4911-847B-2A2C25E8F9CB}" = Windows Live SOXE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F1F1CCD6-34FE-81C6-CE0C-F22695E6409F}" = CCC Help German
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F6B7BF58-36D0-A76E-53E2-F65DBD4A6A52}" = Catalyst Control Center InstallProxy
"{F71A71E1-285C-95CE-A8F7-231E3827138E}" = CCC Help Polish
"{F916C6DF-2601-4385-9500-C45FF398D4CB}" = Install(GE)
"{FA5D1C9E-154D-49B1-8CF0-DF5FAB6171EA}" = Windows Live Communications Platform
"{FACE7F75-E485-06CA-01AA-C1633F43667F}" = CCC Help Japanese
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ABC Amber Audio Converter" = ABC Amber Audio Converter
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Akamai" = Akamai NetSession Interface Service
"Alcatech BPM Studio Professional v4.9.1" = Alcatech BPM Studio Professional v4.9.1
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Photo Commander 6_is1" = Ashampoo Photo Commander 6.50
"asktoolbar4" = AskToolbar
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"AVS Audio Editor_is1" = AVS Audio Editor version 6.1
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS YouTube Uploader 2.1_is1" = AVS YouTube Uploader version 2.1
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BabylonToolbar" = Babylon toolbar on IE
"Battlelog Web Plugins" = Battlelog Web Plugins
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"CanonMyPrinter" = Canon Utilities My Printer
"CloneDVD2" = CloneDVD2
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"DAEMON Tools Lite" = DAEMON Tools Lite
"DigiJay_is1" = DigiJay 1.100
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fake Webcam_is1" = Fake Webcam 6.1.3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Audio Dub_is1" = Free Audio Dub version 1.7
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"Free YouTube Download_is1" = Free YouTube Download version 3.0.815
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Freez FLV to MP3 Converter v1.5_is1" = Freez FLV to MP3 Converter
"Generic USB 106 Sound" = SL-8795 Headset
"Gitarrero Demo_is1" = Gitarrero Beginner 1.3 Demo
"GridVista" = Acer GridVista
"Handbrake" = Handbrake 0.9.4
"Heroes of Might and Magic IV" = Heroes of Might and Magic® IV
"Hogs Of War" = Frontschweine
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8496B9A5-F260-4DF0-BCB3-4BA59FDC10BB}" = Mouse Editor
"InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"IsoBuster_is1" = IsoBuster 2.7
"LManager" = Launch Manager
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.4.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mixxx" = Mixxx 1.7.2
"Mixxx (1.8.0~beta2)" = Mixxx 1.8.0~beta2 (64-bit)
"mmssetup_is1" = MixMeister Studio Demo 7.1.1
"Motherboard Monitor 5_is1" = Motherboard Monitor 5
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Nimbuzz" = Nimbuzz 1.3.0
"NSS" = Norton Security Scan
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Opera 11.61.1250" = Opera 11.61
"Origin" = Origin
"Phoner_is1" = Phoner 2.48
"PunkBusterSvc" = PunkBuster Services
"ShoppingReport2" = ShopperReports
"SopCast" = SopCast 3.5.0
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 20920" = The Witcher 2
"Steam App 22300" = Fallout 3
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42720" = Call of Duty Black Ops - Remote Console
"Steam App 57940" = Duke Nukem Forever Demo
"Steam App 6020" = Star Wars Jedi Knight: Jedi Academy
"Steam App 6060" = Star Wars - Battlefront II
"Steam App 620" = Portal 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TomTom HOME" = TomTom HOME 2.7.4.1962
"Trojan Remover_is1" = Trojan Remover 6.8.2
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"vShare.tv plugin" = vShare.tv plugin 1.3
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials Beta
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"Zattoo4" = Zattoo4 4.0.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"Akamai" = Akamai NetSession Interface
"Alarm Clock" = Alarm Clock
"MyFreeCodec" = MyFreeCodec
"QIP 2010" = QIP 2010 3.1.4798
"Unite Media Player" = Unite Media Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
__________________

Alt 22.03.2012, 13:12   #4
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



und hier die OTL.txt

Code:
ATTFilter
OTL logfile created on: 22.03.2012 12:50:32 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\pip\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 3,14 Gb Available Physical Memory | 81,36% Memory free
7,73 Gb Paging File | 7,10 Gb Available in Paging File | 91,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,97 Gb Total Space | 74,12 Gb Free Space | 16,36% Space Free | Partition Type: NTFS
Drive D: | 7,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PIP | User Name: pip | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.03.22 12:39:31 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\pip\Desktop\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.12.06 04:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.12.21 10:44:06 | 000,535,552 | ---- | M] (CSR, plc) [Auto | Stopped] -- C:\Windows\SysNative\HFGService.dll -- (HFGService)
SRV - [2012.03.22 10:36:48 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.02.17 12:50:56 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.02.10 02:08:55 | 003,340,064 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.16 15:26:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2011.12.16 15:26:22 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.04.27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.05.26 12:37:18 | 002,290,048 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.05.07 13:36:10 | 000,092,008 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.03.25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010.02.24 14:59:06 | 000,233,472 | ---- | M] (Vodafone Group) [Auto | Stopped] -- C:\Program Files (x86)\Vodafone\Via The Phone\VodafoneConnectorService.exe -- (VodafoneConnectorService)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.11.02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2009.10.01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.30 14:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.09.25 00:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.09.11 06:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Stopped] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009.03.28 03:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Stopped] -- C:\Programme\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.12.08 05:22:38 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV:64bit: - [2011.12.08 05:22:38 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2011.12.08 05:22:38 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011.12.06 04:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.12.06 04:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.06 03:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.12.05 20:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.11.03 17:43:14 | 000,526,392 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.04.27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.07.26 14:18:58 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010.07.26 14:15:26 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.04.16 07:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009.12.21 10:43:36 | 000,052,224 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV:64bit: - [2009.12.21 10:43:00 | 000,078,848 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthav.sys -- (csr_a2dp)
DRV:64bit: - [2009.12.17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.11.06 21:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.10.26 21:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.10.01 18:04:54 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CM10664.sys -- (USBMULCD)
DRV:64bit: - [2009.09.18 05:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.13 20:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.08.13 08:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009.08.06 13:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.07.22 23:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.25 03:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2010.07.26 14:15:26 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.11.12 19:29:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/01/26 04:45:26] [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004.04.10 09:43:54 | 000,004,608 | ---- | M] (cansoft@livewiredev.com) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\mbmiodrvr.sys -- (mbmiodrvr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360210h516l0438z175t6481d362
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360210h516l0438z175t6481d362
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=1&cf=ed1c7afe-1901-11e1-97e2-00262d847a8d
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=ed1c7afe-1901-11e1-97e2-00262d847a8d&q={searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/?query={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://eu.ask.com/web?l=dis&o=APN10234&gct=hp&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A8B&apn_uid=7534730011854034&p2=^A8B^YYYYYY^YY^DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {3cb073f3-be3c-4e8f-942d-8a747b54486f} - C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=ed1c7afe-1901-11e1-97e2-00262d847a8d&q={searchTerms}
IE - HKCU\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = hxxp://www.basicscan.com/?prt=BscscnPB&keywords={searchTerms}
IE - HKCU\..\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}: "URL" = hxxp://www.questscan.com/?prt=QstscanPB&keywords={searchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368DE368
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/?query={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = hxxp://eu.ask.com/web?l=dis&o=APN10234&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A8B&apn_uid=7534730011854034&p2=^A8B^YYYYYY^YY^DE&q={searchTerms}
IE - HKCU\..\SearchScopes\{FAF9C356-F03B-4433-B1FE-701979015C41}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100632&mntrId=bc18538a00000000000000158315a310
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://vshare.toolbarhome.com/?hp=df"
FF - prefs.js..extensions.enabledItems: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {F0E1168A-B4B5-484C-B77E-0D28E6B64096}:1.0
FF - prefs.js..extensions.enabledItems: HBLite@HBLite.com:11.0.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.backup.ftp: "81.19.212.64"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "81.19.212.64"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "81.19.212.64"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "81.19.212.64"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "81.140.160.26"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "81.140.160.26"
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "81.140.160.26"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "81.140.160.26"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "81.140.160.26"
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.3.2804.0607: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.08.09 09:23:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions [2011.11.20 12:02:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.22 12:46:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.02.01 18:44:54 | 000,000,000 | ---D | M]
 
[2010.06.22 18:29:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pip\AppData\Roaming\mozilla\Extensions
[2010.06.22 18:29:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pip\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.03.13 21:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions
[2011.11.27 15:13:49 | 000,000,000 | ---D | M] (VshareComplete - Speed up your search with your personal search suggestions tool) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403}
[2012.03.13 21:02:55 | 000,000,000 | ---D | M] (AskToolbar) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\{3cb073f3-be3c-4e8f-942d-8a747b54486f}
[2011.01.09 18:05:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2012.02.16 16:27:55 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.08 23:31:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.27 13:57:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.04.14 19:50:29 | 000,000,000 | ---D | M] (Fox!Box) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}
[2011.04.14 19:50:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\engine@conduit.com
[2012.01.27 22:10:40 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\ffxtlbr@babylon.com
[2011.04.27 20:21:14 | 000,000,000 | ---D | M] (vShare) -- C:\Users\pip\AppData\Roaming\mozilla\Firefox\Profiles\22rm6ywu.default\extensions\vshare@toolbar
[2010.09.17 21:08:02 | 000,000,873 | ---- | M] () -- C:\Users\pip\AppData\Roaming\Mozilla\Firefox\Profiles\22rm6ywu.default\searchplugins\conduit.xml
[2011.07.11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\pip\AppData\Roaming\Mozilla\Firefox\Profiles\22rm6ywu.default\searchplugins\startsear.xml
[2012.01.21 18:20:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.11.20 12:00:16 | 000,000,000 | ---D | M] (BasicScan) -- C:\Program Files (x86)\mozilla firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
[2011.06.10 15:13:38 | 000,000,000 | ---D | M] (QuestScan) -- C:\Program Files (x86)\mozilla firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}
[2012.03.22 12:46:52 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.09 21:27:21 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.02.23 13:26:07 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 21:03:13 | 000,002,274 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ask.xml
[2011.11.20 12:04:18 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.02.23 13:26:07 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.23 13:26:07 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.23 13:26:07 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.23 13:26:07 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.23 13:26:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (VshareComplete) - {08337871-0e50-4031-9110-3bd21ca3c065} - C:\Users\pip\AppData\Roaming\VshareComplete\64\VshareComplete64.dll (SimplyGen)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AskToolbar) - {3cb073f3-be3c-4e8f-942d-8a747b54486f} - C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll (Ask.com)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AskToolbar) - {3cb073f3-be3c-4e8f-942d-8a747b54486f} - C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll (Ask.com)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\pip\AppData\Local\Akamai\netsession_win.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [flatster Recorder] C:\Program Files (x86)\flatster Recorder\flatster Recorder.exe (Euro-Driver Peter Busch)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [OscarEditor] C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe ()
O4 - HKCU..\Run: [SkypePM] C:\Users\pip\AppData\Local\Skype\SkypePM.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\pip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\pip\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\pip\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\pip\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\pip\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1B6E627-0749-4A1F-AEB4-23B8B09468D1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{223bb140-063b-11e1-95a0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{223bb140-063b-11e1-95a0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\feprog.exe
O33 - MountPoints2\{461022e3-2e8e-11df-9009-00262d847a8d}\Shell - "" = AutoRun
O33 - MountPoints2\{461022e3-2e8e-11df-9009-00262d847a8d}\Shell\AutoRun\command - "" = E:\Support\AutoRun\AutoRun.exe
O33 - MountPoints2\{95c46fab-6e7e-11e0-b73a-00158315a310}\Shell - "" = AutoRun
O33 - MountPoints2\{95c46fab-6e7e-11e0-b73a-00158315a310}\Shell\AutoRun\command - "" = F:\VTP_Manager.exe
O33 - MountPoints2\{cc23c827-2612-11df-a4ab-00262d847a8d}\Shell - "" = AutoRun
O33 - MountPoints2\{cc23c827-2612-11df-a4ab-00262d847a8d}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
MsConfig:64bit - StartUpFolder: C:^Users^pip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk - C:\PROGRA~2\BBCIPL~1\BBCIPL~1.EXE - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: CanonMyPrinter - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig:64bit - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: EA Core - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: EADM - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: EgisTecLiveUpdate - hkey= - key= - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
MsConfig:64bit - StartUpReg: flatster Recorder - hkey= - key= - C:\Program Files (x86)\flatster Recorder\flatster Recorder.exe (Euro-Driver Peter Busch)
MsConfig:64bit - StartUpReg: Infium - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: KiesHelper - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
MsConfig:64bit - StartUpReg: KiesPDLR - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig:64bit - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: mwlDaemon - hkey= - key= - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
MsConfig:64bit - StartUpReg: Nimbuzz - hkey= - key= - C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe ()
MsConfig:64bit - StartUpReg: NortonOnlineBackupReminder - hkey= - key= - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
MsConfig:64bit - StartUpReg: PLFSetI - hkey= - key= - C:\Windows\PLFSetI.exe ()
MsConfig:64bit - StartUpReg: QIP Internet Guardian - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Realtime Audio Engine - hkey= - key= - C:\Windows\SysWow64\mmrtkrnl.exe (AlcaTech)
MsConfig:64bit - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
MsConfig:64bit - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig:64bit - StartUpReg: Xvid - hkey= - key= - C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.22 12:39:28 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\pip\Desktop\OTL.exe
[2012.03.22 11:02:29 | 000,000,000 | ---D | C] -- C:\Users\pip\AppData\Roaming\Malwarebytes
[2012.03.22 11:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.22 11:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.22 11:01:58 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.22 11:01:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.15 18:04:01 | 000,000,000 | ---D | C] -- C:\Users\pip\Desktop\Uninvited
[2012.03.13 21:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
[2012.03.13 21:03:14 | 000,000,000 | ---D | C] -- C:\Users\pip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
[2012.03.13 21:03:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2012.03.13 21:03:12 | 000,000,000 | ---D | C] -- C:\Users\pip\AppData\Roaming\Ask.com
[2012.03.13 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\asktoolbar4
[2012.03.08 23:23:55 | 156,330,320 | ---- | C] (Online Media Technologies Ltd.                              ) -- C:\Users\pip\Desktop\AVSVideoEditor.exe
[2012.03.08 13:14:55 | 000,000,000 | ---D | C] -- C:\Users\pip\Desktop\vapiano
[2012.03.07 23:48:44 | 000,000,000 | ---D | C] -- C:\Users\pip\Desktop\rar
[2012.03.07 23:12:07 | 000,000,000 | ---D | C] -- C:\Users\pip\Documents\House_of_Soteria
[2012.03.06 14:46:41 | 000,000,000 | ---D | C] -- C:\Users\pip\Documents\The Witcher
[2012.03.06 14:46:41 | 000,000,000 | ---D | C] -- C:\Users\pip\AppData\Local\The Witcher
[2012.03.06 13:56:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witcher Enhanced Edition
[2012.03.06 13:55:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The Witcher
[2012.03.06 09:43:40 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012.02.24 13:25:14 | 000,000,000 | ---D | C] -- C:\Users\pip\Documents\434402793 Fidy
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\pip\Documents\*.tmp files -> C:\Users\pip\Documents\*.tmp -> ]
[1 C:\Users\pip\Desktop\*.tmp files -> C:\Users\pip\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.22 12:42:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.22 12:42:19 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.22 12:39:31 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\pip\Desktop\OTL.exe
[2012.03.22 12:23:23 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.22 11:02:05 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.22 10:54:43 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.22 10:50:41 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 10:50:41 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.21 18:08:38 | 000,000,444 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for pip.job
[2012.03.19 22:20:53 | 000,067,734 | ---- | M] () -- C:\Users\pip\Desktop\lastn.jpg
[2012.03.19 22:19:39 | 000,016,367 | ---- | M] () -- C:\Users\pip\Desktop\421830_364541343578256_364527963579594_1185713_168909779_n.jpg
[2012.03.19 22:17:11 | 000,064,466 | ---- | M] () -- C:\Users\pip\Desktop\425507_364541230244934_364527963579594_1185708_1841631488_n.jpg
[2012.03.14 03:32:55 | 000,367,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.14 03:03:47 | 001,527,262 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.14 03:03:47 | 000,656,500 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.14 03:03:47 | 000,618,342 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.14 03:03:47 | 000,131,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.14 03:03:47 | 000,107,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.13 21:03:16 | 000,000,999 | ---- | M] () -- C:\Users\pip\Desktop\SopCast.lnk
[2012.03.08 23:39:37 | 000,001,301 | ---- | M] () -- C:\Users\pip\Desktop\AVS4YOU Software Navigator.lnk
[2012.03.08 23:37:55 | 000,001,216 | ---- | M] () -- C:\Users\pip\Desktop\AVS Video Editor.lnk
[2012.03.08 23:25:38 | 156,330,320 | ---- | M] (Online Media Technologies Ltd.                              ) -- C:\Users\pip\Desktop\AVSVideoEditor.exe
[2012.03.08 18:21:07 | 000,036,892 | ---- | M] () -- C:\Windows\SysWow64\bassmod.dll
[2012.03.08 18:16:24 | 002,579,612 | ---- | M] () -- C:\Users\pip\Desktop\dragon_age_ii_v1.0___17_trainer.zip
[2012.03.08 12:45:51 | 000,502,731 | ---- | M] () -- C:\Users\pip\Desktop\back_white.png
[2012.03.08 12:44:08 | 001,312,940 | ---- | M] () -- C:\Users\pip\Desktop\front_white.png
[2012.03.08 00:00:51 | 016,990,874 | ---- | M] () -- C:\Users\pip\Desktop\MouseEditor.zip
[2012.03.02 11:52:46 | 000,002,182 | ---- | M] () -- C:\Users\pip\Desktop\48956_100000872426608_210808345_q.jpg
[2012.02.29 20:21:24 | 000,042,392 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.02.29 20:21:24 | 000,028,056 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\pip\Documents\*.tmp files -> C:\Users\pip\Documents\*.tmp -> ]
[1 C:\Users\pip\Desktop\*.tmp files -> C:\Users\pip\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.22 11:02:05 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.19 22:20:53 | 000,067,734 | ---- | C] () -- C:\Users\pip\Desktop\lastn.jpg
[2012.03.19 22:19:39 | 000,016,367 | ---- | C] () -- C:\Users\pip\Desktop\421830_364541343578256_364527963579594_1185713_168909779_n.jpg
[2012.03.19 22:17:09 | 000,064,466 | ---- | C] () -- C:\Users\pip\Desktop\425507_364541230244934_364527963579594_1185708_1841631488_n.jpg
[2012.03.13 21:03:16 | 000,000,999 | ---- | C] () -- C:\Users\pip\Desktop\SopCast.lnk
[2012.03.08 23:39:37 | 000,001,301 | ---- | C] () -- C:\Users\pip\Desktop\AVS4YOU Software Navigator.lnk
[2012.03.08 23:37:55 | 000,001,216 | ---- | C] () -- C:\Users\pip\Desktop\AVS Video Editor.lnk
[2012.03.08 18:21:07 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2012.03.08 18:16:24 | 002,579,612 | ---- | C] () -- C:\Users\pip\Desktop\dragon_age_ii_v1.0___17_trainer.zip
[2012.03.08 12:45:43 | 000,502,731 | ---- | C] () -- C:\Users\pip\Desktop\back_white.png
[2012.03.08 12:43:49 | 001,312,940 | ---- | C] () -- C:\Users\pip\Desktop\front_white.png
[2012.03.08 00:00:28 | 016,990,874 | ---- | C] () -- C:\Users\pip\Desktop\MouseEditor.zip
[2012.03.02 11:52:46 | 000,002,182 | ---- | C] () -- C:\Users\pip\Desktop\48956_100000872426608_210808345_q.jpg
[2012.02.29 20:21:24 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.02.29 20:21:24 | 000,028,056 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2012.02.20 15:10:33 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2012.02.20 15:10:33 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2012.02.20 15:10:33 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2012.02.20 15:10:33 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2011.12.31 13:53:32 | 000,000,556 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.12.31 13:53:31 | 000,000,210 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.12.06 03:35:10 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.12.06 03:35:10 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.30 10:40:14 | 000,000,602 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2011.11.30 10:40:08 | 000,003,059 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2011.11.30 10:40:08 | 000,000,964 | ---- | C] () -- C:\Windows\cm106.ini
[2011.11.30 10:31:44 | 000,001,711 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2011.11.28 18:21:09 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2011.11.20 19:40:13 | 000,000,116 | ---- | C] () -- C:\Windows\WinInit.Ini
[2011.11.20 12:03:33 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.11.20 12:03:33 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.11.20 11:58:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\95714329f15e2fd96d6305144401a2aa_c
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.25 17:09:22 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\mp3Media2.dll
[2011.02.03 18:53:47 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.29 16:00:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.01.29 16:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.01.29 16:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.01.29 16:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.01.29 16:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010.06.06 19:38:41 | 000,017,408 | ---- | C] () -- C:\Users\pip\AppData\Local\WebpageIcons.db
[2010.05.26 19:45:15 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.23 18:38:22 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.05.08 08:48:11 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.05.08 08:48:07 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.04.23 15:06:59 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2010.04.03 02:18:44 | 000,003,584 | ---- | C] () -- C:\Users\pip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== LOP Check ==========
 
[2010.05.03 12:20:40 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Alarmstufe Rot 3 Der Aufstand
[2010.09.27 22:45:27 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\AlcaTech
[2010.04.20 21:05:32 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Amazon
[2010.03.11 20:00:54 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Ashampoo
[2012.03.13 21:03:12 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Ask.com
[2010.06.10 11:38:28 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Audacity
[2011.11.20 11:58:01 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Babylon
[2010.07.01 20:18:31 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010.03.18 12:05:31 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Bioshock2
[2010.05.06 19:50:16 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Command and Conquer 4
[2010.02.27 19:13:52 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\CopyTransDoctor
[2011.12.03 19:23:59 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\DAEMON Tools Lite
[2010.03.02 16:50:26 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\DAEMON Tools Pro
[2010.09.30 20:37:42 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\DigiJay
[2011.09.02 05:46:38 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\DVDVideoSoft
[2011.09.02 05:46:30 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.02.28 11:02:14 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\HandBrake
[2012.02.24 13:28:33 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\ICQ
[2010.10.14 16:57:29 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Leadertech
[2010.04.05 16:03:39 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien
[2010.07.23 21:24:43 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\mp3DirectCut
[2010.06.18 21:56:48 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Opera
[2011.11.09 21:24:43 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Origin
[2010.06.03 15:01:09 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Phoner
[2010.04.13 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\PowerCinema
[2010.04.16 19:58:04 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Red Alert 3
[2011.09.04 15:41:11 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Rovio
[2012.01.25 23:32:55 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Samsung
[2012.02.20 15:10:13 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Simply Super Software
[2010.03.07 00:04:07 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\SoftDMA
[2011.11.19 21:45:38 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Temp
[2010.03.01 11:38:55 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Template
[2010.06.22 18:29:50 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\TomTom
[2011.10.19 21:05:01 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\TS3Client
[2010.03.03 22:54:04 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\Ubisoft
[2011.11.27 15:13:31 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\VshareComplete
[2011.05.13 18:45:09 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\wargaming.net
[2010.04.10 05:14:02 | 000,000,000 | ---D | M] -- C:\Users\pip\AppData\Roaming\WindSolutions
[2011.10.18 17:25:20 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2010.09.17 19:29:54 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.02.27 22:50:16 | 000,000,000 | ---D | M] -- C:\alaplaya
[2012.01.25 23:32:27 | 000,000,000 | ---D | M] -- C:\AllShare
[2012.02.17 13:16:49 | 000,000,000 | ---D | M] -- C:\AMD
[2011.11.09 20:03:56 | 000,000,000 | ---D | M] -- C:\ATI
[2010.01.26 04:47:47 | 000,000,000 | ---D | M] -- C:\BOOK
[2012.03.14 03:32:18 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.02.27 18:48:01 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.01.25 23:33:06 | 000,000,000 | ---D | M] -- C:\Download
[2010.03.01 10:46:17 | 000,000,000 | ---D | M] -- C:\elements
[2011.05.13 16:35:23 | 000,000,000 | ---D | M] -- C:\Games
[2009.11.05 01:37:23 | 000,000,000 | ---D | M] -- C:\Intel
[2011.04.25 17:09:24 | 000,000,000 | ---D | M] -- C:\Mp3 Output
[2009.11.05 04:21:17 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.02.27 18:48:23 | 000,000,000 | -H-D | M] -- C:\oem
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.11.09 20:04:58 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.03.22 11:01:58 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.03.22 11:02:00 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.02.27 18:48:01 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.02.27 18:48:01 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.03.22 10:45:13 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.02.17 18:56:29 | 000,000,000 | ---D | M] -- C:\Temp
[2010.09.17 19:29:48 | 000,000,000 | R--D | M] -- C:\Users
[2010.09.17 21:16:11 | 000,000,000 | ---D | M] -- C:\Wallpapers
[2012.02.18 10:00:02 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.01.26 13:21:41 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.01.26 13:21:41 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.01.26 13:21:41 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.01.26 13:21:41 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009.06.05 03:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.03.22 12:56:50 | 007,077,888 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT
[2012.03.22 12:56:50 | 000,262,144 | -HS- | M] () -- C:\Users\pip\ntuser.dat.LOG1
[2010.02.27 18:48:13 | 000,000,000 | -HS- | M] () -- C:\Users\pip\ntuser.dat.LOG2
[2010.03.01 10:42:58 | 000,065,536 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.03.01 10:42:58 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.03.01 10:42:58 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.02.03 22:07:20 | 000,065,536 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{2d8aa9b5-4d44-11e1-b8d5-00262d847a8d}.TM.blf
[2012.02.03 22:07:20 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{2d8aa9b5-4d44-11e1-b8d5-00262d847a8d}.TMContainer00000000000000000001.regtrans-ms
[2012.02.03 22:07:20 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{2d8aa9b5-4d44-11e1-b8d5-00262d847a8d}.TMContainer00000000000000000002.regtrans-ms
[2010.11.16 00:53:06 | 000,065,536 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{a543f5d6-eeac-11df-a922-00158315a310}.TM.blf
[2010.11.16 00:53:06 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{a543f5d6-eeac-11df-a922-00158315a310}.TMContainer00000000000000000001.regtrans-ms
[2010.11.16 00:53:06 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{a543f5d6-eeac-11df-a922-00158315a310}.TMContainer00000000000000000002.regtrans-ms
[2011.03.26 14:08:11 | 000,065,536 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{aa437b59-57a5-11e0-a91b-00262d847a8d}.TM.blf
[2011.03.26 14:08:11 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{aa437b59-57a5-11e0-a91b-00262d847a8d}.TMContainer00000000000000000001.regtrans-ms
[2011.03.26 14:08:11 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{aa437b59-57a5-11e0-a91b-00262d847a8d}.TMContainer00000000000000000002.regtrans-ms
[2010.12.26 18:41:02 | 000,065,536 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{d2a6f293-0fbb-11e0-9ba0-00158315a310}.TM.blf
[2010.12.26 18:41:02 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{d2a6f293-0fbb-11e0-9ba0-00158315a310}.TMContainer00000000000000000001.regtrans-ms
[2010.12.26 18:41:02 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{d2a6f293-0fbb-11e0-9ba0-00158315a310}.TMContainer00000000000000000002.regtrans-ms
[2011.04.06 23:55:05 | 000,065,536 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{fcd3e78b-58d8-11e0-a189-00262d847a8d}.TM.blf
[2011.04.06 23:55:04 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{fcd3e78b-58d8-11e0-a189-00262d847a8d}.TMContainer00000000000000000001.regtrans-ms
[2011.04.06 23:55:04 | 000,524,288 | -HS- | M] () -- C:\Users\pip\NTUSER.DAT{fcd3e78b-58d8-11e0-a189-00262d847a8d}.TMContainer00000000000000000002.regtrans-ms
[2010.02.27 18:48:14 | 000,000,020 | -HS- | M] () -- C:\Users\pip\ntuser.ini
[2010.09.17 19:22:10 | 000,000,680 | RHS- | M] () -- C:\Users\pip\ntuser.pol
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:F63A059B

< End of report >
         
nur eben so als info! kann mittlerweile wieder auf mein 1. Konto zugreifen, ohne das die Meldung kommt! (hab aber egtl bis auf den OTL scan den du mir empfohlen hast nichts gemacht. malerwarebytes hat nur 2mal angeschlagen und hab dann die beiden sachen in die quarantäne verschoben

Alt 22.03.2012, 17:10   #5
markusg
/// Malware-holic
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [SkypePM] C:\Users\pip\AppData\Local\Skype\SkypePM.exe (Microsoft Corporation)
 :Files
C:\Users\pip\AppData\Local\Skype
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 22.03.2012, 19:20   #6
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



Upload war erfolgreich!

Alt 22.03.2012, 19:29   #7
markusg
/// Malware-holic
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



da danke ich doch.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 22.03.2012, 20:21   #8
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



Code:
ATTFilter
ComboFix 12-03-22.01 - pip 22.03.2012  19:48:18.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3956.1827 [GMT 1:00]
ausgeführt von:: C:\Users\pip\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))


C:\install.exe
C:\Program Files (x86)\ClickPotatoLite
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\copyright.txt
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions\install.rdf
C:\Program Files (x86)\Common Files\Acer GameZone online.ico
C:\Program Files (x86)\ShoppingReport2
C:\Program Files (x86)\ShoppingReport2\Uninst.exe
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\ProgramData\ClickPotatoLiteSA
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA.dat
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf.dat
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
C:\Users\pip\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
C:\Users\pip\Documents\~WRL0003.tmp
C:\Windows\IsUn0407.exe
C:\Windows\SysWow64\muzapp.exe
C:\Windows\SysWow64\system32
C:\Windows\SysWow64\system32\3DAudio.ax
C:\Windows\SysWow64\system32\avrt.dll
C:\Windows\SysWow64\system32\cis-2.4.dll
C:\Windows\SysWow64\system32\issacapi_bs-2.3.dll
C:\Windows\SysWow64\system32\issacapi_pe-2.3.dll
C:\Windows\SysWow64\system32\issacapi_se-2.3.dll
C:\Windows\SysWow64\system32\MACXMLProto.dll
C:\Windows\SysWow64\system32\MaDRM.dll
C:\Windows\SysWow64\system32\MaJGUILib.dll
C:\Windows\SysWow64\system32\MaJUtilLib.dll
C:\Windows\SysWow64\system32\MAMACExtract.dll
C:\Windows\SysWow64\system32\MASetupCaller.dll
C:\Windows\SysWow64\system32\MASetupCleaner.exe
C:\Windows\SysWow64\system32\MaXMLProto.dll
C:\Windows\SysWow64\system32\MetaStore2.dll
C:\Windows\SysWow64\system32\mfplat.dll
C:\Windows\SysWow64\system32\Microsoft.Synchronization.dll
C:\Windows\SysWow64\system32\MK_Lyric.dll
C:\Windows\SysWow64\system32\MSCLib.dll
C:\Windows\SysWow64\system32\MSFLib.dll
C:\Windows\SysWow64\system32\MSLUR71.dll
C:\Windows\SysWow64\system32\msvcp60.dll
C:\Windows\SysWow64\system32\MTTELECHIP.dll
C:\Windows\SysWow64\system32\MTXSYNCICON.dll
C:\Windows\SysWow64\system32\muzaf1.dll
C:\Windows\SysWow64\system32\muzapp.dll
C:\Windows\SysWow64\system32\muzapp.exe
C:\Windows\SysWow64\system32\muzdecode.ax
C:\Windows\SysWow64\system32\muzeffect.ax
C:\Windows\SysWow64\system32\muzmp4sp.ax
C:\Windows\SysWow64\system32\muzmpgsp.ax
C:\Windows\SysWow64\system32\muzoggsp.ax
C:\Windows\SysWow64\system32\muzwmts.dll
C:\Windows\SysWow64\system32\psapi.dll
C:\Windows\SysWow64\system32\Synchronization2.dll
C:\ProgramData\VodafoneConnectorService.log . . . . Nicht in der Lage zu löschen


(((((((((((((((((((((((   Dateien erstellt von 2012-02-22 bis 2012-03-22  ))))))))))))))))))))))))))))))


2012-03-22 17:56:18 . 2012-03-22 18:13:20	--------	d-----w-	C:\_OTL
2012-03-22 13:01:33 . 2012-03-14 03:27:40	8669240	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{506FDD5C-AFD9-47C7-872C-7CFE18D24A0F}\mpengine.dll
2012-03-22 12:27:53 . 2012-03-22 12:29:28	--------	d-----w-	C:\Users\Musik\AppData\Roaming\QuickScan
2012-03-22 11:46:52 . 2012-03-22 11:46:52	592824	----a-w-	C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-22 11:46:52 . 2012-03-22 11:46:52	44472	----a-w-	C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-22 10:02:29 . 2012-03-22 10:02:29	--------	d-----w-	C:\Users\pip\AppData\Roaming\Malwarebytes
2012-03-22 10:02:00 . 2012-03-22 10:02:00	--------	d-----w-	C:\ProgramData\Malwarebytes
2012-03-22 10:01:58 . 2012-03-22 10:02:07	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-22 10:01:58 . 2011-12-10 14:24:08	23152	----a-w-	C:\Windows\system32\drivers\mbam.sys
2012-03-14 02:14:27 . 2011-11-19 15:20:37	5559152	----a-w-	C:\Windows\system32\ntoskrnl.exe
2012-03-14 02:14:26 . 2011-11-19 14:50:02	3968368	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-14 02:14:25 . 2011-11-19 14:50:02	3913584	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2012-03-14 01:31:45 . 2012-02-03 04:34:34	3145728	----a-w-	C:\Windows\system32\win32k.sys
2012-03-14 01:31:43 . 2012-02-10 06:36:07	1544192	----a-w-	C:\Windows\system32\DWrite.dll
2012-03-14 01:31:43 . 2012-02-10 05:38:43	1077248	----a-w-	C:\Windows\SysWow64\DWrite.dll
2012-03-13 22:16:31 . 2012-02-17 06:38:26	1031680	----a-w-	C:\Windows\system32\rdpcore.dll
2012-03-13 22:16:31 . 2012-02-17 05:34:22	826880	----a-w-	C:\Windows\SysWow64\rdpcore.dll
2012-03-13 22:16:30 . 2012-02-17 04:58:24	210944	----a-w-	C:\Windows\system32\drivers\rdpwd.sys
2012-03-13 22:16:30 . 2012-02-17 04:57:32	23552	----a-w-	C:\Windows\system32\drivers\tdtcp.sys
2012-03-13 22:16:29 . 2012-01-25 06:33:30	9216	----a-w-	C:\Windows\system32\rdrmemptylst.exe
2012-03-13 22:16:28 . 2012-01-25 06:38:39	77312	----a-w-	C:\Windows\system32\rdpwsx.dll
2012-03-13 22:16:28 . 2012-01-25 06:38:38	149504	----a-w-	C:\Windows\system32\rdpcorekmts.dll
2012-03-13 20:03:14 . 2012-03-13 20:03:22	--------	d-----w-	C:\Program Files (x86)\SopCast
2012-03-13 20:03:12 . 2012-03-13 20:03:12	--------	d-----w-	C:\Users\pip\AppData\Roaming\Ask.com
2012-03-13 20:02:42 . 2012-03-13 20:03:13	--------	d-----w-	C:\Program Files (x86)\asktoolbar4
2012-03-08 22:36:42 . 2011-09-16 17:00:36	11137024	----a-w-	C:\Windows\SysWow64\libmfxsw32.dll
2012-03-06 13:46:41 . 2012-03-06 14:49:59	--------	d-----w-	C:\Users\pip\AppData\Local\The Witcher
2012-03-06 12:56:02 . 2012-03-06 13:46:01	--------	d-----w-	C:\Program Files (x86)\The Witcher Enhanced Edition
2012-03-06 08:43:40 . 2012-03-16 01:59:56	--------	d-----w-	C:\ProgramData\EA Logs
2012-02-29 19:21:24 . 2012-02-29 19:21:24	42392	----a-w-	C:\Windows\SysWow64\xfcodec.dll
2012-02-29 19:21:24 . 2012-02-29 19:21:24	28056	----a-w-	C:\Windows\system32\xfcodec64.dll
2012-02-23 12:26:19 . 2012-03-22 11:46:52	19384	----a-w-	C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2012-02-23 12:26:19 . 2012-02-23 12:26:19	2106216	----a-w-	C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2012-02-23 12:26:18 . 2012-03-22 11:46:52	97208	----a-w-	C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-02-23 12:26:18 . 2012-03-22 11:46:52	125880	----a-w-	C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
.


((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-03-14 03:27:40 . 2010-05-22 10:27:10	8669240	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-17 11:50:57 . 2010-05-08 07:48:11	189248	----a-w-	C:\Windows\SysWow64\PnkBstrB.exe
2012-02-17 11:50:56 . 2010-05-08 07:48:07	75136	----a-w-	C:\Windows\SysWow64\PnkBstrA.exe
2012-02-11 02:37:12 . 2012-02-11 02:37:36	927800	------w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{95D1B4C6-53A6-44A1-93C8-0C3E44CFFB15}\gapaengine.dll
2012-01-31 12:44:20 . 2010-02-28 07:47:54	279656	------w-	C:\Windows\system32\MpSigStub.exe
2012-01-27 21:03:58 . 2011-05-19 16:11:14	414368	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-04 10:44:20 . 2012-02-16 05:37:57	509952	----a-w-	C:\Windows\system32\ntshrui.dll
2012-01-04 08:58:41 . 2012-02-16 05:37:57	442880	----a-w-	C:\Windows\SysWow64\ntshrui.dll
2011-12-30 06:26:08 . 2012-02-16 05:37:56	515584	----a-w-	C:\Windows\system32\timedate.cpl
2011-12-30 05:27:56 . 2012-02-16 05:37:55	478720	----a-w-	C:\Windows\SysWow64\timedate.cpl
2011-12-28 03:59:24 . 2012-02-16 05:37:47	498688	----a-w-	C:\Windows\system32\drivers\afd.sys
2011-12-27 15:44:11 . 2010-05-08 09:38:12	280904	----a-w-	C:\Windows\SysWow64\PnkBstrB.xtr
2011-12-27 15:42:46 . 2010-05-08 07:48:11	280904	----a-w-	C:\Windows\SysWow64\PnkBstrB.ex0


((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll" [2009-12-31 10:53:56 2349080]
"{3cb073f3-be3c-4e8f-942d-8a747b54486f}"= "C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll" [2012-01-30 06:19:02 81920]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CLASSES_ROOT\clsid\{3cb073f3-be3c-4e8f-942d-8a747b54486f}]

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{3cb073f3-be3c-4e8f-942d-8a747b54486f}]
2012-01-30 06:19:02	81920	----a-w-	C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29:36	1490312	----a-w-	C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2009-12-31 10:53:56	2349080	----a-w-	C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll" [2009-12-31 10:53:56 2349080]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 11:29:36 1490312]
"{3cb073f3-be3c-4e8f-942d-8a747b54486f}"= "C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll" [2012-01-30 06:19:02 81920]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{3cb073f3-be3c-4e8f-942d-8a747b54486f}]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41:42	120104	----a-w-	C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\steam\steam.exe" [2011-08-07 14:04:08 1242448]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 07:33:30 4910912]
"Akamai NetSession Interface"="C:\Users\pip\AppData\Local\Akamai\netsession_win.exe" [2011-10-28 22:33:08 3292248]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 13:25:17 1475584]
"KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 14:21:06 937360]
"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 14:21:18 21392]
"Xvid"="C:\Program Files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 19:41:43 8192]
"OscarEditor"="C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" [2010-05-06 13:09:18 2603520]
"flatster Recorder"="C:\Program Files (x86)\flatster Recorder\flatster Recorder.exe" [2011-06-08 13:32:00 2226176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 02:04:47 35760]
"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 23:42:32 261888]
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" [2009-11-01 23:39:48 1094736]
"ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-29 02:47:34 419112]
"PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-11-12 18:29:08 181480]
"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 12:12:28 439568]
"amd_dc_opt"="C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 11:53:10 77824]
"ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [2011-05-17 11:29:46 395144]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-05-04 12:59:46 252136]
"AllShareAgent"="C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe" [2011-12-16 14:23:16 284560]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 21:46:16 343168]
"ATICustomerCare"="C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 15:05:02 311296]
"TrojanScanner"="C:\Program Files (x86)\Trojan Remover\Trjscan.exe" [2010-07-05 11:49:06 1167296]
"Malwarebytes' Anti-Malware"="C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 13:53:18 460872]

C:\Users\pip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe [2012-2-29 3537304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

R1 gpszylna;gpszylna;C:\Windows\system32\drivers\gpszylna.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]
R2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27 19:10:47 135664]
R3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS [x]
R3 BthAudioHF;BthAudioHF-Dienst;C:\Windows\system32\DRIVERS\BthAudioHF.sys [x]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;C:\Windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 csr_a2dp;Bluetooth-AV-Profil;C:\Windows\system32\drivers\bthav.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;C:\Windows\system32\drivers\dgderdrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27 19:10:47 135664]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 05:42:46 305448]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 15:21:18 288272]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 01:31:46 50432]
R3 SimpleSlideShowServer;SimpleSlideShowServer;C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2011-12-16 14:26:22 27584]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudserd.sys [x]
R3 TFsExDisk;TFsExDisk;C:\Windows\System32\Drivers\TFsExDisk.sys [2010-07-26 13:15:26 16392]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 11:48:18 126352]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\system32\drivers\CM10664.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/01/26 04:45:26];C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [2009-11-12 18:29:42 146928]
S2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe [2009-07-14 01:39:46 27136]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
S2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 13:44:58 844320]
S2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 09:38:58 1150496]
S2 HFGService;Handsfree Headset Service;C:\Windows\system32\svchost.exe [2009-07-14 01:39:46 27136]
S2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-01-03 16:07:48 246520]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 13:53:18 652360]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 12:39:22 490280]
S2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 23:42:28 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 01:31:58 144640]
S2 SamsungAllShareV2.0;Samsung AllShare PC;C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2011-12-16 14:26:26 25504]
S2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-05-07 12:36:10 92008]
S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 04:01:32 2320920]
S2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 02:47:12 240160]
S2 VodafoneConnectorService;Vodafone Connector Service;C:\Program Files (x86)\Vodafone\Via The Phone\VodafoneConnectorService.exe [2010-02-24 13:59:06 233472]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [x]


--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - WS2IFSL

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai

Inhalt des "geplante Tasks" Ordners

2012-03-22 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27 19:10:52 . 2010-02-27 19:10:47]

2012-03-22 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27 19:10:52 . 2010-02-27 19:10:47]

2012-03-21 C:\Windows\Tasks\Norton Security Scan for pip.job
- C:\PROGRA~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-13 16:13:20 . 2011-11-03 23:02:38]


--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08337871-0e50-4031-9110-3bd21ca3c065}]
2011-11-09 01:54:02	167416	----a-w-	C:\Users\pip\AppData\Roaming\VshareComplete\64\VshareComplete64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44:06	137512	----a-w-	C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-22 22:07:10 323072]
"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 03:03:32 186904]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-29 02:57:38 8312352]
"Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 13:45:20 823840]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" [2011-06-15 12:35:24 1436736]
"Cm106Sound"="C:\Windows\Syswow64\cm106.dll" [2010-07-01 11:19:02 8151040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0

------- Zusätzlicher Suchlauf -------

uStart Page = hxxp://eu.ask.com/web?l=dis&o=APN10234&gct=hp&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A8B&apn_uid=7534730011854034&p2=^A8B^YYYYYY^YY^DE
uLocal Page = C:\Windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://startsear.ch/?aff=1&cf=ed1c7afe-1901-11e1-97e2-00262d847a8d
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\pip\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - C:\Users\pip\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - C:\Users\pip\AppData\Roaming\Mozilla\Firefox\Profiles\22rm6ywu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.ftp - 81.140.160.26
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - 81.140.160.26
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.http - 81.140.160.26
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 81.140.160.26
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 81.140.160.26
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0

- - - - Entfernte verwaiste Registrierungseinträge - - - -

URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Hogs Of War - C:\Windows\IsUn0407.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - C:\Program Files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe
         

Alt 22.03.2012, 20:27   #9
markusg
/// Malware-holic
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



ist das wirklich das ganze log? hänge die textdatei mal an bitte.
danach:
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 22.03.2012, 20:42   #10
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



hi die datei hatte leider zuviele zeichen daher schicke ich dirs gesplittet:

Code:
ATTFilter
20:31:31.0305 2920	TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
20:31:32.0007 2920	============================================================
20:31:32.0007 2920	Current date / time: 2012/03/22 20:31:32.0007
20:31:32.0007 2920	SystemInfo:
20:31:32.0007 2920	
20:31:32.0007 2920	OS Version: 6.1.7601 ServicePack: 1.0
20:31:32.0007 2920	Product type: Workstation
20:31:32.0008 2920	ComputerName: PIP
20:31:32.0008 2920	UserName: pip
20:31:32.0008 2920	Windows directory: C:\Windows
20:31:32.0008 2920	System windows directory: C:\Windows
20:31:32.0008 2920	Running under WOW64
20:31:32.0008 2920	Processor architecture: Intel x64
20:31:32.0008 2920	Number of processors: 4
20:31:32.0008 2920	Page size: 0x1000
20:31:32.0008 2920	Boot type: Normal boot
20:31:32.0008 2920	============================================================
20:31:33.0627 2920	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:31:33.0637 2920	\Device\Harddisk0\DR0:
20:31:33.0637 2920	MBR used
20:31:33.0638 2920	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
20:31:33.0638 2920	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x389EF030
20:31:33.0807 2920	Initialize success
20:31:33.0807 2920	============================================================
20:31:39.0015 1108	============================================================
20:31:39.0016 1108	Scan started
20:31:39.0016 1108	Mode: Manual; 
20:31:39.0016 1108	============================================================
20:31:39.0311 1108	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:31:39.0315 1108	1394ohci - ok
20:31:39.0392 1108	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:31:39.0397 1108	ACPI - ok
20:31:39.0441 1108	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:31:39.0443 1108	AcpiPmi - ok
20:31:39.0553 1108	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:31:39.0561 1108	adp94xx - ok
20:31:39.0678 1108	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:31:39.0684 1108	adpahci - ok
20:31:39.0793 1108	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:31:39.0797 1108	adpu320 - ok
20:31:39.0832 1108	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:31:39.0834 1108	AeLookupSvc - ok
20:31:39.0963 1108	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:31:39.0970 1108	AFD - ok
20:31:40.0032 1108	AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
20:31:40.0033 1108	AgereModemAudio - ok
20:31:40.0134 1108	AgereSoftModem  (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
20:31:40.0153 1108	AgereSoftModem - ok
20:31:40.0314 1108	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:31:40.0316 1108	agp440 - ok
20:31:40.0530 1108	Akamai          (31bd294dc6ddbc0f16356d958d0743a4) c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll
20:31:40.0531 1108	Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll. md5: 31bd294dc6ddbc0f16356d958d0743a4
20:31:40.0537 1108	Akamai ( HiddenFile.Multi.Generic ) - warning
20:31:40.0537 1108	Akamai - detected HiddenFile.Multi.Generic (1)
20:31:40.0619 1108	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:31:40.0621 1108	ALG - ok
20:31:40.0704 1108	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:31:40.0705 1108	aliide - ok
20:31:40.0829 1108	AMD External Events Utility (b5e2434fc851698c1f119cf1c3935a50) C:\Windows\system32\atiesrxx.exe
20:31:40.0833 1108	AMD External Events Utility - ok
20:31:40.0941 1108	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:31:40.0942 1108	amdide - ok
20:31:41.0036 1108	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:31:41.0038 1108	AmdK8 - ok
20:31:41.0325 1108	amdkmdag        (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
20:31:41.0554 1108	amdkmdag - ok
20:31:41.0681 1108	amdkmdap        (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
20:31:41.0684 1108	amdkmdap - ok
20:31:41.0724 1108	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:31:41.0726 1108	AmdPPM - ok
20:31:41.0834 1108	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:31:41.0836 1108	amdsata - ok
20:31:41.0878 1108	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:31:41.0881 1108	amdsbs - ok
20:31:41.0996 1108	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:31:41.0998 1108	amdxata - ok
20:31:42.0068 1108	AmUStor         (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
20:31:42.0070 1108	AmUStor - ok
20:31:42.0196 1108	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:31:42.0198 1108	AppID - ok
20:31:42.0240 1108	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:31:42.0242 1108	AppIDSvc - ok
20:31:42.0377 1108	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:31:42.0378 1108	Appinfo - ok
20:31:42.0449 1108	Apple Mobile Device (5aa788d5a2c6737bb9c45933985bc1b8) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:31:42.0451 1108	Apple Mobile Device - ok
20:31:42.0568 1108	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:31:42.0570 1108	arc - ok
20:31:42.0597 1108	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:31:42.0599 1108	arcsas - ok
20:31:42.0700 1108	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:31:42.0701 1108	AsyncMac - ok
20:31:42.0791 1108	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:31:42.0792 1108	atapi - ok
20:31:42.0899 1108	athr            (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
20:31:42.0921 1108	athr - ok
20:31:43.0026 1108	AtiHDAudioService (2b3b05c0a7768bf033217eb8f33f9c35) C:\Windows\system32\drivers\AtihdW76.sys
20:31:43.0028 1108	AtiHDAudioService - ok
20:31:43.0347 1108	atikmdag        (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
20:31:43.0447 1108	atikmdag - ok
20:31:43.0584 1108	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:31:43.0594 1108	AudioEndpointBuilder - ok
20:31:43.0608 1108	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:31:43.0615 1108	AudioSrv - ok
20:31:43.0731 1108	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:31:43.0734 1108	AxInstSV - ok
20:31:43.0804 1108	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:31:43.0812 1108	b06bdrv - ok
20:31:43.0900 1108	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:31:43.0904 1108	b57nd60a - ok
20:31:44.0026 1108	BCM43XX         (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:31:44.0044 1108	BCM43XX - ok
20:31:44.0144 1108	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:31:44.0147 1108	BDESVC - ok
20:31:44.0187 1108	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:31:44.0189 1108	Beep - ok
20:31:44.0329 1108	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:31:44.0339 1108	BFE - ok
20:31:44.0474 1108	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
20:31:44.0488 1108	BITS - ok
20:31:44.0581 1108	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:31:44.0582 1108	blbdrive - ok
20:31:44.0691 1108	Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:31:44.0697 1108	Bonjour Service - ok
20:31:44.0817 1108	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:31:44.0819 1108	bowser - ok
20:31:44.0854 1108	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:31:44.0856 1108	BrFiltLo - ok
20:31:44.0874 1108	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:31:44.0875 1108	BrFiltUp - ok
20:31:44.0980 1108	BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
20:31:44.0982 1108	BridgeMP - ok
20:31:45.0054 1108	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:31:45.0057 1108	Browser - ok
20:31:45.0142 1108	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:31:45.0147 1108	Brserid - ok
20:31:45.0177 1108	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:31:45.0179 1108	BrSerWdm - ok
20:31:45.0261 1108	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:31:45.0262 1108	BrUsbMdm - ok
20:31:45.0290 1108	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:31:45.0291 1108	BrUsbSer - ok
20:31:45.0383 1108	BthAudioHF      (07dcb3c254d584e3949fe2c0ee3963f2) C:\Windows\system32\DRIVERS\BthAudioHF.sys
20:31:45.0384 1108	BthAudioHF - ok
20:31:45.0425 1108	BthAvrcp        (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys
20:31:45.0427 1108	BthAvrcp - ok
20:31:45.0568 1108	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:31:45.0569 1108	BthEnum - ok
20:31:45.0607 1108	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:31:45.0609 1108	BTHMODEM - ok
20:31:45.0703 1108	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:31:45.0706 1108	BthPan - ok
20:31:45.0852 1108	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
20:31:45.0860 1108	BTHPORT - ok
20:31:45.0955 1108	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:31:45.0957 1108	bthserv - ok
20:31:46.0026 1108	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:31:46.0028 1108	BTHUSB - ok
20:31:46.0200 1108	catchme - ok
20:31:46.0294 1108	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:31:46.0296 1108	cdfs - ok
20:31:46.0377 1108	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:31:46.0380 1108	cdrom - ok
20:31:46.0490 1108	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:31:46.0492 1108	CertPropSvc - ok
20:31:46.0550 1108	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:31:46.0552 1108	circlass - ok
20:31:46.0643 1108	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:31:46.0649 1108	CLFS - ok
20:31:46.0719 1108	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:46.0720 1108	clr_optimization_v2.0.50727_32 - ok
20:31:46.0781 1108	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:31:46.0783 1108	clr_optimization_v2.0.50727_64 - ok
20:31:46.0934 1108	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:31:46.0958 1108	clr_optimization_v4.0.30319_32 - ok
20:31:47.0021 1108	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:31:47.0024 1108	clr_optimization_v4.0.30319_64 - ok
20:31:47.0088 1108	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:31:47.0089 1108	CmBatt - ok
20:31:47.0162 1108	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:31:47.0163 1108	cmdide - ok
20:31:47.0272 1108	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:31:47.0279 1108	CNG - ok
20:31:47.0372 1108	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:31:47.0373 1108	Compbatt - ok
20:31:47.0461 1108	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:31:47.0463 1108	CompositeBus - ok
20:31:47.0518 1108	COMSysApp - ok
20:31:47.0569 1108	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:31:47.0570 1108	crcdisk - ok
20:31:47.0671 1108	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:31:47.0675 1108	CryptSvc - ok
20:31:47.0742 1108	csr_a2dp        (df07c6d98ba7f81d0571e366b1cd6672) C:\Windows\system32\drivers\bthav.sys
20:31:47.0744 1108	csr_a2dp - ok
20:31:47.0882 1108	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:31:47.0891 1108	DcomLaunch - ok
20:31:47.0956 1108	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:31:47.0961 1108	defragsvc - ok
20:31:48.0047 1108	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:31:48.0049 1108	DfsC - ok
20:31:48.0175 1108	dgderdrv        (867fa8b9e9e3078f68c4089904bbf4b0) C:\Windows\system32\drivers\dgderdrv.sys
20:31:48.0189 1108	dgderdrv - ok
20:31:48.0403 1108	dg_ssudbus      (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
20:31:48.0406 1108	dg_ssudbus - ok
20:31:48.0484 1108	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:31:48.0490 1108	Dhcp - ok
20:31:48.0586 1108	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:31:48.0587 1108	discache - ok
20:31:48.0693 1108	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:31:48.0695 1108	Disk - ok
20:31:48.0775 1108	DKbFltr         (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
20:31:48.0776 1108	DKbFltr - ok
20:31:48.0885 1108	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:31:48.0889 1108	Dnscache - ok
20:31:48.0957 1108	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:31:48.0962 1108	dot3svc - ok
20:31:49.0046 1108	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:31:49.0051 1108	DPS - ok
20:31:49.0120 1108	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:31:49.0121 1108	drmkaud - ok
20:31:49.0216 1108	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:31:49.0226 1108	DXGKrnl - ok
20:31:49.0311 1108	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:31:49.0314 1108	EapHost - ok
20:31:49.0428 1108	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:31:49.0509 1108	ebdrv - ok
20:31:49.0606 1108	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:31:49.0608 1108	EFS - ok
20:31:49.0700 1108	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:31:49.0707 1108	ehRecvr - ok
20:31:49.0790 1108	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:31:49.0792 1108	ehSched - ok
20:31:49.0904 1108	ElbyCDIO        (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
20:31:49.0905 1108	ElbyCDIO - ok
20:31:49.0955 1108	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:31:49.0964 1108	elxstor - ok
20:31:50.0073 1108	ePowerSvc       (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:31:50.0086 1108	ePowerSvc - ok
20:31:50.0196 1108	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:31:50.0197 1108	ErrDev - ok
20:31:50.0244 1108	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:31:50.0251 1108	EventSystem - ok
20:31:50.0351 1108	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:31:50.0355 1108	exfat - ok
20:31:50.0367 1108	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:31:50.0371 1108	fastfat - ok
20:31:50.0499 1108	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:31:50.0510 1108	Fax - ok
20:31:50.0595 1108	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:31:50.0597 1108	fdc - ok
20:31:50.0633 1108	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:31:50.0635 1108	fdPHost - ok
20:31:50.0707 1108	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:31:50.0709 1108	FDResPub - ok
20:31:50.0751 1108	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:31:50.0753 1108	FileInfo - ok
20:31:50.0835 1108	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:31:50.0837 1108	Filetrace - ok
20:31:50.0855 1108	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:31:50.0856 1108	flpydisk - ok
20:31:50.0918 1108	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:31:50.0923 1108	FltMgr - ok
20:31:51.0041 1108	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:31:51.0058 1108	FontCache - ok
20:31:51.0168 1108	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:31:51.0170 1108	FontCache3.0.0.0 - ok
20:31:51.0251 1108	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:31:51.0252 1108	FsDepends - ok
20:31:51.0298 1108	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:31:51.0300 1108	Fs_Rec - ok
20:31:51.0417 1108	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:31:51.0421 1108	fvevol - ok
20:31:51.0476 1108	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:31:51.0478 1108	gagp30kx - ok
20:31:51.0561 1108	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:31:51.0562 1108	GEARAspiWDM - ok
20:31:51.0646 1108	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:31:51.0658 1108	gpsvc - ok
20:31:51.0758 1108	gpszylna - ok
20:31:51.0883 1108	Greg_Service    (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
20:31:51.0900 1108	Greg_Service - ok
20:31:52.0018 1108	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:31:52.0019 1108	gupdate - ok
20:31:52.0045 1108	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:31:52.0047 1108	gupdatem - ok
20:31:52.0100 1108	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:31:52.0103 1108	gusvc - ok
20:31:52.0181 1108	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:31:52.0183 1108	hcw85cir - ok
20:31:52.0266 1108	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:31:52.0272 1108	HdAudAddService - ok
20:31:52.0401 1108	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:31:52.0403 1108	HDAudBus - ok
20:31:52.0432 1108	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:31:52.0433 1108	HECIx64 - ok
20:31:52.0536 1108	HFGService      (ee8c05f926521a0e24edaf40f45d01e6) C:\Windows\System32\HFGService.dll
20:31:52.0545 1108	HFGService - ok
20:31:52.0635 1108	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:31:52.0636 1108	HidBatt - ok
20:31:52.0669 1108	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:31:52.0671 1108	HidBth - ok
20:31:52.0714 1108	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:31:52.0716 1108	HidIr - ok
20:31:52.0765 1108	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
20:31:52.0768 1108	hidserv - ok
20:31:52.0899 1108	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:31:52.0900 1108	HidUsb - ok
20:31:52.0987 1108	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:31:52.0990 1108	hkmsvc - ok
20:31:53.0085 1108	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:31:53.0090 1108	HomeGroupListener - ok
20:31:53.0201 1108	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:31:53.0206 1108	HomeGroupProvider - ok
20:31:53.0339 1108	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:31:53.0342 1108	HpSAMD - ok
20:31:53.0443 1108	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:31:53.0454 1108	HTTP - ok
20:31:53.0546 1108	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:31:53.0547 1108	hwpolicy - ok
20:31:53.0619 1108	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:31:53.0621 1108	i8042prt - ok
20:31:53.0703 1108	IAANTMON        (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:31:53.0710 1108	IAANTMON - ok
20:31:53.0777 1108	iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
20:31:53.0782 1108	iaStor - ok
20:31:53.0899 1108	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:31:53.0906 1108	iaStorV - ok
20:31:54.0027 1108	ICQ Service     (848edebb3c1d6fec50e09eda95c21e84) C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
20:31:54.0031 1108	ICQ Service - ok
20:31:54.0174 1108	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:31:54.0176 1108	IDriverT - ok
20:31:54.0314 1108	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:31:54.0326 1108	idsvc - ok
20:31:54.0565 1108	igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:31:54.0712 1108	igfx - ok
20:31:54.0808 1108	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:31:54.0810 1108	iirsp - ok
20:31:54.0884 1108	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:31:54.0898 1108	IKEEXT - ok
20:31:54.0986 1108	Impcd           (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
20:31:54.0989 1108	Impcd - ok
20:31:55.0077 1108	IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys
20:31:55.0096 1108	IntcAzAudAddService - ok
20:31:55.0192 1108	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:31:55.0194 1108	intelide - ok
20:31:55.0241 1108	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:31:55.0242 1108	intelppm - ok
20:31:55.0277 1108	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:31:55.0280 1108	IPBusEnum - ok
20:31:55.0393 1108	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:31:55.0395 1108	IpFilterDriver - ok
20:31:55.0466 1108	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:31:55.0476 1108	iphlpsvc - ok
20:31:55.0581 1108	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:31:55.0583 1108	IPMIDRV - ok
20:31:55.0615 1108	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:31:55.0617 1108	IPNAT - ok
20:31:55.0702 1108	iPod Service    (3d62fe4fefe9c67dafec52b534dfa1fb) C:\Program Files\iPod\bin\iPodService.exe
20:31:55.0716 1108	iPod Service - ok
20:31:55.0805 1108	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:31:55.0806 1108	IRENUM - ok
20:31:55.0869 1108	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:31:55.0871 1108	isapnp - ok
20:31:55.0894 1108	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:31:55.0899 1108	iScsiPrt - ok
20:31:56.0002 1108	k57nd60a        (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
20:31:56.0006 1108	k57nd60a - ok
20:31:56.0093 1108	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:31:56.0094 1108	kbdclass - ok
20:31:56.0217 1108	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:31:56.0218 1108	kbdhid - ok
20:31:56.0285 1108	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:31:56.0287 1108	KeyIso - ok
20:31:56.0481 1108	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:31:56.0484 1108	KSecDD - ok
20:31:56.0517 1108	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:31:56.0521 1108	KSecPkg - ok
20:31:56.0615 1108	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:31:56.0617 1108	ksthunk - ok
20:31:56.0668 1108	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:31:56.0675 1108	KtmRm - ok
20:31:56.0752 1108	L1E             (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
20:31:56.0754 1108	L1E - ok
20:31:56.0838 1108	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
20:31:56.0844 1108	LanmanServer - ok
20:31:56.0935 1108	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:31:56.0940 1108	LanmanWorkstation - ok
20:31:57.0009 1108	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:31:57.0011 1108	lltdio - ok
20:31:57.0080 1108	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:31:57.0086 1108	lltdsvc - ok
20:31:57.0123 1108	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:31:57.0125 1108	lmhosts - ok
20:31:57.0205 1108	LMS             (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:31:57.0209 1108	LMS - ok
20:31:57.0305 1108	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:31:57.0308 1108	LSI_FC - ok
20:31:57.0319 1108	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:31:57.0321 1108	LSI_SAS - ok
20:31:57.0339 1108	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:31:57.0341 1108	LSI_SAS2 - ok
20:31:57.0373 1108	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:31:57.0375 1108	LSI_SCSI - ok
20:31:57.0471 1108	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:31:57.0474 1108	luafv - ok
20:31:57.0540 1108	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
20:31:57.0541 1108	MBAMProtector - ok
20:31:57.0688 1108	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:31:57.0698 1108	MBAMService - ok
20:31:57.0829 1108	mbmiodrvr       (2e1652d8ab971403eaaddc921800b1fa) C:\Windows\syswow64\mbmiodrvr.sys
20:31:57.0880 1108	mbmiodrvr - ok
20:31:57.0985 1108	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:31:57.0989 1108	Mcx2Svc - ok
20:31:58.0047 1108	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:31:58.0049 1108	megasas - ok
20:31:58.0113 1108	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:31:58.0118 1108	MegaSR - ok
20:31:58.0164 1108	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:31:58.0167 1108	MMCSS - ok
20:31:58.0233 1108	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:31:58.0234 1108	Modem - ok
20:31:58.0299 1108	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:31:58.0299 1108	monitor - ok
20:31:58.0406 1108	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:31:58.0408 1108	mouclass - ok
20:31:58.0474 1108	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:31:58.0476 1108	mouhid - ok
20:31:58.0578 1108	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:31:58.0580 1108	mountmgr - ok
20:31:58.0663 1108	MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
20:31:58.0665 1108	MpFilter - ok
20:31:58.0729 1108	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:31:58.0732 1108	mpio - ok
20:31:58.0826 1108	MpNWMon         (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
20:31:58.0827 1108	MpNWMon - ok
20:31:58.0878 1108	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:31:58.0880 1108	mpsdrv - ok
20:31:58.0965 1108	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:31:58.0978 1108	MpsSvc - ok
20:31:59.0105 1108	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:31:59.0108 1108	MRxDAV - ok
20:31:59.0167 1108	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:31:59.0170 1108	mrxsmb - ok
20:31:59.0283 1108	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:31:59.0289 1108	mrxsmb10 - ok
20:31:59.0351 1108	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:31:59.0353 1108	mrxsmb20 - ok
20:31:59.0414 1108	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:31:59.0416 1108	msahci - ok
20:31:59.0541 1108	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:31:59.0544 1108	msdsm - ok
20:31:59.0581 1108	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:31:59.0586 1108	MSDTC - ok
20:31:59.0668 1108	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:31:59.0670 1108	Msfs - ok
20:31:59.0698 1108	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:31:59.0699 1108	mshidkmdf - ok
20:31:59.0758 1108	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:31:59.0760 1108	msisadrv - ok
20:31:59.0828 1108	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:31:59.0832 1108	MSiSCSI - ok
20:31:59.0841 1108	msiserver - ok
20:31:59.0924 1108	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:31:59.0926 1108	MSKSSRV - ok
20:32:00.0063 1108	MsMpSvc         (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:32:00.0064 1108	MsMpSvc - ok
20:32:00.0143 1108	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:32:00.0144 1108	MSPCLOCK - ok
20:32:00.0194 1108	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:32:00.0195 1108	MSPQM - ok
20:32:00.0269 1108	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:32:00.0275 1108	MsRPC - ok
20:32:00.0381 1108	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:32:00.0382 1108	mssmbios - ok
20:32:00.0422 1108	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:32:00.0423 1108	MSTEE - ok
20:32:00.0436 1108	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:32:00.0438 1108	MTConfig - ok
20:32:00.0513 1108	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:32:00.0515 1108	Mup - ok
20:32:00.0543 1108	mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:32:00.0544 1108	mwlPSDFilter - ok
20:32:00.0628 1108	mwlPSDNServ     (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:32:00.0629 1108	mwlPSDNServ - ok
20:32:00.0657 1108	mwlPSDVDisk     (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:32:00.0659 1108	mwlPSDVDisk - ok
20:32:00.0770 1108	MWLService      (2f139207f618ec2933830227eeffddb4) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
20:32:00.0776 1108	MWLService - ok
20:32:00.0891 1108	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:32:00.0900 1108	napagent - ok
20:32:01.0006 1108	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:32:01.0012 1108	NativeWifiP - ok
20:32:01.0172 1108	NAUpdate        (e4534bccdd1ea7a7a256bb9d6688a5fc) C:\Program Files (x86)\Nero\Update\NASvc.exe
20:32:01.0180 1108	NAUpdate - ok
20:32:01.0321 1108	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:32:01.0335 1108	NDIS - ok
20:32:01.0414 1108	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:32:01.0415 1108	NdisCap - ok
20:32:01.0452 1108	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:32:01.0453 1108	NdisTapi - ok
20:32:01.0579 1108	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:32:01.0580 1108	Ndisuio - ok
20:32:01.0644 1108	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:32:01.0647 1108	NdisWan - ok
20:32:01.0700 1108	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:32:01.0702 1108	NDProxy - ok
20:32:01.0792 1108	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:32:01.0793 1108	NetBIOS - ok
20:32:01.0856 1108	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:32:01.0861 1108	NetBT - ok
20:32:01.0952 1108	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:32:01.0954 1108	Netlogon - ok
20:32:02.0011 1108	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:32:02.0018 1108	Netman - ok
20:32:02.0105 1108	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:32:02.0114 1108	netprofm - ok
20:32:02.0198 1108	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:32:02.0201 1108	NetTcpPortSharing - ok
20:32:02.0303 1108	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:32:02.0305 1108	nfrd960 - ok
20:32:02.0368 1108	NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:32:02.0370 1108	NisDrv - ok
20:32:02.0562 1108	NisSrv          (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
20:32:02.0566 1108	NisSrv - ok
20:32:02.0696 1108	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:32:02.0703 1108	NlaSvc - ok
20:32:02.0762 1108	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:32:02.0763 1108	Npfs - ok
20:32:02.0796 1108	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:32:02.0799 1108	nsi - ok
20:32:02.0885 1108	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:32:02.0887 1108	nsiproxy - ok
20:32:02.0999 1108	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:32:03.0023 1108	Ntfs - ok
20:32:03.0126 1108	NTI IScheduleSvc (14e66f603fb187713aeb02ad3b0390cf) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
20:32:03.0127 1108	NTI IScheduleSvc - ok
20:32:03.0170 1108	NTIBackupSvc    (fd324cce1d4d5bb5af65f8e55b462c7e) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
20:32:03.0172 1108	NTIBackupSvc - ok
20:32:03.0269 1108	NTIDrvr         (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
20:32:03.0270 1108	NTIDrvr - ok
20:32:03.0370 1108	NTISchedulerSvc (3f6268a2ec33cd38cf75c880af8ded42) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
20:32:03.0398 1108	NTISchedulerSvc - ok
20:32:03.0508 1108	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:32:03.0509 1108	Null - ok
20:32:03.0596 1108	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:32:03.0599 1108	nvraid - ok
20:32:03.0682 1108	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:32:03.0685 1108	nvstor - ok
20:32:03.0796 1108	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:32:03.0799 1108	nv_agp - ok
20:32:03.0930 1108	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:32:03.0937 1108	odserv - ok
20:32:04.0065 1108	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:32:04.0067 1108	ohci1394 - ok
20:32:04.0157 1108	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:32:04.0161 1108	ose - ok
20:32:04.0245 1108	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:32:04.0252 1108	p2pimsvc - ok
20:32:04.0312 1108	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:32:04.0320 1108	p2psvc - ok
20:32:04.0457 1108	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:32:04.0460 1108	Parport - ok
20:32:04.0518 1108	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:32:04.0520 1108	partmgr - ok
20:32:04.0598 1108	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:32:04.0602 1108	PcaSvc - ok
20:32:04.0669 1108	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:32:04.0673 1108	pci - ok
20:32:04.0694 1108	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:32:04.0696 1108	pciide - ok
20:32:04.0729 1108	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:32:04.0733 1108	pcmcia - ok
20:32:04.0804 1108	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:32:04.0806 1108	pcw - ok
20:32:04.0834 1108	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:32:04.0844 1108	PEAUTH - ok
20:32:04.0925 1108	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:32:04.0927 1108	PerfHost - ok
20:32:05.0050 1108	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:32:05.0072 1108	pla - ok
20:32:05.0193 1108	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:32:05.0201 1108	PlugPlay - ok
20:32:05.0286 1108	PnkBstrA - ok
20:32:05.0325 1108	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:32:05.0328 1108	PNRPAutoReg - ok
20:32:05.0379 1108	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:32:05.0384 1108	PNRPsvc - ok
20:32:05.0473 1108	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:32:05.0482 1108	PolicyAgent - ok
20:32:05.0550 1108	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:32:05.0555 1108	Power - ok
20:32:05.0642 1108	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:32:05.0644 1108	PptpMiniport - ok
20:32:05.0717 1108	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:32:05.0719 1108	Processor - ok
20:32:05.0788 1108	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:32:05.0794 1108	ProfSvc - ok
20:32:05.0874 1108	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:32:05.0876 1108	ProtectedStorage - ok
20:32:05.0957 1108	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:32:05.0960 1108	Psched - ok
20:32:06.0069 1108	PSI_SVC_2       (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
20:32:06.0169 1108	PSI_SVC_2 - ok
20:32:06.0303 1108	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:32:06.0325 1108	ql2300 - ok
20:32:06.0414 1108	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:32:06.0417 1108	ql40xx - ok
20:32:06.0445 1108	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:32:06.0451 1108	QWAVE - ok
20:32:06.0480 1108	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:32:06.0482 1108	QWAVEdrv - ok
20:32:06.0538 1108	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:32:06.0539 1108	RasAcd - ok
20:32:06.0594 1108	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:32:06.0596 1108	RasAgileVpn - ok
20:32:06.0652 1108	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:32:06.0656 1108	RasAuto - ok
20:32:06.0745 1108	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:32:06.0748 1108	Rasl2tp - ok
20:32:06.0859 1108	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:32:06.0867 1108	RasMan - ok
20:32:06.0927 1108	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:32:06.0929 1108	RasPppoe - ok
20:32:06.0993 1108	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:32:06.0996 1108	RasSstp - ok
20:32:07.0066 1108	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:32:07.0071 1108	rdbss - ok
20:32:07.0087 1108	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:32:07.0089 1108	rdpbus - ok
20:32:07.0106 1108	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:32:07.0107 1108	RDPCDD - ok
20:32:07.0184 1108	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:32:07.0185 1108	RDPENCDD - ok
20:32:07.0218 1108	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:32:07.0220 1108	RDPREFMP - ok
20:32:07.0284 1108	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:32:07.0288 1108	RDPWD - ok
20:32:07.0391 1108	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:32:07.0395 1108	rdyboost - ok
20:32:07.0447 1108	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:32:07.0451 1108	RemoteAccess - ok
20:32:07.0513 1108	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:32:07.0518 1108	RemoteRegistry - ok
20:32:07.0585 1108	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:32:07.0588 1108	RFCOMM - ok
20:32:07.0644 1108	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:32:07.0648 1108	RpcEptMapper - ok
20:32:07.0687 1108	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:32:07.0689 1108	RpcLocator - ok
20:32:07.0783 1108	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:32:07.0790 1108	RpcSs - ok
20:32:07.0879 1108	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:32:07.0881 1108	rspndr - ok
20:32:07.0934 1108	RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
20:32:07.0938 1108	RTHDMIAzAudService - ok
20:32:08.0041 1108	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:32:08.0043 1108	SamSs - ok
20:32:08.0238 1108	SamsungAllShareV2.0 (8325093bdae38247a8482ab0a1bc37ce) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
20:32:08.0239 1108	SamsungAllShareV2.0 - ok
20:32:08.0341 1108	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:32:08.0344 1108	sbp2port - ok
20:32:08.0406 1108	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:32:08.0411 1108	SCardSvr - ok
20:32:08.0492 1108	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:32:08.0494 1108	scfilter - ok
20:32:08.0602 1108	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:32:08.0619 1108	Schedule - ok
20:32:08.0725 1108	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:32:08.0727 1108	SCPolicySvc - ok
20:32:08.0782 1108	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:32:08.0786 1108	SDRSVC - ok
20:32:08.0849 1108	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:32:08.0850 1108	secdrv - ok
20:32:08.0935 1108	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:32:08.0938 1108	seclogon - ok
20:32:08.0995 1108	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
20:32:08.0999 1108	SENS - ok
20:32:09.0045 1108	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:32:09.0048 1108	SensrSvc - ok
20:32:09.0098 1108	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:32:09.0100 1108	Serenum - ok
20:32:09.0161 1108	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:32:09.0163 1108	Serial - ok
20:32:09.0260 1108	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:32:09.0261 1108	sermouse - ok
20:32:09.0348 1108	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:32:09.0353 1108	SessionEnv - ok
20:32:09.0424 1108	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:32:09.0426 1108	sffdisk - ok
20:32:09.0436 1108	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:32:09.0438 1108	sffp_mmc - ok
20:32:09.0474 1108	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:32:09.0475 1108	sffp_sd - ok
20:32:09.0527 1108	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:32:09.0529 1108	sfloppy - ok
20:32:09.0590 1108	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:32:09.0597 1108	SharedAccess - ok
20:32:09.0688 1108	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:32:09.0696 1108	ShellHWDetection - ok
20:32:09.0846 1108	SimpleSlideShowServer (002efe99e9117d8c9feb17ce9cc6af82) C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
20:32:09.0848 1108	SimpleSlideShowServer - ok
20:32:09.0928 1108	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:32:09.0929 1108	SiSRaid2 - ok
20:32:09.0954 1108	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:32:09.0956 1108	SiSRaid4 - ok
20:32:10.0007 1108	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:32:10.0010 1108	Smb - ok
20:32:10.0128 1108	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:32:10.0131 1108	SNMPTRAP - ok
20:32:10.0168 1108	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:32:10.0170 1108	spldr - ok
20:32:10.0240 1108	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:32:10.0250 1108	Spooler - ok
20:32:10.0423 1108	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:32:10.0521 1108	sppsvc - ok
20:32:10.0592 1108	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:32:10.0596 1108	sppuinotify - ok
20:32:10.0650 1108	sptd            (a6cff1af7664627a296b6a0a96cf876e) C:\Windows\System32\Drivers\sptd.sys
20:32:10.0651 1108	Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: a6cff1af7664627a296b6a0a96cf876e
20:32:10.0653 1108	sptd ( LockedFile.Multi.Generic ) - warning
20:32:10.0653 1108	sptd - detected LockedFile.Multi.Generic (1)
20:32:10.0771 1108	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:32:10.0780 1108	srv - ok
20:32:10.0896 1108	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:32:10.0903 1108	srv2 - ok
20:32:10.0962 1108	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:32:10.0965 1108	srvnet - ok
20:32:11.0039 1108	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:32:11.0044 1108	SSDPSRV - ok
20:32:11.0074 1108	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:32:11.0078 1108	SstpSvc - ok
20:32:11.0154 1108	ssudmdm         (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
20:32:11.0158 1108	ssudmdm - ok
20:32:11.0267 1108	ssudserd        (f7747cf40af99af3b5807c8e9f337f58) C:\Windows\system32\DRIVERS\ssudserd.sys
20:32:11.0271 1108	ssudserd - ok
20:32:11.0388 1108	Steam Client Service - ok
20:32:11.0468 1108	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:32:11.0469 1108	stexstor - ok
20:32:11.0537 1108	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:32:11.0548 1108	stisvc - ok
20:32:11.0656 1108	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:32:11.0658 1108	swenum - ok
20:32:11.0696 1108	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:32:11.0706 1108	swprv - ok
20:32:11.0796 1108	SynTP           (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
20:32:11.0801 1108	SynTP - ok
20:32:11.0893 1108	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:32:11.0919 1108	SysMain - ok
20:32:12.0033 1108	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:32:12.0038 1108	TabletInputService - ok
20:32:12.0110 1108	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:32:12.0117 1108	TapiSrv - ok
20:32:12.0160 1108	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:32:12.0163 1108	TBS - ok
20:32:12.0289 1108	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:32:12.0315 1108	Tcpip - ok
20:32:12.0505 1108	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:32:12.0523 1108	TCPIP6 - ok
20:32:12.0646 1108	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:32:12.0648 1108	tcpipreg - ok
20:32:12.0689 1108	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:32:12.0690 1108	TDPIPE - ok
20:32:12.0758 1108	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:32:12.0760 1108	TDTCP - ok
20:32:12.0875 1108	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:32:12.0878 1108	tdx - ok
20:32:12.0957 1108	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:32:12.0959 1108	TermDD - ok
20:32:13.0041 1108	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:32:13.0053 1108	TermService - ok
20:32:13.0158 1108	TFsExDisk       (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys
20:32:13.0174 1108	TFsExDisk - ok
20:32:13.0221 1108	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:32:13.0224 1108	Themes - ok
20:32:13.0299 1108	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:32:13.0301 1108	THREADORDER - ok
20:32:13.0377 1108	TomTomHOMEService (e80cc0c9c45649a4ce23ea70a607f56e) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:32:13.0379 1108	TomTomHOMEService - ok
20:32:13.0467 1108	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:32:13.0472 1108	TrkWks - ok
20:32:13.0537 1108	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:32:13.0540 1108	TrustedInstaller - ok
20:32:13.0612 1108	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:32:13.0614 1108	tssecsrv - ok
20:32:13.0748 1108	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:32:13.0750 1108	TsUsbFlt - ok
20:32:13.0823 1108	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:32:13.0825 1108	tunnel - ok
20:32:13.0904 1108	TurboB          (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
20:32:13.0919 1108	TurboB - ok
20:32:13.0987 1108	TurboBoost      (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:32:14.0015 1108	TurboBoost - ok
20:32:14.0114 1108	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:32:14.0116 1108	uagp35 - ok
20:32:14.0162 1108	UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
20:32:14.0163 1108	UBHelper - ok
20:32:14.0281 1108	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:32:14.0287 1108	udfs - ok
20:32:14.0331 1108	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:32:14.0336 1108	UI0Detect - ok
20:32:14.0458 1108	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:32:14.0460 1108	uliagpkx - ok
20:32:14.0525 1108	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:32:14.0527 1108	umbus - ok
20:32:14.0552 1108	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:32:14.0553 1108	UmPass - ok
20:32:14.0687 1108	UNS             (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:32:14.0709 1108	UNS - ok
20:32:14.0771 1108	Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:32:14.0775 1108	Updater Service - ok
20:32:14.0852 1108	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:32:14.0859 1108	upnphost - ok
20:32:14.0943 1108	USBAAPL64       (5cf1ead086176dd3348e920a40bed03d) C:\Windows\system32\Drivers\usbaapl64.sys
20:32:14.0963 1108	USBAAPL64 - ok
20:32:15.0097 1108	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:32:15.0100 1108	usbaudio - ok
20:32:15.0168 1108	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:32:15.0170 1108	usbccgp - ok
20:32:15.0230 1108	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:32:15.0233 1108	usbcir - ok
20:32:15.0314 1108	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:32:15.0316 1108	usbehci - ok
20:32:15.0378 1108	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:32:15.0384 1108	usbhub - ok
20:32:15.0523 1108	USBMULCD        (f9b3054339a71f16430f6585ebc8be96) C:\Windows\system32\drivers\CM10664.sys
20:32:15.0542 1108	USBMULCD - ok
20:32:15.0650 1108	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:32:15.0652 1108	usbohci - ok
20:32:15.0689 1108	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:32:15.0691 1108	usbprint - ok
20:32:15.0781 1108	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:32:15.0782 1108	usbscan - ok
20:32:15.0839 1108	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:32:15.0841 1108	USBSTOR - ok
20:32:15.0862 1108	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:32:15.0863 1108	usbuhci - ok
20:32:15.0994 1108	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:32:15.0997 1108	usbvideo - ok
20:32:16.0058 1108	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:32:16.0061 1108	UxSms - ok
20:32:16.0142 1108	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:32:16.0144 1108	VaultSvc - ok
20:32:16.0236 1108	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:32:16.0246 1108	vdrvroot - ok
20:32:16.0338 1108	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:32:16.0349 1108	vds - ok
20:32:16.0418 1108	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:32:16.0419 1108	vga - ok
20:32:16.0446 1108	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:32:16.0447 1108	VgaSave - ok
20:32:16.0512 1108	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:32:16.0522 1108	vhdmp - ok
20:32:16.0610 1108	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:32:16.0612 1108	viaide - ok
20:32:16.0785 1108	VodafoneConnectorService (0b2d7eb8e575dfcba778c6eb93506643) C:\Program Files (x86)\Vodafone\Via The Phone\VodafoneConnectorService.exe
20:32:16.0904 1108	VodafoneConnectorService - ok
20:32:17.0015 1108	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:32:17.0017 1108	volmgr - ok
20:32:17.0080 1108	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:32:17.0086 1108	volmgrx - ok
20:32:17.0162 1108	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:32:17.0168 1108	volsnap - ok
20:32:17.0245 1108	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:32:17.0248 1108	vsmraid - ok
20:32:17.0344 1108	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:32:17.0369 1108	VSS - ok
20:32:17.0439 1108	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:32:17.0441 1108	vwifibus - ok
20:32:17.0460 1108	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:32:17.0462 1108	vwififlt - ok
20:32:17.0508 1108	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
20:32:17.0509 1108	vwifimp - ok
20:32:17.0588 1108	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:32:17.0596 1108	W32Time - ok
20:32:17.0634 1108	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:32:17.0635 1108	WacomPen - ok
20:32:17.0705 1108	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:32:17.0707 1108	WANARP - ok
20:32:17.0713 1108	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:32:17.0715 1108	Wanarpv6 - ok
20:32:17.0850 1108	WatAdminSvc     (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:32:17.0868 1108	WatAdminSvc - ok
20:32:18.0005 1108	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:32:18.0028 1108	wbengine - ok
20:32:18.0131 1108	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:32:18.0137 1108	WbioSrvc - ok
20:32:18.0208 1108	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:32:18.0216 1108	wcncsvc - ok
20:32:18.0267 1108	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:32:18.0270 1108	WcsPlugInService - ok
20:32:18.0339 1108	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:32:18.0340 1108	Wd - ok
20:32:18.0378 1108	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:32:18.0388 1108	Wdf01000 - ok
20:32:18.0458 1108	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:32:18.0462 1108	WdiServiceHost - ok
20:32:18.0468 1108	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:32:18.0472 1108	WdiSystemHost - ok
20:32:18.0543 1108	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:32:18.0550 1108	WebClient - ok
20:32:18.0588 1108	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:32:18.0594 1108	Wecsvc - ok
20:32:18.0644 1108	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:32:18.0648 1108	wercplsupport - ok
20:32:18.0691 1108	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:32:18.0695 1108	WerSvc - ok
20:32:18.0765 1108	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:32:18.0766 1108	WfpLwf - ok
20:32:18.0806 1108	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:32:18.0808 1108	WIMMount - ok
20:32:18.0856 1108	WinDefend - ok
20:32:18.0863 1108	WinHttpAutoProxySvc - ok
20:32:18.0951 1108	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:32:18.0955 1108	Winmgmt - ok
20:32:19.0084 1108	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:32:19.0117 1108	WinRM - ok
20:32:19.0241 1108	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:32:19.0243 1108	WinUsb - ok
20:32:19.0300 1108	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:32:19.0315 1108	Wlansvc - ok
20:32:19.0459 1108	wlidsvc         (a8e1dc28dc49c0c0ad59969b87049602) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:32:19.0491 1108	wlidsvc - ok
20:32:19.0597 1108	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:32:19.0598 1108	WmiAcpi - ok
20:32:19.0657 1108	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:32:19.0661 1108	wmiApSrv - ok
20:32:19.0701 1108	WMPNetworkSvc - ok
20:32:19.0777 1108	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:32:19.0780 1108	WPCSvc - ok
20:32:19.0848 1108	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:32:19.0853 1108	WPDBusEnum - ok
20:32:19.0917 1108	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:32:19.0918 1108	ws2ifsl - ok
20:32:20.0004 1108	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
20:32:20.0009 1108	wscsvc - ok
20:32:20.0041 1108	WSearch - ok
20:32:20.0149 1108	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:32:20.0185 1108	wuauserv - ok
20:32:20.0291 1108	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:32:20.0293 1108	WudfPf - ok
20:32:20.0334 1108	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:32:20.0337 1108	WUDFRd - ok
20:32:20.0440 1108	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:32:20.0444 1108	wudfsvc - ok
20:32:20.0489 1108	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:32:20.0495 1108	WwanSvc - ok
20:32:20.0671 1108	{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl
20:32:20.0674 1108	{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
20:32:20.0743 1108	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:32:20.0804 1108	\Device\Harddisk0\DR0 - ok
20:32:20.0806 1108	Boot (0x1200)   (cd6685c94b0c5847ee7c5df4675b89db) \Device\Harddisk0\DR0\Partition0
20:32:20.0807 1108	\Device\Harddisk0\DR0\Partition0 - ok
20:32:20.0819 1108	Boot (0x1200)   (b98cc182381e502cfe4428c53554cc43) \Device\Harddisk0\DR0\Partition1
20:32:20.0820 1108	\Device\Harddisk0\DR0\Partition1 - ok
20:32:20.0821 1108	============================================================
20:32:20.0821 1108	Scan finished
20:32:20.0821 1108	============================================================
         

Alt 22.03.2012, 20:44   #11
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



hier der 2. teil und die combofix.txt datei die ich anhängen sollte:

Code:
ATTFilter
20:32:20.0826 6140	Detected object count: 2
20:32:20.0826 6140	Actual detected object count: 2
20:32:29.0299 6140	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
20:32:29.0299 6140	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
20:32:29.0300 6140	sptd ( LockedFile.Multi.Generic ) - skipped by user
20:32:29.0300 6140	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
20:33:27.0401 6008	============================================================
20:33:27.0402 6008	Scan started
20:33:27.0402 6008	Mode: Manual; SigCheck; 
20:33:27.0402 6008	============================================================
20:33:27.0677 6008	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:33:27.0803 6008	1394ohci - ok
20:33:27.0869 6008	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:33:27.0925 6008	ACPI - ok
20:33:28.0039 6008	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:33:28.0102 6008	AcpiPmi - ok
20:33:28.0141 6008	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:33:28.0193 6008	adp94xx - ok
20:33:28.0277 6008	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:33:28.0321 6008	adpahci - ok
20:33:28.0348 6008	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:33:28.0387 6008	adpu320 - ok
20:33:28.0420 6008	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:33:28.0541 6008	AeLookupSvc - ok
20:33:28.0661 6008	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:33:28.0753 6008	AFD - ok
20:33:28.0819 6008	AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
20:33:28.0885 6008	AgereModemAudio - ok
20:33:28.0988 6008	AgereSoftModem  (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
20:33:29.0084 6008	AgereSoftModem - ok
20:33:29.0201 6008	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:33:29.0235 6008	agp440 - ok
20:33:29.0407 6008	Akamai          (31bd294dc6ddbc0f16356d958d0743a4) c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll
20:33:29.0407 6008	Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll. md5: 31bd294dc6ddbc0f16356d958d0743a4
20:33:29.0414 6008	Akamai ( HiddenFile.Multi.Generic ) - warning
20:33:29.0414 6008	Akamai - detected HiddenFile.Multi.Generic (1)
20:33:29.0484 6008	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:33:29.0604 6008	ALG - ok
20:33:29.0714 6008	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:33:29.0743 6008	aliide - ok
20:33:29.0805 6008	AMD External Events Utility (b5e2434fc851698c1f119cf1c3935a50) C:\Windows\system32\atiesrxx.exe
20:33:29.0973 6008	AMD External Events Utility - ok
20:33:30.0084 6008	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:33:30.0112 6008	amdide - ok
20:33:30.0134 6008	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:33:30.0189 6008	AmdK8 - ok
20:33:30.0546 6008	amdkmdag        (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
20:33:30.0884 6008	amdkmdag - ok
20:33:30.0968 6008	amdkmdap        (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
20:33:31.0029 6008	amdkmdap - ok
20:33:31.0056 6008	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:33:31.0126 6008	AmdPPM - ok
20:33:31.0233 6008	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:33:31.0266 6008	amdsata - ok
20:33:31.0310 6008	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:33:31.0348 6008	amdsbs - ok
20:33:31.0372 6008	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:33:31.0408 6008	amdxata - ok
20:33:31.0489 6008	AmUStor         (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
20:33:31.0545 6008	AmUStor - ok
20:33:31.0595 6008	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:33:31.0710 6008	AppID - ok
20:33:31.0783 6008	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:33:31.0930 6008	AppIDSvc - ok
20:33:31.0987 6008	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:33:32.0091 6008	Appinfo - ok
20:33:32.0158 6008	Apple Mobile Device (5aa788d5a2c6737bb9c45933985bc1b8) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:33:32.0313 6008	Apple Mobile Device - ok
20:33:32.0412 6008	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:33:32.0444 6008	arc - ok
20:33:32.0469 6008	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:33:32.0503 6008	arcsas - ok
20:33:32.0521 6008	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:33:32.0633 6008	AsyncMac - ok
20:33:32.0745 6008	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:33:32.0776 6008	atapi - ok
20:33:32.0909 6008	athr            (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
20:33:33.0023 6008	athr - ok
20:33:33.0102 6008	AtiHDAudioService (2b3b05c0a7768bf033217eb8f33f9c35) C:\Windows\system32\drivers\AtihdW76.sys
20:33:33.0172 6008	AtiHDAudioService - ok
20:33:33.0460 6008	atikmdag        (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
20:33:33.0803 6008	atikmdag - ok
20:33:33.0938 6008	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:33:34.0088 6008	AudioEndpointBuilder - ok
20:33:34.0103 6008	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:33:34.0211 6008	AudioSrv - ok
20:33:34.0318 6008	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:33:34.0415 6008	AxInstSV - ok
20:33:34.0470 6008	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:33:34.0528 6008	b06bdrv - ok
20:33:34.0621 6008	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:33:34.0680 6008	b57nd60a - ok
20:33:34.0736 6008	BCM43XX         (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:33:34.0834 6008	BCM43XX - ok
20:33:34.0910 6008	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:33:34.0975 6008	BDESVC - ok
20:33:35.0019 6008	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:33:35.0153 6008	Beep - ok
20:33:35.0272 6008	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:33:35.0411 6008	BFE - ok
20:33:35.0539 6008	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
20:33:35.0679 6008	BITS - ok
20:33:35.0757 6008	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:33:35.0807 6008	blbdrive - ok
20:33:35.0926 6008	Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:33:36.0034 6008	Bonjour Service - ok
20:33:36.0149 6008	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:33:36.0203 6008	bowser - ok
20:33:36.0231 6008	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:33:36.0292 6008	BrFiltLo - ok
20:33:36.0384 6008	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:33:36.0431 6008	BrFiltUp - ok
20:33:36.0457 6008	BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
20:33:36.0563 6008	BridgeMP - ok
20:33:36.0676 6008	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:33:36.0819 6008	Browser - ok
20:33:36.0864 6008	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:33:36.0929 6008	Brserid - ok
20:33:37.0010 6008	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:33:37.0068 6008	BrSerWdm - ok
20:33:37.0094 6008	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:33:37.0140 6008	BrUsbMdm - ok
20:33:37.0212 6008	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:33:37.0257 6008	BrUsbSer - ok
20:33:37.0283 6008	BthAudioHF      (07dcb3c254d584e3949fe2c0ee3963f2) C:\Windows\system32\DRIVERS\BthAudioHF.sys
20:33:37.0357 6008	BthAudioHF - ok
20:33:37.0447 6008	BthAvrcp        (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys
20:33:37.0502 6008	BthAvrcp - ok
20:33:37.0556 6008	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:33:37.0608 6008	BthEnum - ok
20:33:37.0696 6008	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:33:37.0751 6008	BTHMODEM - ok
20:33:37.0792 6008	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:33:37.0837 6008	BthPan - ok
20:33:37.0962 6008	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
20:33:38.0021 6008	BTHPORT - ok
20:33:38.0099 6008	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:33:38.0243 6008	bthserv - ok
20:33:38.0359 6008	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:33:38.0405 6008	BTHUSB - ok
20:33:38.0534 6008	catchme - ok
20:33:38.0627 6008	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:33:38.0728 6008	cdfs - ok
20:33:38.0799 6008	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:33:38.0861 6008	cdrom - ok
20:33:38.0968 6008	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:33:39.0149 6008	CertPropSvc - ok
20:33:39.0206 6008	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:33:39.0247 6008	circlass - ok
20:33:39.0332 6008	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:33:39.0384 6008	CLFS - ok
20:33:39.0452 6008	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:39.0508 6008	clr_optimization_v2.0.50727_32 - ok
20:33:39.0570 6008	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:33:39.0605 6008	clr_optimization_v2.0.50727_64 - ok
20:33:39.0745 6008	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:33:39.0792 6008	clr_optimization_v4.0.30319_32 - ok
20:33:39.0821 6008	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:33:39.0867 6008	clr_optimization_v4.0.30319_64 - ok
20:33:39.0954 6008	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:33:40.0029 6008	CmBatt - ok
20:33:40.0162 6008	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:33:40.0234 6008	cmdide - ok
20:33:40.0338 6008	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:33:40.0421 6008	CNG - ok
20:33:40.0516 6008	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:33:40.0557 6008	Compbatt - ok
20:33:40.0616 6008	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:33:40.0676 6008	CompositeBus - ok
20:33:40.0740 6008	COMSysApp - ok
20:33:40.0790 6008	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:33:40.0821 6008	crcdisk - ok
20:33:40.0982 6008	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:33:41.0106 6008	CryptSvc - ok
20:33:41.0142 6008	csr_a2dp        (df07c6d98ba7f81d0571e366b1cd6672) C:\Windows\system32\drivers\bthav.sys
20:33:41.0190 6008	csr_a2dp - ok
20:33:41.0315 6008	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:33:41.0470 6008	DcomLaunch - ok
20:33:41.0666 6008	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:33:41.0801 6008	defragsvc - ok
20:33:41.0935 6008	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:33:42.0052 6008	DfsC - ok
20:33:42.0119 6008	dgderdrv        (867fa8b9e9e3078f68c4089904bbf4b0) C:\Windows\system32\drivers\dgderdrv.sys
20:33:42.0150 6008	dgderdrv - ok
20:33:42.0225 6008	dg_ssudbus      (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
20:33:42.0263 6008	dg_ssudbus - ok
20:33:42.0361 6008	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:33:42.0500 6008	Dhcp - ok
20:33:42.0575 6008	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:33:42.0718 6008	discache - ok
20:33:42.0815 6008	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:33:42.0849 6008	Disk - ok
20:33:42.0919 6008	DKbFltr         (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
20:33:42.0950 6008	DKbFltr - ok
20:33:43.0041 6008	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:33:43.0117 6008	Dnscache - ok
20:33:43.0201 6008	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:33:43.0328 6008	dot3svc - ok
20:33:43.0434 6008	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:33:43.0563 6008	DPS - ok
20:33:43.0619 6008	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:33:43.0683 6008	drmkaud - ok
20:33:43.0816 6008	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:33:43.0893 6008	DXGKrnl - ok
20:33:43.0966 6008	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:33:44.0120 6008	EapHost - ok
20:33:44.0239 6008	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:33:44.0359 6008	ebdrv - ok
20:33:44.0472 6008	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:33:44.0557 6008	EFS - ok
20:33:44.0655 6008	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:33:44.0756 6008	ehRecvr - ok
20:33:44.0801 6008	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:33:44.0887 6008	ehSched - ok
20:33:44.0948 6008	ElbyCDIO        (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
20:33:44.0981 6008	ElbyCDIO - ok
20:33:45.0044 6008	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:33:45.0098 6008	elxstor - ok
20:33:45.0195 6008	ePowerSvc       (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:33:45.0376 6008	ePowerSvc - ok
20:33:45.0518 6008	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:33:45.0569 6008	ErrDev - ok
20:33:45.0610 6008	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:33:45.0739 6008	EventSystem - ok
20:33:45.0818 6008	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:33:45.0926 6008	exfat - ok
20:33:45.0939 6008	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:33:46.0067 6008	fastfat - ok
20:33:46.0198 6008	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:33:46.0405 6008	Fax - ok
20:33:46.0495 6008	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:33:46.0534 6008	fdc - ok
20:33:46.0567 6008	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:33:46.0683 6008	fdPHost - ok
20:33:46.0762 6008	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:33:46.0876 6008	FDResPub - ok
20:33:46.0928 6008	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:33:46.0970 6008	FileInfo - ok
20:33:47.0046 6008	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:33:47.0151 6008	Filetrace - ok
20:33:47.0177 6008	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:33:47.0218 6008	flpydisk - ok
20:33:47.0341 6008	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:33:47.0389 6008	FltMgr - ok
20:33:47.0474 6008	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:33:47.0570 6008	FontCache - ok
20:33:47.0679 6008	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:33:47.0710 6008	FontCache3.0.0.0 - ok
20:33:47.0784 6008	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:33:47.0820 6008	FsDepends - ok
20:33:47.0865 6008	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:33:47.0897 6008	Fs_Rec - ok
20:33:48.0006 6008	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:33:48.0058 6008	fvevol - ok
20:33:48.0120 6008	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:33:48.0156 6008	gagp30kx - ok
20:33:48.0194 6008	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:33:48.0219 6008	GEARAspiWDM - ok
20:33:48.0311 6008	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:33:48.0444 6008	gpsvc - ok
20:33:48.0502 6008	gpszylna - ok
20:33:48.0617 6008	Greg_Service    (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
20:33:50.0109 6008	Greg_Service - ok
20:33:50.0194 6008	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:33:50.0276 6008	gupdate - ok
20:33:50.0283 6008	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:33:50.0359 6008	gupdatem - ok
20:33:50.0410 6008	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:33:50.0513 6008	gusvc - ok
20:33:50.0591 6008	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:33:50.0644 6008	hcw85cir - ok
20:33:50.0709 6008	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:33:50.0786 6008	HdAudAddService - ok
20:33:50.0922 6008	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:33:50.0982 6008	HDAudBus - ok
20:33:51.0009 6008	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:33:51.0052 6008	HECIx64 - ok
20:33:51.0145 6008	HFGService      (ee8c05f926521a0e24edaf40f45d01e6) C:\Windows\System32\HFGService.dll
20:33:51.0274 6008	HFGService - ok
20:33:51.0367 6008	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:33:51.0417 6008	HidBatt - ok
20:33:51.0445 6008	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:33:51.0494 6008	HidBth - ok
20:33:51.0568 6008	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:33:51.0634 6008	HidIr - ok
20:33:51.0675 6008	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
20:33:51.0799 6008	hidserv - ok
20:33:51.0909 6008	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:33:51.0948 6008	HidUsb - ok
20:33:52.0019 6008	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:33:52.0178 6008	hkmsvc - ok
20:33:52.0295 6008	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:33:52.0383 6008	HomeGroupListener - ok
20:33:52.0444 6008	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:33:52.0514 6008	HomeGroupProvider - ok
20:33:52.0616 6008	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:33:52.0645 6008	HpSAMD - ok
20:33:52.0731 6008	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:33:52.0871 6008	HTTP - ok
20:33:52.0989 6008	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:33:53.0023 6008	hwpolicy - ok
20:33:53.0085 6008	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:33:53.0123 6008	i8042prt - ok
20:33:53.0224 6008	IAANTMON        (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:33:53.0388 6008	IAANTMON - ok
20:33:53.0487 6008	iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
20:33:53.0536 6008	iaStor - ok
20:33:53.0598 6008	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:33:53.0657 6008	iaStorV - ok
20:33:53.0759 6008	ICQ Service     (848edebb3c1d6fec50e09eda95c21e84) C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
20:33:53.0865 6008	ICQ Service - ok
20:33:53.0962 6008	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:33:54.0082 6008	IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:33:54.0082 6008	IDriverT - detected UnsignedFile.Multi.Generic (1)
20:33:54.0225 6008	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:33:54.0290 6008	idsvc - ok
20:33:54.0521 6008	igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:33:54.0864 6008	igfx - ok
20:33:55.0019 6008	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:33:55.0050 6008	iirsp - ok
20:33:55.0131 6008	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:33:55.0284 6008	IKEEXT - ok
20:33:55.0386 6008	Impcd           (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
20:33:55.0423 6008	Impcd - ok
20:33:55.0499 6008	IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys
20:33:55.0629 6008	IntcAzAudAddService - ok
20:33:55.0737 6008	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:33:55.0769 6008	intelide - ok
20:33:55.0797 6008	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:33:55.0866 6008	intelppm - ok
20:33:55.0944 6008	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:33:56.0062 6008	IPBusEnum - ok
20:33:56.0193 6008	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:33:56.0294 6008	IpFilterDriver - ok
20:33:56.0411 6008	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:33:56.0560 6008	iphlpsvc - ok
20:33:56.0737 6008	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:33:56.0799 6008	IPMIDRV - ok
20:33:56.0837 6008	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:33:56.0940 6008	IPNAT - ok
20:33:57.0069 6008	iPod Service    (3d62fe4fefe9c67dafec52b534dfa1fb) C:\Program Files\iPod\bin\iPodService.exe
20:33:57.0240 6008	iPod Service - ok
20:33:57.0316 6008	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:33:57.0370 6008	IRENUM - ok
20:33:57.0436 6008	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:33:57.0470 6008	isapnp - ok
20:33:57.0572 6008	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:33:57.0617 6008	iScsiPrt - ok
20:33:57.0669 6008	k57nd60a        (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
20:33:57.0711 6008	k57nd60a - ok
20:33:57.0771 6008	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:33:57.0805 6008	kbdclass - ok
20:33:57.0928 6008	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:33:57.0994 6008	kbdhid - ok
20:33:58.0041 6008	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:33:58.0092 6008	KeyIso - ok
20:33:58.0204 6008	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:33:58.0242 6008	KSecDD - ok
20:33:58.0262 6008	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:33:58.0305 6008	KSecPkg - ok
20:33:58.0338 6008	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:33:58.0443 6008	ksthunk - ok
20:33:58.0524 6008	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:33:58.0654 6008	KtmRm - ok
20:33:58.0697 6008	L1E             (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
20:33:58.0779 6008	L1E - ok
20:33:58.0905 6008	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
20:33:59.0031 6008	LanmanServer - ok
20:33:59.0090 6008	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:33:59.0230 6008	LanmanWorkstation - ok
20:33:59.0331 6008	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:33:59.0426 6008	lltdio - ok
20:33:59.0469 6008	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:33:59.0613 6008	lltdsvc - ok
20:33:59.0700 6008	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:33:59.0807 6008	lmhosts - ok
20:33:59.0894 6008	LMS             (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:34:00.0037 6008	LMS - ok
20:34:00.0127 6008	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:34:00.0171 6008	LSI_FC - ok
20:34:00.0186 6008	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:34:00.0224 6008	LSI_SAS - ok
20:34:00.0239 6008	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:34:00.0282 6008	LSI_SAS2 - ok
20:34:00.0306 6008	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:34:00.0338 6008	LSI_SCSI - ok
20:34:00.0416 6008	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:34:00.0533 6008	luafv - ok
20:34:00.0584 6008	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
20:34:00.0613 6008	MBAMProtector - ok
20:34:00.0767 6008	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:34:00.0942 6008	MBAMService - ok
20:34:01.0050 6008	mbmiodrvr       (2e1652d8ab971403eaaddc921800b1fa) C:\Windows\syswow64\mbmiodrvr.sys
20:34:01.0077 6008	mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning
20:34:01.0077 6008	mbmiodrvr - detected UnsignedFile.Multi.Generic (1)
20:34:01.0174 6008	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:34:01.0249 6008	Mcx2Svc - ok
20:34:01.0303 6008	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:34:01.0336 6008	megasas - ok
20:34:01.0391 6008	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:34:01.0444 6008	MegaSR - ok
20:34:01.0486 6008	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:34:01.0627 6008	MMCSS - ok
20:34:01.0711 6008	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:34:01.0811 6008	Modem - ok
20:34:01.0843 6008	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:34:01.0897 6008	monitor - ok
20:34:01.0984 6008	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:34:02.0020 6008	mouclass - ok
20:34:02.0064 6008	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:34:02.0117 6008	mouhid - ok
20:34:02.0184 6008	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:34:02.0222 6008	mountmgr - ok
20:34:02.0352 6008	MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
20:34:02.0414 6008	MpFilter - ok
20:34:02.0496 6008	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:34:02.0538 6008	mpio - ok
20:34:02.0560 6008	MpNWMon         (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
20:34:02.0591 6008	MpNWMon - ok
20:34:02.0667 6008	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:34:02.0793 6008	mpsdrv - ok
20:34:02.0943 6008	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:34:03.0117 6008	MpsSvc - ok
20:34:03.0228 6008	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:34:03.0297 6008	MRxDAV - ok
20:34:03.0368 6008	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:34:03.0439 6008	mrxsmb - ok
20:34:03.0572 6008	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:34:03.0632 6008	mrxsmb10 - ok
20:34:03.0695 6008	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:34:03.0738 6008	mrxsmb20 - ok
20:34:03.0803 6008	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:34:03.0836 6008	msahci - ok
20:34:03.0953 6008	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:34:03.0993 6008	msdsm - ok
20:34:04.0026 6008	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:34:04.0114 6008	MSDTC - ok
20:34:04.0213 6008	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:34:04.0296 6008	Msfs - ok
20:34:04.0309 6008	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:34:04.0408 6008	mshidkmdf - ok
20:34:04.0459 6008	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:34:04.0488 6008	msisadrv - ok
20:34:04.0561 6008	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:34:04.0682 6008	MSiSCSI - ok
20:34:04.0692 6008	msiserver - ok
20:34:04.0735 6008	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:34:04.0824 6008	MSKSSRV - ok
20:34:04.0930 6008	MsMpSvc         (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:34:04.0968 6008	MsMpSvc - ok
20:34:05.0099 6008	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:34:05.0207 6008	MSPCLOCK - ok
20:34:05.0294 6008	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:34:05.0394 6008	MSPQM - ok
20:34:05.0457 6008	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:34:05.0508 6008	MsRPC - ok
20:34:05.0626 6008	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:34:05.0658 6008	mssmbios - ok
20:34:05.0689 6008	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:34:05.0784 6008	MSTEE - ok
20:34:05.0804 6008	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:34:05.0842 6008	MTConfig - ok
20:34:05.0946 6008	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:34:05.0979 6008	Mup - ok
20:34:06.0010 6008	mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:34:06.0041 6008	mwlPSDFilter - ok
20:34:06.0095 6008	mwlPSDNServ     (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:34:06.0122 6008	mwlPSDNServ - ok
20:34:06.0147 6008	mwlPSDVDisk     (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:34:06.0182 6008	mwlPSDVDisk - ok
20:34:06.0338 6008	MWLService      (2f139207f618ec2933830227eeffddb4) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
20:34:06.0388 6008	MWLService - ok
20:34:06.0502 6008	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:34:06.0634 6008	napagent - ok
20:34:06.0728 6008	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:34:06.0800 6008	NativeWifiP - ok
20:34:06.0950 6008	NAUpdate        (e4534bccdd1ea7a7a256bb9d6688a5fc) C:\Program Files (x86)\Nero\Update\NASvc.exe
20:34:07.0058 6008	NAUpdate - ok
20:34:07.0267 6008	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:34:07.0348 6008	NDIS - ok
20:34:07.0425 6008	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:34:07.0517 6008	NdisCap - ok
20:34:07.0541 6008	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:34:07.0642 6008	NdisTapi - ok
20:34:07.0712 6008	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:34:07.0809 6008	Ndisuio - ok
20:34:07.0922 6008	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:34:08.0031 6008	NdisWan - ok
20:34:08.0089 6008	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:34:08.0177 6008	NDProxy - ok
20:34:08.0214 6008	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:34:08.0325 6008	NetBIOS - ok
20:34:08.0445 6008	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:34:08.0569 6008	NetBT - ok
20:34:08.0630 6008	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:34:08.0679 6008	Netlogon - ok
20:34:08.0755 6008	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:34:08.0872 6008	Netman - ok
20:34:08.0906 6008	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:34:09.0073 6008	netprofm - ok
20:34:09.0231 6008	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:34:09.0271 6008	NetTcpPortSharing - ok
20:34:09.0348 6008	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:34:09.0380 6008	nfrd960 - ok
20:34:09.0453 6008	NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:34:09.0485 6008	NisDrv - ok
20:34:09.0552 6008	NisSrv          (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
20:34:09.0629 6008	NisSrv - ok
20:34:09.0719 6008	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:34:09.0855 6008	NlaSvc - ok
20:34:09.0996 6008	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:34:10.0084 6008	Npfs - ok
20:34:10.0140 6008	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:34:10.0246 6008	nsi - ok
20:34:10.0308 6008	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:34:10.0409 6008	nsiproxy - ok
20:34:10.0610 6008	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:34:10.0702 6008	Ntfs - ok
20:34:10.0815 6008	NTI IScheduleSvc (14e66f603fb187713aeb02ad3b0390cf) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
20:34:10.0943 6008	NTI IScheduleSvc - ok
20:34:11.0038 6008	NTIBackupSvc    (fd324cce1d4d5bb5af65f8e55b462c7e) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
20:34:11.0147 6008	NTIBackupSvc - ok
20:34:11.0225 6008	NTIDrvr         (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
20:34:11.0254 6008	NTIDrvr - ok
20:34:11.0348 6008	NTISchedulerSvc (3f6268a2ec33cd38cf75c880af8ded42) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
20:34:11.0457 6008	NTISchedulerSvc - ok
20:34:11.0564 6008	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:34:11.0650 6008	Null - ok
20:34:11.0720 6008	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:34:11.0761 6008	nvraid - ok
20:34:11.0783 6008	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:34:11.0819 6008	nvstor - ok
20:34:11.0931 6008	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:34:11.0986 6008	nv_agp - ok
20:34:12.0109 6008	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:34:12.0229 6008	odserv - ok
20:34:12.0355 6008	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:34:12.0416 6008	ohci1394 - ok
20:34:12.0502 6008	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:34:12.0580 6008	ose - ok
20:34:12.0657 6008	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:34:12.0737 6008	p2pimsvc - ok
20:34:12.0769 6008	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:34:12.0847 6008	p2psvc - ok
20:34:12.0925 6008	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:34:12.0964 6008	Parport - ok
20:34:13.0019 6008	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:34:13.0051 6008	partmgr - ok
20:34:13.0077 6008	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:34:13.0159 6008	PcaSvc - ok
20:34:13.0293 6008	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:34:13.0336 6008	pci - ok
20:34:13.0351 6008	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:34:13.0382 6008	pciide - ok
20:34:13.0419 6008	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:34:13.0462 6008	pcmcia - ok
20:34:13.0483 6008	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:34:13.0515 6008	pcw - ok
20:34:13.0603 6008	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:34:13.0718 6008	PEAUTH - ok
20:34:13.0804 6008	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:34:13.0868 6008	PerfHost - ok
20:34:13.0997 6008	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:34:14.0159 6008	pla - ok
20:34:14.0283 6008	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:34:14.0369 6008	PlugPlay - ok
20:34:14.0379 6008	PnkBstrA - ok
20:34:14.0415 6008	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:34:14.0504 6008	PNRPAutoReg - ok
20:34:14.0591 6008	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:34:14.0657 6008	PNRPsvc - ok
20:34:14.0740 6008	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:34:14.0875 6008	PolicyAgent - ok
20:34:14.0951 6008	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:34:15.0076 6008	Power - ok
20:34:15.0154 6008	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:34:15.0250 6008	PptpMiniport - ok
20:34:15.0318 6008	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:34:15.0372 6008	Processor - ok
20:34:15.0447 6008	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:34:15.0617 6008	ProfSvc - ok
20:34:15.0720 6008	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:34:15.0777 6008	ProtectedStorage - ok
20:34:15.0848 6008	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:34:15.0941 6008	Psched - ok
20:34:16.0031 6008	PSI_SVC_2       (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
20:34:16.0152 6008	PSI_SVC_2 - ok
20:34:16.0261 6008	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:34:16.0342 6008	ql2300 - ok
20:34:16.0405 6008	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:34:16.0444 6008	ql40xx - ok
20:34:16.0469 6008	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:34:16.0547 6008	QWAVE - ok
20:34:16.0581 6008	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:34:16.0651 6008	QWAVEdrv - ok
20:34:16.0728 6008	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:34:16.0830 6008	RasAcd - ok
20:34:16.0884 6008	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:34:16.0984 6008	RasAgileVpn - ok
20:34:17.0042 6008	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:34:17.0164 6008	RasAuto - ok
20:34:17.0258 6008	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:34:17.0357 6008	Rasl2tp - ok
20:34:17.0461 6008	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:34:17.0591 6008	RasMan - ok
20:34:17.0650 6008	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:34:17.0807 6008	RasPppoe - ok
20:34:17.0862 6008	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:34:17.0957 6008	RasSstp - ok
20:34:18.0034 6008	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:34:18.0131 6008	rdbss - ok
20:34:18.0189 6008	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:34:18.0245 6008	rdpbus - ok
20:34:18.0285 6008	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:34:18.0390 6008	RDPCDD - ok
20:34:18.0452 6008	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:34:18.0540 6008	RDPENCDD - ok
20:34:18.0576 6008	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:34:18.0665 6008	RDPREFMP - ok
20:34:18.0729 6008	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:34:18.0784 6008	RDPWD - ok
20:34:18.0882 6008	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:34:18.0935 6008	rdyboost - ok
20:34:18.0982 6008	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:34:19.0115 6008	RemoteAccess - ok
20:34:19.0181 6008	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:34:19.0304 6008	RemoteRegistry - ok
20:34:19.0365 6008	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:34:19.0418 6008	RFCOMM - ok
20:34:19.0479 6008	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:34:19.0585 6008	RpcEptMapper - ok
20:34:19.0621 6008	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:34:19.0688 6008	RpcLocator - ok
20:34:19.0796 6008	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:34:19.0921 6008	RpcSs - ok
20:34:20.0002 6008	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:34:20.0127 6008	rspndr - ok
20:34:20.0180 6008	RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
20:34:20.0223 6008	RTHDMIAzAudService - ok
20:34:20.0320 6008	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:34:20.0372 6008	SamSs - ok
20:34:20.0572 6008	SamsungAllShareV2.0 (8325093bdae38247a8482ab0a1bc37ce) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
20:34:20.0605 6008	SamsungAllShareV2.0 - ok
20:34:20.0709 6008	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:34:20.0745 6008	sbp2port - ok
20:34:20.0785 6008	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:34:20.0927 6008	SCardSvr - ok
20:34:21.0049 6008	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:34:21.0147 6008	scfilter - ok
20:34:21.0292 6008	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:34:21.0466 6008	Schedule - ok
20:34:21.0627 6008	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:34:21.0726 6008	SCPolicySvc - ok
20:34:21.0783 6008	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:34:21.0853 6008	SDRSVC - ok
20:34:21.0906 6008	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:34:22.0014 6008	secdrv - ok
20:34:22.0103 6008	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:34:22.0239 6008	seclogon - ok
20:34:22.0297 6008	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
20:34:22.0414 6008	SENS - ok
20:34:22.0480 6008	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:34:22.0557 6008	SensrSvc - ok
20:34:22.0622 6008	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:34:22.0658 6008	Serenum - ok
20:34:22.0717 6008	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:34:22.0785 6008	Serial - ok
20:34:22.0883 6008	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:34:22.0962 6008	sermouse - ok
20:34:23.0071 6008	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:34:23.0211 6008	SessionEnv - ok
20:34:23.0313 6008	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:34:23.0369 6008	sffdisk - ok
20:34:23.0417 6008	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:34:23.0471 6008	sffp_mmc - ok
20:34:23.0552 6008	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:34:23.0610 6008	sffp_sd - ok
20:34:23.0661 6008	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:34:23.0723 6008	sfloppy - ok
20:34:23.0791 6008	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:34:23.0919 6008	SharedAccess - ok
20:34:24.0033 6008	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:34:24.0160 6008	ShellHWDetection - ok
20:34:24.0303 6008	SimpleSlideShowServer (002efe99e9117d8c9feb17ce9cc6af82) C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
20:34:24.0354 6008	SimpleSlideShowServer - ok
20:34:24.0439 6008	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:34:24.0471 6008	SiSRaid2 - ok
20:34:24.0499 6008	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:34:24.0538 6008	SiSRaid4 - ok
20:34:24.0574 6008	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:34:24.0683 6008	Smb - ok
20:34:24.0761 6008	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:34:24.0826 6008	SNMPTRAP - ok
20:34:24.0869 6008	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:34:24.0901 6008	spldr - ok
20:34:25.0007 6008	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:34:25.0219 6008	Spooler - ok
20:34:25.0412 6008	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:34:25.0648 6008	sppsvc - ok
20:34:25.0726 6008	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:34:25.0857 6008	sppuinotify - ok
20:34:25.0917 6008	sptd            (a6cff1af7664627a296b6a0a96cf876e) C:\Windows\System32\Drivers\sptd.sys
20:34:25.0919 6008	Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: a6cff1af7664627a296b6a0a96cf876e
20:34:25.0920 6008	sptd ( LockedFile.Multi.Generic ) - warning
20:34:25.0920 6008	sptd - detected LockedFile.Multi.Generic (1)
20:34:26.0038 6008	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:34:26.0102 6008	srv - ok
20:34:26.0219 6008	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:34:26.0282 6008	srv2 - ok
20:34:26.0340 6008	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:34:26.0401 6008	srvnet - ok
20:34:26.0473 6008	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:34:26.0607 6008	SSDPSRV - ok
20:34:26.0630 6008	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:34:26.0739 6008	SstpSvc - ok
20:34:26.0789 6008	ssudmdm         (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
20:34:26.0823 6008	ssudmdm - ok
20:34:26.0945 6008	ssudserd        (f7747cf40af99af3b5807c8e9f337f58) C:\Windows\system32\DRIVERS\ssudserd.sys
20:34:26.0980 6008	ssudserd - ok
20:34:27.0066 6008	Steam Client Service - ok
20:34:27.0102 6008	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:34:27.0133 6008	stexstor - ok
20:34:27.0249 6008	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:34:27.0355 6008	stisvc - ok
20:34:27.0479 6008	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:34:27.0514 6008	swenum - ok
20:34:27.0563 6008	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:34:27.0698 6008	swprv - ok
20:34:27.0796 6008	SynTP           (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
20:34:27.0843 6008	SynTP - ok
20:34:27.0939 6008	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:34:28.0065 6008	SysMain - ok
20:34:28.0178 6008	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:34:28.0261 6008	TabletInputService - ok
20:34:28.0321 6008	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:34:28.0450 6008	TapiSrv - ok
20:34:28.0516 6008	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:34:28.0628 6008	TBS - ok
20:34:28.0745 6008	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:34:28.0857 6008	Tcpip - ok
20:34:29.0080 6008	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:34:29.0191 6008	TCPIP6 - ok
20:34:29.0314 6008	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:34:29.0457 6008	tcpipreg - ok
20:34:29.0501 6008	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:34:29.0535 6008	TDPIPE - ok
20:34:29.0649 6008	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:34:29.0689 6008	TDTCP - ok
20:34:29.0755 6008	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:34:29.0858 6008	tdx - ok
20:34:29.0970 6008	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:34:30.0003 6008	TermDD - ok
20:34:30.0076 6008	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:34:30.0220 6008	TermService - ok
20:34:30.0326 6008	TFsExDisk       (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys
20:34:30.0356 6008	TFsExDisk - ok
20:34:30.0389 6008	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:34:30.0468 6008	Themes - ok
20:34:30.0534 6008	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:34:30.0638 6008	THREADORDER - ok
20:34:30.0712 6008	TomTomHOMEService (e80cc0c9c45649a4ce23ea70a607f56e) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:34:30.0804 6008	TomTomHOMEService - ok
20:34:30.0880 6008	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:34:31.0005 6008	TrkWks - ok
20:34:31.0083 6008	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:34:31.0213 6008	TrustedInstaller - ok
20:34:31.0325 6008	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:34:31.0410 6008	tssecsrv - ok
20:34:31.0472 6008	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:34:31.0517 6008	TsUsbFlt - ok
20:34:31.0580 6008	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:34:31.0687 6008	tunnel - ok
20:34:31.0773 6008	TurboB          (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
20:34:31.0802 6008	TurboB - ok
20:34:31.0866 6008	TurboBoost      (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:34:31.0909 6008	TurboBoost - ok
20:34:31.0982 6008	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:34:32.0039 6008	uagp35 - ok
20:34:32.0075 6008	UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
20:34:32.0102 6008	UBHelper - ok
20:34:32.0172 6008	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:34:32.0291 6008	udfs - ok
20:34:32.0388 6008	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:34:32.0445 6008	UI0Detect - ok
20:34:32.0515 6008	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:34:32.0548 6008	uliagpkx - ok
20:34:32.0616 6008	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:34:32.0666 6008	umbus - ok
20:34:32.0742 6008	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:34:32.0792 6008	UmPass - ok
20:34:32.0934 6008	UNS             (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:34:33.0289 6008	UNS - ok
20:34:33.0362 6008	Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:34:33.0478 6008	Updater Service - ok
20:34:33.0557 6008	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:34:33.0696 6008	upnphost - ok
20:34:33.0777 6008	USBAAPL64       (5cf1ead086176dd3348e920a40bed03d) C:\Windows\system32\Drivers\usbaapl64.sys
20:34:33.0807 6008	USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
20:34:33.0807 6008	USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
20:34:33.0921 6008	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:34:33.0999 6008	usbaudio - ok
20:34:34.0058 6008	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:34:34.0102 6008	usbccgp - ok
20:34:34.0221 6008	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:34:34.0267 6008	usbcir - ok
20:34:34.0338 6008	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:34:34.0381 6008	usbehci - ok
20:34:34.0413 6008	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:34:34.0475 6008	usbhub - ok
20:34:34.0603 6008	USBMULCD        (f9b3054339a71f16430f6585ebc8be96) C:\Windows\system32\drivers\CM10664.sys
20:34:34.0678 6008	USBMULCD - ok
20:34:34.0785 6008	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:34:34.0825 6008	usbohci - ok
20:34:34.0858 6008	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:34:34.0913 6008	usbprint - ok
20:34:34.0993 6008	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:34:35.0037 6008	usbscan - ok
20:34:35.0096 6008	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:34:35.0143 6008	USBSTOR - ok
20:34:35.0252 6008	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:34:35.0295 6008	usbuhci - ok
20:34:35.0351 6008	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:34:35.0401 6008	usbvideo - ok
20:34:35.0427 6008	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:34:35.0563 6008	UxSms - ok
20:34:35.0666 6008	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:34:35.0713 6008	VaultSvc - ok
20:34:35.0782 6008	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:34:35.0813 6008	vdrvroot - ok
20:34:35.0884 6008	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:34:36.0008 6008	vds - ok
20:34:36.0097 6008	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:34:36.0140 6008	vga - ok
20:34:36.0158 6008	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:34:36.0256 6008	VgaSave - ok
20:34:36.0324 6008	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:34:36.0367 6008	vhdmp - ok
20:34:36.0479 6008	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:34:36.0510 6008	viaide - ok
20:34:36.0643 6008	VodafoneConnectorService (0b2d7eb8e575dfcba778c6eb93506643) C:\Program Files (x86)\Vodafone\Via The Phone\VodafoneConnectorService.exe
20:34:36.0790 6008	VodafoneConnectorService ( UnsignedFile.Multi.Generic ) - warning
20:34:36.0790 6008	VodafoneConnectorService - detected UnsignedFile.Multi.Generic (1)
20:34:36.0916 6008	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:34:36.0950 6008	volmgr - ok
20:34:37.0015 6008	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:34:37.0063 6008	volmgrx - ok
20:34:37.0131 6008	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:34:37.0176 6008	volsnap - ok
20:34:37.0246 6008	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:34:37.0283 6008	vsmraid - ok
20:34:37.0379 6008	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:34:37.0545 6008	VSS - ok
20:34:37.0619 6008	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:34:37.0678 6008	vwifibus - ok
20:34:37.0706 6008	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:34:37.0783 6008	vwififlt - ok
20:34:37.0854 6008	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
20:34:37.0899 6008	vwifimp - ok
20:34:37.0934 6008	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:34:38.0050 6008	W32Time - ok
20:34:38.0180 6008	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:34:38.0232 6008	WacomPen - ok
20:34:38.0329 6008	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:34:38.0436 6008	WANARP - ok
20:34:38.0441 6008	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:34:38.0533 6008	Wanarpv6 - ok
20:34:38.0641 6008	WatAdminSvc     (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:34:39.0189 6008	WatAdminSvc - ok
20:34:39.0339 6008	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:34:39.0567 6008	wbengine - ok
20:34:39.0655 6008	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:34:39.0725 6008	WbioSrvc - ok
20:34:39.0787 6008	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:34:39.0880 6008	wcncsvc - ok
20:34:39.0927 6008	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:34:39.0982 6008	WcsPlugInService - ok
20:34:40.0040 6008	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:34:40.0073 6008	Wd - ok
20:34:40.0102 6008	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:34:40.0154 6008	Wdf01000 - ok
20:34:40.0226 6008	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:34:40.0291 6008	WdiServiceHost - ok
20:34:40.0297 6008	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:34:40.0363 6008	WdiSystemHost - ok
20:34:40.0434 6008	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:34:40.0514 6008	WebClient - ok
20:34:40.0567 6008	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:34:40.0700 6008	Wecsvc - ok
20:34:40.0757 6008	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:34:40.0867 6008	wercplsupport - ok
20:34:40.0915 6008	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:34:41.0033 6008	WerSvc - ok
20:34:41.0067 6008	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:34:41.0152 6008	WfpLwf - ok
20:34:41.0196 6008	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:34:41.0225 6008	WIMMount - ok
20:34:41.0258 6008	WinDefend - ok
20:34:41.0268 6008	WinHttpAutoProxySvc - ok
20:34:41.0341 6008	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:34:41.0474 6008	Winmgmt - ok
20:34:41.0606 6008	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:34:41.0773 6008	WinRM - ok
20:34:41.0888 6008	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:34:41.0941 6008	WinUsb - ok
20:34:42.0001 6008	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:34:42.0116 6008	Wlansvc - ok
20:34:42.0261 6008	wlidsvc         (a8e1dc28dc49c0c0ad59969b87049602) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:34:42.0512 6008	wlidsvc - ok
20:34:42.0632 6008	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:34:42.0677 6008	WmiAcpi - ok
20:34:42.0736 6008	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:34:42.0821 6008	wmiApSrv - ok
20:34:42.0858 6008	WMPNetworkSvc - ok
20:34:42.0934 6008	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:34:42.0984 6008	WPCSvc - ok
20:34:43.0049 6008	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:34:43.0112 6008	WPDBusEnum - ok
20:34:43.0174 6008	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:34:43.0263 6008	ws2ifsl - ok
20:34:43.0317 6008	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
20:34:43.0397 6008	wscsvc - ok
20:34:43.0429 6008	WSearch - ok
20:34:43.0540 6008	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:34:43.0734 6008	wuauserv - ok
20:34:43.0859 6008	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:34:43.0968 6008	WudfPf - ok
20:34:44.0002 6008	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:34:44.0096 6008	WUDFRd - ok
20:34:44.0153 6008	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:34:44.0259 6008	wudfsvc - ok
20:34:44.0346 6008	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:34:44.0441 6008	WwanSvc - ok
20:34:44.0550 6008	{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl
20:34:44.0589 6008	{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
20:34:44.0623 6008	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:34:44.0672 6008	\Device\Harddisk0\DR0 - ok
20:34:44.0677 6008	Boot (0x1200)   (cd6685c94b0c5847ee7c5df4675b89db) \Device\Harddisk0\DR0\Partition0
20:34:44.0679 6008	\Device\Harddisk0\DR0\Partition0 - ok
20:34:44.0698 6008	Boot (0x1200)   (b98cc182381e502cfe4428c53554cc43) \Device\Harddisk0\DR0\Partition1
20:34:44.0700 6008	\Device\Harddisk0\DR0\Partition1 - ok
20:34:44.0700 6008	============================================================
20:34:44.0701 6008	Scan finished
20:34:44.0701 6008	============================================================
20:34:44.0719 3256	Detected object count: 6
20:34:44.0719 3256	Actual detected object count: 6
20:34:47.0860 3256	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
20:34:47.0860 3256	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
20:34:47.0862 3256	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:47.0862 3256	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:34:47.0864 3256	mbmiodrvr ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:47.0865 3256	mbmiodrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:34:47.0867 3256	sptd ( LockedFile.Multi.Generic ) - skipped by user
20:34:47.0867 3256	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
20:34:47.0869 3256	USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:47.0869 3256	USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:34:47.0872 3256	VodafoneConnectorService ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:47.0872 3256	VodafoneConnectorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 22.03.2012, 20:58   #12
markusg
/// Malware-holic
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



komisch, das cf log ist nicht vollständig.
kannst du es noch mal im abgesicherten modus mit netzwerk ausführen, und dann das log posten?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 22.03.2012, 21:35   #13
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



ok habs nochmal ausgeführt! sry war glaube ich mein Fehler hab zu früh geschlossen....
Code:
ATTFilter
ComboFix 12-03-22.01 - pip 22.03.2012  21:08:11.2.4 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3956.3138 [GMT 1:00]
ausgeführt von:: c:\users\pip\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\VodafoneConnectorService.log
.
---- Vorheriger Suchlauf -------
.
C:\install.exe
c:\program files (x86)\ClickPotatoLite\bin\11.0.19.0\copyright.txt
c:\program files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions\install.rdf
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\program files (x86)\ShoppingReport2\Uninst.exe
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSA.dat
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf.dat
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
c:\users\pip\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
c:\users\pip\Documents\~WRL0003.tmp
c:\windows\IsUn0407.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\system32\3DAudio.ax
c:\windows\SysWow64\system32\avrt.dll
c:\windows\SysWow64\system32\cis-2.4.dll
c:\windows\SysWow64\system32\issacapi_bs-2.3.dll
c:\windows\SysWow64\system32\issacapi_pe-2.3.dll
c:\windows\SysWow64\system32\issacapi_se-2.3.dll
c:\windows\SysWow64\system32\MACXMLProto.dll
c:\windows\SysWow64\system32\MaDRM.dll
c:\windows\SysWow64\system32\MaJGUILib.dll
c:\windows\SysWow64\system32\MaJUtilLib.dll
c:\windows\SysWow64\system32\MAMACExtract.dll
c:\windows\SysWow64\system32\MASetupCaller.dll
c:\windows\SysWow64\system32\MASetupCleaner.exe
c:\windows\SysWow64\system32\MaXMLProto.dll
c:\windows\SysWow64\system32\MetaStore2.dll
c:\windows\SysWow64\system32\mfplat.dll
c:\windows\SysWow64\system32\Microsoft.Synchronization.dll
c:\windows\SysWow64\system32\MK_Lyric.dll
c:\windows\SysWow64\system32\MSCLib.dll
c:\windows\SysWow64\system32\MSFLib.dll
c:\windows\SysWow64\system32\MSLUR71.dll
c:\windows\SysWow64\system32\msvcp60.dll
c:\windows\SysWow64\system32\MTTELECHIP.dll
c:\windows\SysWow64\system32\MTXSYNCICON.dll
c:\windows\SysWow64\system32\muzaf1.dll
c:\windows\SysWow64\system32\muzapp.dll
c:\windows\SysWow64\system32\muzapp.exe
c:\windows\SysWow64\system32\muzdecode.ax
c:\windows\SysWow64\system32\muzeffect.ax
c:\windows\SysWow64\system32\muzmp4sp.ax
c:\windows\SysWow64\system32\muzmpgsp.ax
c:\windows\SysWow64\system32\muzoggsp.ax
c:\windows\SysWow64\system32\muzwmts.dll
c:\windows\SysWow64\system32\psapi.dll
c:\windows\SysWow64\system32\Synchronization2.dll
c:\programdata\VodafoneConnectorService.log . . . . Nicht in der Lage zu löschen
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-02-22 bis 2012-03-22  ))))))))))))))))))))))))))))))
.
.
2012-03-22 20:22 . 2012-03-22 20:22	--------	d-----w-	c:\users\Musik\AppData\Local\temp
2012-03-22 20:22 . 2012-03-22 20:22	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-03-22 19:17 . 2012-03-14 03:27	8669240	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0AB411B-8886-479A-8207-6DFF85311A6A}\mpengine.dll
2012-03-22 17:56 . 2012-03-22 18:13	--------	d-----w-	C:\_OTL
2012-03-22 12:27 . 2012-03-22 12:29	--------	d-----w-	c:\users\Musik\AppData\Roaming\QuickScan
2012-03-22 11:46 . 2012-03-22 11:46	592824	----a-w-	c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-22 11:46 . 2012-03-22 11:46	44472	----a-w-	c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-22 10:02 . 2012-03-22 10:02	--------	d-----w-	c:\users\pip\AppData\Roaming\Malwarebytes
2012-03-22 10:02 . 2012-03-22 10:02	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-22 10:01 . 2012-03-22 10:02	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-22 10:01 . 2011-12-10 14:24	23152	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-14 02:14 . 2011-11-19 15:20	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-14 02:14 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 02:14 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 01:31 . 2012-02-03 04:34	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 01:31 . 2012-02-10 06:36	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 01:31 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-13 22:16 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-13 22:16 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-03-13 22:16 . 2012-02-17 04:58	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-13 22:16 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-13 22:16 . 2012-01-25 06:33	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-13 22:16 . 2012-01-25 06:38	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-13 22:16 . 2012-01-25 06:38	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-13 20:03 . 2012-03-13 20:03	--------	d-----w-	c:\program files (x86)\SopCast
2012-03-13 20:03 . 2012-03-13 20:03	--------	d-----w-	c:\users\pip\AppData\Roaming\Ask.com
2012-03-13 20:02 . 2012-03-13 20:03	--------	d-----w-	c:\program files (x86)\asktoolbar4
2012-03-08 22:36 . 2011-09-16 17:00	11137024	----a-w-	c:\windows\SysWow64\libmfxsw32.dll
2012-03-06 13:46 . 2012-03-06 14:49	--------	d-----w-	c:\users\pip\AppData\Local\The Witcher
2012-03-06 12:56 . 2012-03-06 13:46	--------	d-----w-	c:\program files (x86)\The Witcher Enhanced Edition
2012-03-06 08:43 . 2012-03-16 01:59	--------	d-----w-	c:\programdata\EA Logs
2012-02-29 19:21 . 2012-02-29 19:21	42392	----a-w-	c:\windows\SysWow64\xfcodec.dll
2012-02-29 19:21 . 2012-02-29 19:21	28056	----a-w-	c:\windows\system32\xfcodec64.dll
2012-02-23 12:26 . 2012-03-22 11:46	19384	----a-w-	c:\program files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2012-02-23 12:26 . 2012-02-23 12:26	2106216	----a-w-	c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2012-02-23 12:26 . 2012-03-22 11:46	97208	----a-w-	c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-02-23 12:26 . 2012-03-22 11:46	125880	----a-w-	c:\program files (x86)\Mozilla Firefox\crashreporter.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 03:27 . 2010-05-22 10:27	8669240	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-17 11:50 . 2010-05-08 07:48	189248	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-02-17 11:50 . 2010-05-08 07:48	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2012-02-11 02:37 . 2012-02-11 02:37	927800	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{95D1B4C6-53A6-44A1-93C8-0C3E44CFFB15}\gapaengine.dll
2012-01-31 12:44 . 2010-02-28 07:47	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-01-27 21:03 . 2011-05-19 16:11	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-04 10:44 . 2012-02-16 05:37	509952	----a-w-	c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-16 05:37	442880	----a-w-	c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-16 05:37	515584	----a-w-	c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-16 05:37	478720	----a-w-	c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-16 05:37	498688	----a-w-	c:\windows\system32\drivers\afd.sys
2011-12-27 15:44 . 2010-05-08 09:38	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2011-12-27 15:42 . 2010-05-08 07:48	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-03-22_19.02.30   )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-03-22 19:02	49152              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-22 19:14	49152              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-22 19:02	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-22 19:14	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-22 19:02	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-22 19:14	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-05 00:35 . 2012-03-22 19:16	87458              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-22 19:16	39436              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-02-27 17:49 . 2012-03-22 19:16	18426              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2280514007-2483087984-1793341554-1001_UserData.bin
+ 2010-01-26 03:43 . 2012-03-22 19:18	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-26 03:43 . 2012-03-22 18:59	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-03-22 18:06 . 2012-03-22 19:18	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-03-22 18:06 . 2012-03-22 18:59	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-22 18:59	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-22 19:18	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-02-27 19:55 . 2012-03-22 19:08	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-27 19:55 . 2012-03-22 19:16	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-27 19:55 . 2012-03-22 19:16	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-02-27 19:55 . 2012-03-22 19:08	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-02-27 19:55 . 2012-03-22 19:08	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-27 19:55 . 2012-03-22 19:16	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-27 17:45 . 2012-03-22 19:43	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-27 17:45 . 2012-03-22 18:38	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-27 17:45 . 2012-03-22 18:38	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-27 17:45 . 2012-03-22 19:43	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-03-22 19:01 . 2012-03-22 19:01	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-22 20:00 . 2012-03-22 20:00	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-22 20:00 . 2012-03-22 20:00	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-03-22 19:01 . 2012-03-22 19:01	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:12 . 2012-03-22 18:06	262144              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2012-03-22 19:18	262144              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-13 23:13 . 2012-03-22 19:43	262144              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-01-13 23:13 . 2012-03-22 18:38	262144              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2012-03-22 19:59	335008              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-22 19:01	335008              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-04-29 01:16 . 2012-03-22 19:59	5374584              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2280514007-2483087984-1793341554-1001-8192.dat
- 2010-04-29 01:16 . 2012-03-22 19:01	5374584              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2280514007-2483087984-1793341554-1001-8192.dat
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files (x86)\DVDVideoSoft\tbDVDV.dll" [2009-12-31 2349080]
"{3cb073f3-be3c-4e8f-942d-8a747b54486f}"= "c:\program files (x86)\asktoolbar4\asktoolbar4X.dll" [2012-01-30 81920]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{3cb073f3-be3c-4e8f-942d-8a747b54486f}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{3cb073f3-be3c-4e8f-942d-8a747b54486f}]
2012-01-30 06:19	81920	----a-w-	c:\program files (x86)\asktoolbar4\asktoolbar4X.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29	1490312	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2009-12-31 10:53	2349080	----a-w-	c:\program files (x86)\DVDVideoSoft\tbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files (x86)\DVDVideoSoft\tbDVDV.dll" [2009-12-31 2349080]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{3cb073f3-be3c-4e8f-942d-8a747b54486f}"= "c:\program files (x86)\asktoolbar4\asktoolbar4X.dll" [2012-01-30 81920]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{3cb073f3-be3c-4e8f-942d-8a747b54486f}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\steam\steam.exe" [2011-08-07 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Akamai NetSession Interface"="c:\users\pip\AppData\Local\Akamai\netsession_win.exe" [2011-10-28 3292248]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2010-05-06 2603520]
"flatster Recorder"="c:\program files (x86)\flatster Recorder\flatster Recorder.exe" [2011-06-08 2226176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 261888]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1094736]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-29 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-11-12 181480]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2011-12-16 284560]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 343168]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"TrojanScanner"="c:\program files (x86)\Trojan Remover\Trjscan.exe" [2010-07-05 1167296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\pip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2012-2-29 3537304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R1 gpszylna;gpszylna;c:\windows\system32\drivers\gpszylna.sys [x]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/01/26 04:45];c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [2009-11-12 18:29 146928]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27 135664]
R2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2011-12-16 25504]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-05-07 92008]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 VodafoneConnectorService;Vodafone Connector Service;c:\program files (x86)\Vodafone\Via The Phone\VodafoneConnectorService.exe [2010-02-24 233472]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
R3 BthAudioHF;BthAudioHF-Dienst;c:\windows\system32\DRIVERS\BthAudioHF.sys [x]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 csr_a2dp;Bluetooth-AV-Profil;c:\windows\system32\drivers\bthav.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27 135664]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2011-12-16 27584]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-07-26 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27 19:10]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27 19:10]
.
2012-03-21 c:\windows\Tasks\Norton Security Scan for pip.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-13 23:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08337871-0e50-4031-9110-3bd21ca3c065}]
2011-11-09 01:54	167416	----a-w-	c:\users\pip\AppData\Roaming\VshareComplete\64\VshareComplete64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-22 323072]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-29 8312352]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"Cm106Sound"="c:\windows\Syswow64\cm106.dll" [2010-07-01 8151040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://eu.ask.com/web?l=dis&o=APN10234&gct=hp&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A8B&apn_uid=7534730011854034&p2=^A8B^YYYYYY^YY^DE
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://startsear.ch/?aff=1&cf=ed1c7afe-1901-11e1-97e2-00262d847a8d
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\pip\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\pip\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\pip\AppData\Roaming\Mozilla\Firefox\Profiles\22rm6ywu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.ftp - 81.140.160.26
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - 81.140.160.26
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.http - 81.140.160.26
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 81.140.160.26
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 81.140.160.26
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2280514007-2483087984-1793341554-1001\Software\SecuROM\License information*]
"datasecu"=hex:57,04,9a,9a,63,4f,8e,7a,53,75,cb,67,bd,cc,e9,9a,32,c1,56,b6,6c,
   d1,8e,ce,c4,0f,2b,8b,d0,4a,06,40,e1,47,87,62,35,39,99,b1,fe,d3,21,b1,b8,90,\
"rkeysecu"=hex:54,d3,e4,38,10,b8,21,f4,c4,2f,4e,fd,36,6e,12,70
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34A0FF07-F11A-4157-84A3-92F8AD688CBF}]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-03-22  21:25:06
ComboFix-quarantined-files.txt  2012-03-22 20:25
.
Vor Suchlauf: 24 Verzeichnis(se), 96.305.430.528 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 95.977.787.392 Bytes frei
.
- - End Of File - - EF0574FD153D121C685BDD0573571877
         

Alt 22.03.2012, 21:38   #14
markusg
/// Malware-holic
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



lesen kannst du aber, steht da nicht extra dabei, du sollst es nicht abbrechen?

jetzt Malwarebytes updaten, komplett scan, log posten.
falls weitere logs exsistieren, diese ebenfalls posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.03.2012, 00:01   #15
pip666
 
Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Standard

Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert



ja eigentlich bin ich des lesens mächtig! hatte nur das wort "fertig" und "sie finden das log unter C:..." gesehen. Entschuldigung nochmals dafür!

ok maleware ist durchgelaufen hier der log:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.22.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
pip :: PIP [Administrator]

Schutz: Aktiviert

22.03.2012 21:39:20
mbam-log-2012-03-22 (23-54-11).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 533522
Laufzeit: 2 Stunde(n), 12 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 12
HKCR\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Keine Aktion durchgeführt.
HKCR\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> Keine Aktion durchgeführt.
HKCR\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Keine Aktion durchgeführt.
HKCR\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C} (Adware.QuestScan) -> Keine Aktion durchgeführt.
HKCR\ShoppingReport2.HbInfoBand (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShoppingReport2.HbInfoBand.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShoppingReport2.RprtCtrl (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCR\ShoppingReport2.RprtCtrl.1 (Adware.ShopperReports) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\QUESTSCAN (Adware.QuestScan) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Daten: C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\QuestScan|DllPath (Adware.QuestScan) -> Daten: C:\Program Files (x86)\QuestScan\questscan.dll -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://startsear.ch/?aff=1&cf=ed1c7afe-1901-11e1-97e2-00262d847a8d) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 8
C:\Program Files (x86)\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096} (Adware.QuestScan) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\chrome (Adware.QuestScan) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\defaults (Adware.QuestScan) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\defaults\preferences (Adware.QuestScan) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C} (Adware.Zwangi) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome (Adware.Zwangi) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults (Adware.Zwangi) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences (Adware.Zwangi) -> Keine Aktion durchgeführt.

Infizierte Dateien: 7
C:\Qoobox\Quarantine\C\Program Files (x86)\ShoppingReport2\Uninst.exe.vir (Adware.ShoppingReports2) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\chrome.manifest (Adware.QuestScan) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\install.rdf (Adware.QuestScan) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome.manifest (Adware.Zwangi) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\install.rdf (Adware.Zwangi) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome\basicscan.jar (Adware.Zwangi) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences\prefs.js (Adware.Zwangi) -> Keine Aktion durchgeführt.

(Ende)
         

Antwort

Themen zu Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert
andere, anderen, benutzerkonto, bezahlen, blockiert, dasselbe, einfach, eingefangen, empfohlen, gefangen, gen, heute, malewarebytes, meldung, nutzer, problem, scan, schonmal, schritte, thema, threads, troja, trojaner, update, vollständige



Ähnliche Themen: Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert


  1. Ihr Windowssystem wurde aus Sicherheitsgruenden gesperrt! Blackscreenmeldung
    Plagegeister aller Art und deren Bekämpfung - 18.05.2012 (2)
  2. Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 25.03.2012 (20)
  3. aus sicherheitsgruenden windowssystem geblockt !
    Log-Analyse und Auswertung - 09.03.2012 (23)
  4. Windowssystem wurde blockiert
    Plagegeister aller Art und deren Bekämpfung - 04.03.2012 (7)
  5. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert
    Log-Analyse und Auswertung - 07.02.2012 (5)
  6. Windowssystem wurde blockiert
    Alles rund um Windows - 05.02.2012 (1)
  7. Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert
    Log-Analyse und Auswertung - 04.02.2012 (1)
  8. 50 euro Virus "Achtung aus Sicherheitsgruenden wurde ihr Windowssystem blockiert"
    Log-Analyse und Auswertung - 18.01.2012 (10)
  9. Achtung Aus Sicherheitsgruenden wurde Ihr System blockiert... bezahlen... sonst
    Plagegeister aller Art und deren Bekämpfung - 13.01.2012 (18)
  10. Aus sicherheitsgründen wurde ihr windowssystem blockiert #xy
    Plagegeister aller Art und deren Bekämpfung - 05.01.2012 (1)
  11. Windowssystem wurde blockiert -> 50 €
    Log-Analyse und Auswertung - 29.12.2011 (6)
  12. Aus sicherheitsgründen wurde ihr windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 25.12.2011 (15)
  13. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert...
    Log-Analyse und Auswertung - 19.12.2011 (3)
  14. Aus sicherheitsgründen wurde ihr windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 18.12.2011 (9)
  15. Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert.
    Log-Analyse und Auswertung - 18.12.2011 (9)
  16. Aus sicherheitsgründen wurde ihr Windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 16.12.2011 (1)
  17. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (11)

Zum Thema Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert - Ich habe mir heute einen Trojaner eingefangen der die im Thema genannte Meldung bringt und mich auffordert ein kostenpflichtiges Update herunterzuladen.ich weiß das viele Nutzer hier dasselbe Problem haben aber - Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert...
Archiv
Du betrachtest: Aus Sicherheitsgruenden wurde ihr Windowssystem blockiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.