Hallo Lieber Trojaner-Board Gemeinde,

ich bin hier im forum neu, und benötige weitere hilfe für die Auswertung von Combo-Fix Log-Datei.

Ich habe eine vollständige Systemprüfung mit Avira gemacht, hat 6 versteckte objeckte gefunden.
Danach habe ich mit HijackThis einen scan gemacht und auf der website HijackThis logdatei analiysiert. Log ist sauber.
Hab bisschen im internet recherchiert, und las das man mit Combofix einen scan macht und in Foren die log datei untersuchen lassen soll.
Ich brauche eure hilfe.
Beste Grüße.

PHP-Code:

ComboFix 11-03-21.01 - Acer 21.03.2011  22:34:13.1.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3071.2106 [GMT 1:00]
ausgeführt von:: c:\users\Acer\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Acer\AppData\Roaming\Local
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\FILE4D2B93368724F.ddr
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\Post_Install_RB_HiQ_de.divx.ddr
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\FILE4D2B93368724F.ddp
c:\users\Acer\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Post_Install_RB_HiQ_de.divx
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-02-21 bis 2011-03-21  ))))))))))))))))))))))))))))))
.
.
2011-03-21 21:37 . 2011-03-21 21:37    --------    d-----w-    c:\users\Acer\AppData\Local\temp
2011-03-21 21:37 . 2011-03-21 21:37    --------    d-----w-    c:\users\Default\AppData\Local\temp
2011-03-12 00:41 . 2011-03-16 12:39    --------    d-----w-    c:\programdata\TuneUp Software
2011-03-12 00:41 . 2011-03-12 00:41    --------    d-sh--w-    c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-09 13:29 . 2011-02-19 06:30    805376    ----a-w-    c:\windows\system32\FntCache.dll
2011-03-09 13:29 . 2011-02-19 06:30    1076736    ----a-w-    c:\windows\system32\DWrite.dll
2011-03-09 13:29 . 2011-02-19 06:30    739840    ----a-w-    c:\windows\system32\d2d1.dll
2011-03-09 13:29 . 2010-12-23 05:54    850944    ----a-w-    c:\windows\system32\sbe.dll
2011-03-09 13:29 . 2010-12-23 05:54    642048    ----a-w-    c:\windows\system32\CPFilters.dll
2011-03-09 13:29 . 2010-12-23 05:54    534528    ----a-w-    c:\windows\system32\EncDec.dll
2011-03-09 13:29 . 2010-12-23 05:50    199680    ----a-w-    c:\windows\system32\mpg2splt.ax
2011-03-05 23:15 . 2011-03-05 23:42    2337865    ----a-w-    c:\windows\system32\pbsvc.exe
2011-03-05 20:50 . 2011-03-14 15:25    --------    d-----w-    c:\users\Acer\AppData\Roaming\Ubisoft
2011-03-05 20:49 . 2011-03-05 20:49    --------    d-----w-    c:\programdata\Ubisoft
2011-03-02 15:44 . 2011-03-02 15:44    --------    d-----w-    c:\programdata\ATI
2011-03-02 15:43 . 2011-03-02 15:43    --------    d-----w-    c:\program files\Common Files\ATI Technologies
2011-03-02 15:42 . 2011-03-02 15:43    --------    d-----w-    c:\program files\ATI Technologies
2011-03-01 09:09 . 2011-03-10 23:27    --------    d-----w-    c:\program files\JDownloader
2011-02-28 02:02 . 2011-02-28 02:02    --------    d-----w-    c:\program files\ZippyUploader
2011-02-27 21:47 . 2011-02-27 21:47    --------    d-----w-    c:\users\Acer\AppData\Roaming\teamspeak2
2011-02-27 21:46 . 2011-02-27 21:46    34064    ----a-w-    c:\windows\system32\lhacm.acm
2011-02-27 21:46 . 2011-02-27 21:47    --------    d-----w-    c:\program files\Teamspeak2_RC2
2011-02-26 01:08 . 2011-02-26 01:08    --------    d-----w-    c:\program files\Common Files\Java
2011-02-26 01:07 . 2011-02-26 01:07    --------    d-----w-    c:\program files\Java
2011-02-22 20:40 . 2011-02-22 20:40    --------    d-----w-    c:\windows\system32\SPReview
2011-02-22 20:40 . 2011-02-22 20:40    --------    d-----w-    c:\windows\system32\EventProviders
2011-02-22 20:37 . 2010-11-20 12:29    132992    ----a-w-    c:\windows\system32\drivers\ataport.sys
2011-02-22 20:36 . 2010-11-20 12:18    323072    ----a-w-    c:\windows\system32\drvstore.dll
2011-02-22 20:36 . 2010-11-20 12:18    257024    ----a-w-    c:\windows\system32\dpx.dll
2011-02-22 20:26 . 2011-01-17 05:47    161792    ----a-w-    c:\windows\system32\d3d10_1.dll
2011-02-22 20:25 . 2011-01-07 07:46    870912    ----a-w-    c:\windows\system32\XpsPrint.dll
2011-02-22 20:25 . 2011-01-07 07:46    288256    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 11:47 . 2011-01-11 06:11    137656    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2011-03-09 02:16 . 2010-06-24 10:33    18328    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-05 23:47 . 2011-01-12 02:25    22328    ----a-w-    c:\windows\system32\drivers\PnkBstrK.sys
2011-03-05 23:47 . 2011-01-12 02:24    107832    ----a-w-    c:\windows\system32\PnkBstrB.exe
2011-03-05 23:42 . 2011-01-12 02:25    22328    ----a-w-    c:\users\Acer\AppData\Roaming\PnkBstrK.sys
2011-03-05 23:42 . 2011-01-12 02:24    66872    ----a-w-    c:\windows\system32\PnkBstrA.exe
2011-02-28 08:00 . 2011-01-11 07:06    80896    ----a-w-    c:\windows\system32\ff_vfw.dll
2011-02-26 01:07 . 2011-01-11 07:05    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2011-02-22 20:44 . 2009-07-14 02:05    152576    ----a-w-    c:\windows\system32\msclmd.dll
2011-02-13 13:35 . 2011-01-12 02:25    215128    ----a-w-    c:\windows\system32\PnkBstrB.xtr
2011-02-09 13:49 . 2011-01-12 02:24    2434856    ----a-w-    c:\windows\system32\pbsvc_bc2.exe
2011-02-03 05:54 . 2011-02-08 20:00    219008    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2011-02-01 19:12 . 2011-01-12 02:24    215128    ----a-w-    c:\windows\system32\PnkBstrB.ex0
2011-01-26 23:36 . 2011-01-26 23:36    7566848    ----a-w-    c:\windows\system32\drivers\atikmdag.sys
2011-01-26 23:00 . 2011-01-26 23:00    143360    ----a-w-    c:\windows\system32\atiapfxx.exe
2011-01-26 23:00 . 2010-11-26 02:58    596480    ----a-w-    c:\windows\system32\aticfx32.dll
2011-01-26 22:59 . 2011-01-26 22:59    17204736    ----a-w-    c:\windows\system32\atioglxx.dll
2011-01-26 22:56 . 2011-01-26 22:56    462848    ----a-w-    c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:55 . 2011-01-26 22:55    393216    ----a-w-    c:\windows\system32\atieclxx.exe
2011-01-26 22:55 . 2011-01-26 22:55    176128    ----a-w-    c:\windows\system32\atiesrxx.exe
2011-01-26 22:54 . 2011-01-26 22:54    159744    ----a-w-    c:\windows\system32\atitmmxx.dll
2011-01-26 22:53 . 2011-01-26 22:53    356352    ----a-w-    c:\windows\system32\atipdlxx.dll
2011-01-26 22:53 . 2011-01-26 22:53    278528    ----a-w-    c:\windows\system32\Oemdspif.dll
2011-01-26 22:53 . 2011-01-26 22:53    15872    ----a-w-    c:\windows\system32\atimuixx.dll
2011-01-26 22:53 . 2011-01-26 22:53    43520    ----a-w-    c:\windows\system32\ati2edxx.dll
2011-01-26 22:49 . 2009-07-13 22:09    4105728    ----a-w-    c:\windows\system32\atidxx32.dll
2011-01-26 22:32 . 2011-01-26 22:32    1912832    ----a-w-    c:\windows\system32\atiumdmv.dll
2011-01-26 22:28 . 2009-06-10 21:19    4170752    ----a-w-    c:\windows\system32\atiumdag.dll
2011-01-26 22:27 . 2011-01-26 22:27    46080    ----a-w-    c:\windows\system32\aticalrt.dll
2011-01-26 22:27 . 2011-01-26 22:27    44032    ----a-w-    c:\windows\system32\aticalcl.dll
2011-01-26 22:25 . 2011-01-26 22:25    5580800    ----a-w-    c:\windows\system32\aticaldd.dll
2011-01-26 22:24 . 2009-07-13 22:09    3463680    ----a-w-    c:\windows\system32\atiumdva.dll
2011-01-26 22:20 . 2010-11-26 02:24    52736    ----a-w-    c:\windows\system32\coinst.dll
2011-01-26 22:14 . 2010-11-26 02:17    249856    ----a-w-    c:\windows\system32\atiadlxx.dll
2011-01-26 22:13 . 2011-01-26 22:13    12800    ----a-w-    c:\windows\system32\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13    32768    ----a-w-    c:\windows\system32\atigktxx.dll
2011-01-26 22:13 . 2011-01-26 22:13    238592    ----a-w-    c:\windows\system32\drivers\atikmpag.sys
2011-01-26 22:12 . 2010-11-26 02:15    30720    ----a-w-    c:\windows\system32\atiuxpag.dll
2011-01-26 22:12 . 2010-11-26 02:15    28672    ----a-w-    c:\windows\system32\atiu9pag.dll
2011-01-26 22:11 . 2011-01-26 22:11    53248    ----a-w-    c:\windows\system32\drivers\ati2erec.dll
2011-01-26 22:08 . 2011-01-26 22:08    52736    ----a-w-    c:\windows\system32\atimpc32.dll
2011-01-26 22:08 . 2011-01-26 22:08    52736    ----a-w-    c:\windows\system32\amdpcom32.dll
2011-01-25 17:54 . 2011-02-12 10:31    3386792    ----a-w-    c:\windows\system32\drivers\RTKVHDA.sys
2011-01-25 12:58 . 2011-02-12 10:31    2137704    ----a-w-    c:\windows\system32\RtkPgExt.dll
2011-01-25 12:58 . 2011-02-12 10:31    3804264    ----a-w-    c:\windows\system32\RtkAPO.dll
2011-01-24 13:20 . 2011-02-12 10:31    477800    ----a-w-    c:\windows\system32\RtkApoApi.dll
2011-01-24 12:29 . 2011-01-11 05:50    1284712    ----a-w-    c:\windows\RtlExUpd.dll
2011-01-20 13:46 . 2011-02-12 10:31    1564736    ----a-w-    c:\windows\system32\FMAPO.dll
2011-01-14 13:23 . 2011-01-11 06:11    61960    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2011-01-12 10:09 . 2011-02-12 10:31    783360    ----a-w-    c:\windows\system32\RCoRes.dat
2011-01-07 07:45 . 2011-02-08 20:01    34304    ----a-w-    c:\windows\system32\atmlib.dll
2011-01-07 05:43 . 2011-02-08 20:01    294400    ----a-w-    c:\windows\system32\atmfd.dll
2011-01-05 03:51 . 2011-02-08 20:01    2330624    ----a-w-    c:\windows\system32\win32k.sys
2011-01-04 18:25 . 2011-02-12 10:31    69224    ----a-w-    c:\windows\system32\RtkCoInst.dll
2009-05-01 21:02 . 2009-05-01 21:02    1044480    ----a-w-    c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02    200704    ----a-w-    c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20    442880    ----a-w-    c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-14 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 11:49    932288    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45    35736    ----a-w-    c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxczbmgr.exe]
2009-04-27 14:20    74408    ----a-w-    c:\program files\Lexmark 1200 Series\LXCZbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickFinder Scheduler]
2007-01-02 22:21    83568    ----a-w-    c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2011-01-18 19:47    10025576    ----a-w-    c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2007-08-07 10:38    675840    ----a-w-    c:\windows\vsnp2std.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2011-01-26 16:41    336384    ----a-w-    c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49    249064    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2009-03-10 17:28    258048    ----a-w-    c:\windows\tsnp2std.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 sppsvc;Software Protection;c:\windows\system32\sppsvc.exe [2010-11-20 3179520]
R3 AcpiPmi;ACPI-Energieanzeigetreiber;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 10240]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-20 80256]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
R3 AppID;Anwendungs-ID-Treiber;c:\windows\system32\drivers\appid.sys [2010-11-20 50176]
R3 AppIDSvc;Anwendungsidentität;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 BDESVC;BitLocker-Laufwerkverschlüsselungsdienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
R3 CertPropSvc;Zertifikatverteilung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-13 37888]
R3 defragsvc;Defragmentierung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 28160]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 46160]
R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 136176]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
R3 HomeGroupListener;Heimnetzgruppen-Listener;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;Heimnetzgruppen-Anbieter;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2009-07-14 67152]
R3 iaStorV;Intel RAID-Controller Windows 7;c:\windows\system32\drivers\iaStorV.sys [2010-11-20 332160]
R3 IKEEXT;IKE- und AuthIP IPsec-Schlüsselerstellungsmodule;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 IPBusEnum;PnP-X-IP-Busenumerator;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 65536]
R3 iScsiPrt;iScsiPort-Treiber;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 233344]
R3 KeyIso;CNG-Schlüsselisolation;c:\windows\system32\lsass.exe [2009-07-14 22528]
R3 KtmRm;KtmRm für Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 lltdsvc;Verbindungsschicht-Topologieerkennungs-Zuordnungsprogramm;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
R3 mpio;Microsoft Multipfad-Bustreiber;c:\windows\system32\drivers\mpio.sys [2010-11-20 130432]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 28032]
R3 msdsm;Microsoft Multipfadgeräte-spezifisches Modul;c:\windows\system32\drivers\msdsm.sys [2010-11-20 116096]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-13 4096]
R3 MSiSCSI;Microsoft iSCSI-Initiator-Dienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-13 12288]
R3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-13 267264]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-13 27136]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
R3 pla;Leistungsprotokolle und -warnungen;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 PNRPAutoReg;PNRP-Computernamenveröffentlichungs-Dienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 scfilter;Filtertreiber für Smartcards der Plug & Play-Klasse;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 26624]
R3 SCPolicySvc;Richtlinie zum Entfernen der Scmartcard;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SDRSVC;Windows-Sicherung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SensrSvc;Adaptive Helligkeit;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SessionEnv;Konfiguration für Remotedesktops;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 sffp_mmc;SFF-Speicherprotokolltreiber für MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-13 12288]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
R3 Smb;Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung);c:\windows\system32\DRIVERS\smb.sys [2009-07-13 71168]
R3 sppuinotify;SPP-Benachrichtigungsdienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
R3 TabletInputService;Tablet PC-Eingabedienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 TBS;TPM-Basisdienste;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 THREADORDER;Server für Threadsortierung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 204800]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 31232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 UI0Detect;Erkennung interaktiver Dienste;c:\windows\system32\UI0Detect.exe [2009-07-14 35840]
R3 uliagpkx;Uli AGP-Bus-Filter;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 57424]
R3 usbcir;eHome-Infrarotempfänger (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-13 86016]
R3 VaultSvc;Anmeldeinformationsverwaltung;c:\windows\system32\lsass.exe [2009-07-14 22528]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 160128]
R3 ViaC7;VIA C7 Processor Driver;c:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
R3 vwifibus;Virtueller WiFi-Bustreiber;c:\windows\System32\drivers\vwifibus.sys [2009-07-13 19968]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-13 21632]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-11 1343400]
R3 wbengine;Blockebenen-Sicherungsmodul;c:\windows\system32\wbengine.exe [2010-11-20 1203200]
R3 WbioSrvc;Windows-Biometriedienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wcncsvc;Windows-Sofortverbindung - Konfigurationsregistrierungsstelle;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WcsPlugInService;Windows-Farbsystem;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
R3 WdiSystemHost;Diagnosesystemhost;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Wecsvc;Windows-Ereignissammlung;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wercplsupport;Unterstützung in der Systemsteuerung unter Lösungen für Probleme;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WerSvc;Windows-Fehlerberichterstattungsdienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 19008]
R3 WinRM;Windows-Remoteverwaltung (WS-Verwaltung);c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Wlansvc;Automatische WLAN-Konfiguration;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WwanSvc;WWAN - automatische Konfiguration;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
R4 fdPHost;Funktionssuchanbieter-Host;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 Mcx2Svc;Media Center Extender-Dienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 20992]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-20 22400]
S0 CLFS;Gemeinsames Protokoll (CLFS);c:\windows\System32\CLFS.sys [2009-07-14 249408]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2009-07-14 369568]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 58448]
S0 fvevol;Filtertreiber der Bitlocker-Laufwerkverschlüsselung;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 194800]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14208]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2009-07-14 133200]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 13888]
S0 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-20 143744]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 43088]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
S0 spldr;Security Processor Loader Driver; [x]
S0 vdrvroot;Enumerator-Treiber für Microsoft Virtual Drive;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 32832]
S0 volmgr;Treiber für Volume-Manager;c:\windows\system32\drivers\volmgr.sys [2010-11-20 53120]
S0 volmgrx;Dynamischer Volume-Manager;c:\windows\System32\drivers\volmgrx.sys [2009-07-14 297040]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 35328]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 78336]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 32256]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 16896]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
S1 tdx;NetIO-Legacy-TDI-Supporttreiber;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 74752]
S1 Wanarpv6;Remotezugriff-IPv6-ARP-Treiber;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 63488]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-13 9728]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-01-14 135336]
S2 AudioEndpointBuilder;Windows-Audio-Endpunkterstellung;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 BFE;Basisfiltermodul;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 DPS;Diagnoserichtliniendienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gpsvc;Gruppenrichtlinienclient;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 iphlpsvc;IP-Hilfsdienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-13 48128]
S2 luafv;UAC-Dateivirtualisierung;c:\windows\system32\drivers\luafv.sys [2009-07-13 86528]
S2 MMCSS;Multimediaklassenplaner;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 MpsSvc;Windows-Firewall;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NlaSvc;NLA (Network Location Awareness);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 nsi;Netzwerkspeicher-Schnittstellendienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 586752]
S2 Power;Stromversorgung;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 ProfSvc;Benutzerprofildienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 RpcEptMapper;RPC-Endpunktzuordnung;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-20 35328]
S2 UxSms;Sitzungs-Manager für Desktopfenster-Manager;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2011-01-11 14416]
S3 1394ohci;OHCI-konformer 1394-Hostcontroller;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 164864]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
S3 Appinfo;Anwendungsinformationen;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 bowser;Browsersupporttreiber;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 69632]
S3 CompositeBus;Busenumeratortreiber für Verbundgeräte;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 31232]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 728448]
S3 FDResPub;Funktionssuche-Ressourcenveröffentlichung;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 monitor;Microsoft Monitor-Klassenfunktionstreiber-Dienst;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 23552]
S3 mpsdrv;Windows-Firewallautorisierungstreiber;c:\windows\system32\drivers\mpsdrv.sys [2009-07-13 60416]
S3 mrxsmb10;SMB 1.x-Miniredirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-20 223232]
S3 mrxsmb20;SMB 2.0-Miniredirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-20 96768]
S3 netprofm;Netzwerklistendienst;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-04-18 30752]
S3 PcaSvc;Programmkompatibilitäts-Assistent-Dienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-13 49152]
S3 Ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at.sys [2009-08-26 76288]
S3 srv2;Server-SMB-Treiber 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-20 309248]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-20 114176]
S3 tunnel;Microsoft-Tunnelminiport-Adaptertreiber;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 108544]
S3 umbus;UMBusenumerator-Treiber;c:\windows\system32\drivers\umbus.sys [2010-11-20 39936]
S3 WdiServiceHost;Diagnosediensthost;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 WPDBusEnum;Enumeratordienst für tragbare Geräte;c:\windows\system32\svchost.exe [2009-07-14 20992]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
RPCSS    REG_MULTI_SZ       RpcEptMapper RpcSs
defragsvc    REG_MULTI_SZ       defragsvc
WerSvcGroup    REG_MULTI_SZ       wersvc
LocalServiceNoNetwork    REG_MULTI_SZ       DPS PLA BFE mpssvc WwanSvc
swprv    REG_MULTI_SZ       swprv
LocalServicePeerNet    REG_MULTI_SZ       PNRPSvc p2pimsvc p2psvc PnrpAutoReg
NetworkServiceAndNoImpersonation    REG_MULTI_SZ       KtmRm
regsvc    REG_MULTI_SZ       RemoteRegistry
LocalServiceAndNoImpersonation    REG_MULTI_SZ       SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
DcomLaunch    REG_MULTI_SZ       Power PlugPlay DcomLaunch
NetworkServiceNetworkRestricted    REG_MULTI_SZ       PolicyAgent
sdrsvc    REG_MULTI_SZ       sdrsvc
WbioSvcGroup    REG_MULTI_SZ       WbioSrvc
wcssvc    REG_MULTI_SZ       WcsPlugInService
AxInstSVGroup    REG_MULTI_SZ       AxInstSV
secsvcs    REG_MULTI_SZ       WinDefend
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
wercplsupport
EapHost
ProfSvc
schedule
hkmsvc
SessionEnv
winmgmt
browser
Themes
BDESVC
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalSystemNetworkRestricted
homegrouplistener
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
WdiServiceHost
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetworkService
lanmanworkstation
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 07:25]
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 07:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Öffnen mit WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
FF - ProfilePath - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\yhdt4lzu.default\
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: network.proxy.http - 74.208.195.48
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: PlainOldFavorites: {7E7165E2-0767-448c-852F-5FA8714F2C37} - %profile%\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: VTzilla: vtzilla@virustotal.com - %profile%\extensions\vtzilla@virustotal.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
MSConfigStartUp-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 22:37
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3654799423-1883908886-3868828420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3654799423-1883908886-3868828420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-03-21  22:39:25
ComboFix-quarantined-files.txt  2011-03-21 21:39
.
Vor Suchlauf: 5 Verzeichnis(se), 230.577.385.472 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 230.478.503.936 Bytes frei
.
- - End Of File - - 4BA651A45A7CF7951BC2F5D0FD19A3B4 


Warum führst du CF aus? => Hinweise zu ComboFix

Warum führst du CF aus?
Wie ich schon geschrieben habe, hab ich im internet recherchiert.
Da bin ich auf einer seite gelandet und da war ein Leitfaden und Tutorium zur Nutzung von ComboFix.
Da ist alles beschrieben wie ComboFix benutzt wird.
Wer danach noch fehler macht, muss richtig dumm sein.
Daher habe ich CF ausgeführt.
Ich kann aber nichts Auswerten von diesem Log.

Und wie gehts jetzt weiter ?

Warum du CF nicht ausführen sollst, steht hier eigentlich immer dick und fett bei jedem Hinweis, deswegen hab ich dir den Link auchnohcmal gepostet. Aber nun gut.

Poste die nächsten Logs bitte NICHT in PHP-Tags sondern in Codetags, also so:

[code]

hier das Log rein

[/code]


Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6131

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

22.03.2011 15:26:38
mbam-log-2011-03-22 (15-26-38).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 204610
Laufzeit: 12 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

Mehr Logs von MBAM hast du nicht?

Leider nein, habe MBAM erst jetzt neu installiert.

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in den Thread.

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 22.03.2011 15:55:05 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Acer\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
9,00 Gb Paging File | 8,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 6144 6144 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,78 Gb Total Space | 214,35 Gb Free Space | 92,08% Space Free | Partition Type: NTFS
 
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Acer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Acer\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxcz_device) -- C:\Windows\System32\lxczcoms.exe ( )
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (WinRing0_1_2_0) -- C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys (OpenLibSys.org)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (Ser2at) -- C:\Windows\System32\drivers\ser2at.sys (Prolific Technology Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (SNP2STD) USB2.0 PC Camera (SNP2STD) -- C:\Windows\System32\drivers\snp2sxp.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 E9 77 18 54 B1 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {7E7165E2-0767-448c-852F-5FA8714F2C37}:1.1.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: vtzilla@virustotal.com:1.0
FF - prefs.js..network.proxy.http: "74.208.195.48"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.05 19:55:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.05 19:55:35 | 000,000,000 | ---D | M]
 
[2011.01.11 07:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Extensions
[2011.03.22 15:51:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions
[2011.03.10 00:08:36 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.03.10 00:08:57 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.03.22 15:50:51 | 000,000,000 | ---D | M] (PlainOldFavorites) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}
[2011.01.11 07:27:36 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.01.11 07:27:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.01.26 18:49:43 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.03.17 21:00:37 | 000,000,000 | ---D | M] (VTzilla) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\vtzilla@virustotal.com
[2011.01.11 07:27:36 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\yhdt4lzu.default\extensions\youtube2mp3@mondayx.de
[2011.02.26 02:09:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.02.26 02:08:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.26 02:08:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.26 02:07:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.01 10:09:38 | 000,002,046 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.03.21 22:37:39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.03.22 15:53:52 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2011.03.22 15:13:26 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Malwarebytes
[2011.03.22 15:13:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.03.22 15:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.22 15:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.22 15:13:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.03.22 15:13:18 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.03.22 15:12:55 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Acer\Desktop\Malwarebytes' Anti-Malware.exe
[2011.03.21 22:39:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.03.21 22:39:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.03.21 22:39:26 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\temp
[2011.03.21 22:33:34 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.03.21 22:33:34 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.03.21 22:33:34 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.03.21 22:33:30 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.03.21 22:32:40 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.21 22:32:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011.03.21 14:37:30 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.03.21 14:37:30 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.03.21 14:37:30 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.03.21 14:37:30 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.03.21 14:37:30 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.03.21 14:37:30 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.03.21 14:37:30 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.03.21 14:37:30 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.03.21 14:37:30 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.03.21 14:37:30 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.03.21 14:37:30 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.03.21 14:37:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.03.21 14:37:30 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.03.21 14:37:30 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.03.21 14:37:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.03.21 14:37:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.03.21 14:37:30 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.03.21 14:37:30 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.03.21 14:37:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.03.21 14:37:30 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.03.21 14:37:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.03.21 14:37:30 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.03.21 14:37:30 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.03.21 14:37:30 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.03.21 14:37:30 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.03.21 14:37:30 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.03.21 14:37:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.03.21 14:37:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.03.21 14:37:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.03.21 14:37:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.03.21 14:37:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.03.21 14:37:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.03.21 14:37:30 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.03.21 14:37:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.03.21 14:37:30 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.03.21 14:37:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.03.21 14:37:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.03.21 14:37:30 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.03.21 14:37:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.03.12 02:10:19 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.03.12 02:10:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.03.12 01:41:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.03.09 14:29:20 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.09 14:29:20 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.03.09 14:29:19 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.03.09 14:29:19 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011.03.09 14:29:19 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.03.09 14:29:19 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.03.06 00:16:30 | 000,000,000 | ---D | C] -- C:\Users\Acer\Documents\My Games
[2011.03.05 21:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2011.03.02 16:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.03.02 16:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.03.02 16:43:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies
[2011.03.02 16:42:20 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2011.03.01 10:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader
[2011.03.01 10:09:34 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2011.02.28 03:02:18 | 000,000,000 | ---D | C] -- C:\Programme\ZippyUploader
[2011.02.27 22:47:35 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\teamspeak2
[2011.02.27 22:46:59 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2011.02.27 22:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teamspeak2 RC2
[2011.02.27 22:46:56 | 000,000,000 | ---D | C] -- C:\Programme\Teamspeak2_RC2
[2011.02.26 02:08:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.02.26 02:08:01 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.02.26 02:08:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.02.26 02:08:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.02.26 02:07:52 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.02.22 21:40:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011.02.22 21:40:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011.02.22 21:38:31 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2011.02.22 21:38:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2011.02.22 21:38:29 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.02.22 21:38:28 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011.02.22 21:38:28 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011.02.22 21:38:27 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.02.22 21:38:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.02.22 21:38:26 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.02.22 21:38:25 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.02.22 21:38:25 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2011.02.22 21:38:24 | 003,966,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.02.22 21:38:24 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.02.22 21:38:23 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011.02.22 21:38:23 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011.02.22 21:38:23 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2011.02.22 21:38:22 | 003,911,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.02.22 21:38:22 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011.02.22 21:38:22 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.02.22 21:38:22 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.02.22 21:38:21 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2011.02.22 21:38:21 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011.02.22 21:38:21 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2011.02.22 21:38:20 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.02.22 21:38:19 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2011.02.22 21:38:18 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.02.22 21:38:18 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011.02.22 21:38:17 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2011.02.22 21:38:17 | 001,038,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011.02.22 21:38:17 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2011.02.22 21:38:17 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2011.02.22 21:38:17 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011.02.22 21:38:17 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2011.02.22 21:38:16 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011.02.22 21:38:16 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011.02.22 21:38:16 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2011.02.22 21:38:16 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2011.02.22 21:38:16 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.02.22 21:38:16 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2011.02.22 21:38:16 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2011.02.22 21:38:16 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2011.02.22 21:38:15 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2011.02.22 21:38:15 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011.02.22 21:38:15 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011.02.22 21:38:15 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011.02.22 21:38:14 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011.02.22 21:38:14 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2011.02.22 21:38:14 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2011.02.22 21:38:14 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2011.02.22 21:38:13 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2011.02.22 21:38:13 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2011.02.22 21:38:13 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011.02.22 21:38:13 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.02.22 21:38:12 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2011.02.22 21:38:12 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2011.02.22 21:38:12 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011.02.22 21:38:12 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011.02.22 21:38:12 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011.02.22 21:38:12 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2011.02.22 21:38:11 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.02.22 21:38:11 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2011.02.22 21:38:11 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011.02.22 21:38:11 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2011.02.22 21:38:11 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2011.02.22 21:38:11 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.02.22 21:38:10 | 002,414,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011.02.22 21:38:10 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2011.02.22 21:38:10 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011.02.22 21:38:10 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011.02.22 21:38:10 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2011.02.22 21:38:10 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011.02.22 21:38:10 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2011.02.22 21:38:09 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2011.02.22 21:38:09 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011.02.22 21:38:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.02.22 21:38:09 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2011.02.22 21:38:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2011.02.22 21:38:09 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011.02.22 21:38:09 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2011.02.22 21:38:08 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2011.02.22 21:38:08 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011.02.22 21:38:08 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2011.02.22 21:38:08 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2011.02.22 21:38:08 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.02.22 21:38:08 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011.02.22 21:38:08 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2011.02.22 21:38:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011.02.22 21:38:07 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2011.02.22 21:38:07 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2011.02.22 21:38:07 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2011.02.22 21:38:07 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2011.02.22 21:38:07 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2011.02.22 21:38:07 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2011.02.22 21:38:06 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011.02.22 21:38:06 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011.02.22 21:38:06 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011.02.22 21:38:06 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2011.02.22 21:38:06 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2011.02.22 21:38:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011.02.22 21:38:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2011.02.22 21:38:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2011.02.22 21:38:05 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011.02.22 21:38:05 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2011.02.22 21:38:05 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.02.22 21:38:05 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2011.02.22 21:38:05 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2011.02.22 21:38:05 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2011.02.22 21:38:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2011.02.22 21:38:05 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2011.02.22 21:38:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011.02.22 21:38:05 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011.02.22 21:38:05 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011.02.22 21:38:04 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2011.02.22 21:38:04 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2011.02.22 21:38:04 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2011.02.22 21:38:04 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011.02.22 21:38:04 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2011.02.22 21:38:04 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2011.02.22 21:38:04 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011.02.22 21:38:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2011.02.22 21:38:03 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2011.02.22 21:38:03 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2011.02.22 21:38:03 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2011.02.22 21:38:03 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2011.02.22 21:38:03 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2011.02.22 21:38:03 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2011.02.22 21:38:03 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2011.02.22 21:38:03 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.02.22 21:38:03 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2011.02.22 21:38:03 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011.02.22 21:38:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2011.02.22 21:38:03 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.02.22 21:38:02 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011.02.22 21:38:02 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2011.02.22 21:38:02 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011.02.22 21:38:02 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2011.02.22 21:38:02 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2011.02.22 21:38:01 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2011.02.22 21:38:01 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2011.02.22 21:38:01 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2011.02.22 21:38:01 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2011.02.22 21:38:01 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011.02.22 21:38:01 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2011.02.22 21:38:01 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2011.02.22 21:38:01 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2011.02.22 21:38:01 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2011.02.22 21:38:01 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2011.02.22 21:38:01 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011.02.22 21:38:01 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2011.02.22 21:38:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011.02.22 21:38:01 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2011.02.22 21:38:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2011.02.22 21:38:00 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2011.02.22 21:38:00 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011.02.22 21:38:00 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2011.02.22 21:38:00 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2011.02.22 21:38:00 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2011.02.22 21:38:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2011.02.22 21:38:00 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011.02.22 21:38:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2011.02.22 21:38:00 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.02.22 21:38:00 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2011.02.22 21:38:00 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011.02.22 21:38:00 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2011.02.22 21:38:00 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011.02.22 21:38:00 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2011.02.22 21:38:00 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.02.22 21:38:00 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2011.02.22 21:38:00 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2011.02.22 21:38:00 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011.02.22 21:37:59 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2011.02.22 21:37:59 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2011.02.22 21:37:59 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011.02.22 21:37:59 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2011.02.22 21:37:59 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011.02.22 21:37:59 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2011.02.22 21:37:59 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2011.02.22 21:37:58 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2011.02.22 21:37:58 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2011.02.22 21:37:58 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.02.22 21:37:58 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2011.02.22 21:37:58 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011.02.22 21:37:58 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011.02.22 21:37:58 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2011.02.22 21:37:58 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2011.02.22 21:37:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011.02.22 21:37:58 | 000,187,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011.02.22 21:37:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.02.22 21:37:58 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2011.02.22 21:37:57 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2011.02.22 21:37:57 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2011.02.22 21:37:57 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2011.02.22 21:37:57 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2011.02.22 21:37:57 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2011.02.22 21:37:57 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2011.02.22 21:37:57 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2011.02.22 21:37:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2011.02.22 21:37:57 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2011.02.22 21:37:57 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2011.02.22 21:37:57 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2011.02.22 21:37:56 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2011.02.22 21:37:56 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2011.02.22 21:37:56 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2011.02.22 21:37:56 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2011.02.22 21:37:56 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2011.02.22 21:37:56 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2011.02.22 21:37:56 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2011.02.22 21:37:56 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2011.02.22 21:37:56 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2011.02.22 21:37:56 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011.02.22 21:37:56 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2011.02.22 21:37:56 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2011.02.22 21:37:56 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.02.22 21:37:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2011.02.22 21:37:56 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.02.22 21:37:55 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2011.02.22 21:37:55 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2011.02.22 21:37:55 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011.02.22 21:37:55 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
[2011.02.22 21:37:55 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2011.02.22 21:37:55 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2011.02.22 21:37:55 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2011.02.22 21:37:55 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2011.02.22 21:37:55 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2011.02.22 21:37:55 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2011.02.22 21:37:55 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011.02.22 21:37:55 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2011.02.22 21:37:55 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011.02.22 21:37:55 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2011.02.22 21:37:55 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2011.02.22 21:37:55 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2011.02.22 21:37:55 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2011.02.22 21:37:55 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2011.02.22 21:37:55 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011.02.22 21:37:55 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2011.02.22 21:37:55 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2011.02.22 21:37:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2011.02.22 21:37:55 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2011.02.22 21:37:55 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2011.02.22 21:37:54 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2011.02.22 21:37:54 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2011.02.22 21:37:54 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2011.02.22 21:37:54 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2011.02.22 21:37:54 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2011.02.22 21:37:54 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2011.02.22 21:37:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2011.02.22 21:37:54 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2011.02.22 21:37:54 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011.02.22 21:37:54 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011.02.22 21:37:54 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2011.02.22 21:37:54 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2011.02.22 21:37:54 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2011.02.22 21:37:54 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2011.02.22 21:37:54 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2011.02.22 21:37:54 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2011.02.22 21:37:54 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2011.02.22 21:37:54 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2011.02.22 21:37:54 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2011.02.22 21:37:54 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2011.02.22 21:37:54 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2011.02.22 21:37:54 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2011.02.22 21:37:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2011.02.22 21:37:54 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2011.02.22 21:37:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011.02.22 21:37:53 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2011.02.22 21:37:53 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011.02.22 21:37:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2011.02.22 21:37:53 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2011.02.22 21:37:53 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011.02.22 21:37:53 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2011.02.22 21:37:53 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2011.02.22 21:37:53 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2011.02.22 21:37:53 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2011.02.22 21:37:53 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011.02.22 21:37:53 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2011.02.22 21:37:53 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2011.02.22 21:37:53 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2011.02.22 21:37:53 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2011.02.22 21:37:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2011.02.22 21:37:53 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2011.02.22 21:37:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2011.02.22 21:37:53 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2011.02.22 21:37:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2011.02.22 21:37:52 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2011.02.22 21:37:52 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2011.02.22 21:37:52 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2011.02.22 21:37:52 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2011.02.22 21:37:52 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2011.02.22 21:37:52 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2011.02.22 21:37:52 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2011.02.22 21:37:52 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2011.02.22 21:37:52 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011.02.22 21:37:52 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011.02.22 21:37:52 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2011.02.22 21:37:52 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2011.02.22 21:37:52 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2011.02.22 21:37:52 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2011.02.22 21:37:52 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2011.02.22 21:37:52 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2011.02.22 21:37:52 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2011.02.22 21:37:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2011.02.22 21:37:52 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2011.02.22 21:37:52 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2011.02.22 21:37:52 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2011.02.22 21:37:52 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011.02.22 21:37:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2011.02.22 21:37:52 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2011.02.22 21:37:52 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011.02.22 21:37:52 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011.02.22 21:37:52 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011.02.22 21:37:51 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011.02.22 21:37:51 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2011.02.22 21:37:51 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2011.02.22 21:37:51 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011.02.22 21:37:51 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2011.02.22 21:37:51 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2011.02.22 21:37:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2011.02.22 21:37:51 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2011.02.22 21:37:51 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2011.02.22 21:37:51 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011.02.22 21:37:51 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011.02.22 21:37:51 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2011.02.22 21:37:51 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2011.02.22 21:37:50 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2011.02.22 21:37:50 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2011.02.22 21:37:50 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2011.02.22 21:37:50 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2011.02.22 21:37:50 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2011.02.22 21:37:50 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2011.02.22 21:37:50 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2011.02.22 21:37:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2011.02.22 21:37:50 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2011.02.22 21:37:50 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011.02.22 21:37:50 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2011.02.22 21:37:50 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2011.02.22 21:37:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011.02.22 21:37:50 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011.02.22 21:37:50 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2011.02.22 21:37:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011.02.22 21:37:49 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2011.02.22 21:37:49 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2011.02.22 21:37:49 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2011.02.22 21:37:49 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2011.02.22 21:37:49 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2011.02.22 21:37:49 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011.02.22 21:37:49 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2011.02.22 21:37:49 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011.02.22 21:37:49 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2011.02.22 21:37:49 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2011.02.22 21:37:49 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011.02.22 21:37:49 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2011.02.22 21:37:49 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2011.02.22 21:37:49 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2011.02.22 21:37:49 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2011.02.22 21:37:49 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2011.02.22 21:37:49 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2011.02.22 21:37:49 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2011.02.22 21:37:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011.02.22 21:37:49 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011.02.22 21:37:49 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2011.02.22 21:37:49 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2011.02.22 21:37:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011.02.22 21:37:49 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2011.02.22 21:37:49 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2011.02.22 21:37:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2011.02.22 21:37:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2011.02.22 21:37:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2011.02.22 21:37:48 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.02.22 21:37:48 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2011.02.22 21:37:48 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2011.02.22 21:37:48 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2011.02.22 21:37:48 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.02.22 21:37:48 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2011.02.22 21:37:48 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011.02.22 21:37:48 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011.02.22 21:37:48 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2011.02.22 21:37:48 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011.02.22 21:37:48 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2011.02.22 21:37:48 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2011.02.22 21:37:48 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2011.02.22 21:37:48 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2011.02.22 21:37:48 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2011.02.22 21:37:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011.02.22 21:37:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2011.02.22 21:37:48 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2011.02.22 21:37:48 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2011.02.22 21:37:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2011.02.22 21:37:48 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011.02.22 21:37:48 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2011.02.22 21:37:48 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2011.02.22 21:37:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011.02.22 21:37:48 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011.02.22 21:37:48 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2011.02.22 21:37:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011.02.22 21:37:48 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2011.02.22 21:37:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2011.02.22 21:37:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2011.02.22 21:37:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2011.02.22 21:37:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011.02.22 21:37:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2011.02.22 21:37:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011.02.22 21:37:48 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2011.02.22 21:37:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2011.02.22 21:37:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2011.02.22 21:37:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2011.02.22 21:37:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2011.02.22 21:37:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2011.02.22 21:37:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2011.02.22 21:37:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2011.02.22 21:37:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2011.02.22 21:37:47 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011.02.22 21:37:47 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2011.02.22 21:37:47 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2011.02.22 21:37:47 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2011.02.22 21:37:47 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2011.02.22 21:37:47 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2011.02.22 21:37:47 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2011.02.22 21:37:47 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2011.02.22 21:37:47 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2011.02.22 21:37:47 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2011.02.22 21:37:47 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2011.02.22 21:37:47 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2011.02.22 21:37:47 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2011.02.22 21:37:47 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2011.02.22 21:37:47 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011.02.22 21:37:47 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2011.02.22 21:37:47 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2011.02.22 21:37:47 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2011.02.22 21:37:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2011.02.22 21:37:47 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2011.02.22 21:37:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2011.02.22 21:37:47 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2011.02.22 21:37:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.02.22 21:37:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2011.02.22 21:37:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2011.02.22 21:37:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2011.02.22 21:37:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2011.02.22 21:37:47 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2011.02.22 21:37:47 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2011.02.22 21:37:47 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2011.02.22 21:37:47 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2011.02.22 21:37:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2011.02.22 21:37:47 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2011.02.22 21:37:47 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2011.02.22 21:37:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2011.02.22 21:37:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2011.02.22 21:37:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2011.02.22 21:37:46 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2011.02.22 21:37:46 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2011.02.22 21:37:46 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.02.22 21:37:46 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.02.22 21:37:46 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2011.02.22 21:37:46 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2011.02.22 21:37:46 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2011.02.22 21:37:46 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011.02.22 21:37:46 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2011.02.22 21:37:46 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2011.02.22 21:37:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.02.22 21:37:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.02.22 21:37:46 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011.02.22 21:37:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2011.02.22 21:37:46 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2011.02.22 21:37:46 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2011.02.22 21:37:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2011.02.22 21:37:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2011.02.22 21:37:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2011.02.22 21:37:46 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011.02.22 21:37:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2011.02.22 21:37:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.02.22 21:37:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2011.02.22 21:37:46 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011.02.22 21:37:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2011.02.22 21:37:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2011.02.22 21:37:46 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2011.02.22 21:37:46 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2011.02.22 21:37:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011.02.22 21:37:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2011.02.22 21:37:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011.02.22 21:37:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011.02.22 21:37:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.02.22 21:37:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2011.02.22 21:37:46 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2011.02.22 21:37:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2011.02.22 21:37:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2011.02.22 21:37:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2011.02.22 21:37:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2011.02.22 21:37:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2011.02.22 21:37:45 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2011.02.22 21:37:45 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2011.02.22 21:37:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2011.02.22 21:37:45 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2011.02.22 21:37:45 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2011.02.22 21:37:45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2011.02.22 21:37:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2011.02.22 21:37:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2011.02.22 21:37:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2011.02.22 21:37:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2011.02.22 21:37:45 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2011.02.22 21:37:45 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2011.02.22 21:37:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2011.02.22 21:37:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2011.02.22 21:37:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2011.02.22 21:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2011.02.22 21:37:45 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011.02.22 21:37:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2011.02.22 21:37:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2011.02.22 21:37:45 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2011.02.22 21:37:45 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2011.02.22 21:37:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2011.02.22 21:37:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2011.02.22 21:37:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2011.02.22 21:37:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2011.02.22 21:37:45 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2011.02.22 21:37:44 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2011.02.22 21:37:44 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2011.02.22 21:37:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011.02.22 21:37:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2011.02.22 21:37:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2011.02.22 21:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2011.02.22 21:37:44 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2011.02.22 21:37:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2011.02.22 21:37:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2011.02.22 21:37:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2011.02.22 21:37:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2011.02.22 21:37:43 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2011.02.22 21:37:43 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2011.02.22 21:37:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2011.02.22 21:37:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2011.02.22 21:37:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2011.02.22 21:37:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011.02.22 21:37:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011.02.22 21:37:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011.02.22 21:37:42 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011.02.22 21:37:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2011.02.22 21:37:41 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2011.02.22 21:37:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2011.02.22 21:37:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2011.02.22 21:37:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2011.02.22 21:37:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2011.02.22 21:37:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2011.02.22 21:37:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2011.02.22 21:37:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2011.02.22 21:37:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2011.02.22 21:37:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2011.02.22 21:37:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.02.22 21:37:22 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2011.02.22 21:37:22 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011.02.22 21:37:17 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2011.02.22 21:37:14 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011.02.22 21:37:14 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2011.02.22 21:36:57 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2011.02.22 21:36:57 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2011.02.22 21:26:39 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.02.22 21:25:51 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.02.22 21:25:51 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.01.11 07:00:11 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2011.01.11 07:00:11 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2011.01.11 07:00:11 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2011.01.11 07:00:11 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2011.01.11 07:00:11 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2011.01.11 07:00:11 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2011.01.11 07:00:11 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxczcoms.exe
[2011.01.11 07:00:11 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2011.01.11 07:00:11 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2011.01.11 07:00:11 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2011.01.11 07:00:11 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxczih.exe
[2011.01.11 07:00:11 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxczcfg.exe
[2011.01.11 07:00:11 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2011.01.11 07:00:11 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2011.01.11 07:00:11 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll
[2011.01.11 06:58:55 | 000,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll
[2011.01.11 06:58:55 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.22 15:53:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2011.03.22 15:37:09 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.22 15:37:09 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.22 15:30:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.22 15:13:22 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.22 15:12:59 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Acer\Desktop\Malwarebytes' Anti-Malware.exe
[2011.03.22 13:53:42 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.22 13:53:42 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.22 13:53:42 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.22 13:53:42 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.22 13:35:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.22 13:07:25 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.21 22:37:39 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.03.21 22:25:24 | 004,298,593 | R--- | M] () -- C:\ComboFix.exe
[2011.03.21 14:37:30 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.03.21 14:37:30 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.03.21 14:37:30 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.03.21 14:37:30 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.03.21 14:37:30 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.03.21 14:37:30 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.03.21 14:37:30 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.03.21 14:37:30 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.03.21 14:37:30 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.03.21 14:37:30 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.03.21 14:37:30 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.03.21 14:37:30 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.03.21 14:37:30 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.03.21 14:37:30 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.03.21 14:37:30 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.03.21 14:37:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.03.21 14:37:30 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.03.21 14:37:30 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.03.21 14:37:30 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.03.21 14:37:30 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.03.21 14:37:30 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.03.21 14:37:30 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.03.21 14:37:30 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.03.21 14:37:30 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.03.21 14:37:30 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.03.21 14:37:30 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.03.21 14:37:30 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.03.21 14:37:30 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.03.21 14:37:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.03.21 14:37:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.03.21 14:37:30 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.03.21 14:37:30 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.03.21 14:37:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.03.21 14:37:30 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.03.21 14:37:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.03.21 14:37:30 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.03.21 14:37:30 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.03.21 14:37:30 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.03.21 14:37:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.03.21 14:37:30 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.03.16 12:47:21 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.03.06 00:42:06 | 002,337,865 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2011.03.03 22:16:05 | 000,006,656 | ---- | M] () -- C:\Users\Acer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.02 21:15:34 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.28 09:00:00 | 000,080,896 | ---- | M] () -- C:\Windows\System32\ff_vfw.dll
[2011.02.27 22:46:59 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2011.02.26 02:07:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.02.26 02:07:53 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.02.26 02:07:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.02.26 02:07:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.02.22 21:49:34 | 000,285,712 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.22 21:44:03 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
 
========== Files Created - No Company Name ==========
 
[2011.03.22 15:13:22 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.21 22:33:34 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.21 22:33:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.21 22:33:34 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.21 22:33:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.21 22:33:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.03.21 22:24:55 | 004,298,593 | R--- | C] () -- C:\ComboFix.exe
[2011.03.21 14:37:30 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.03.06 00:15:31 | 002,337,865 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2011.02.22 21:38:20 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011.02.22 21:37:45 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011.02.22 21:37:41 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011.01.12 03:24:40 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.01.11 22:56:19 | 000,006,656 | ---- | C] () -- C:\Users\Acer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.11 08:06:47 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.01.11 08:06:46 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.01.11 08:06:45 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.01.11 08:06:45 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.01.11 08:06:45 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.01.11 07:00:31 | 000,000,092 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011.01.11 07:00:11 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll
[2011.01.11 07:00:11 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll
[2011.01.11 06:58:55 | 012,067,328 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys
[2011.01.11 06:58:55 | 000,025,472 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys
[2011.01.11 06:58:55 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2011.01.11 06:28:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.21 03:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.12.17 17:00:44 | 000,227,587 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.07.14 09:47:43 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,285,712 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.02.07 18:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007.01.22 09:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll
[2006.11.02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.06.07 14:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006.03.27 12:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006.03.07 12:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll

< End of report >
         

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 22.03.2011 15:55:05 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Acer\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
9,00 Gb Paging File | 8,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 6144 6144 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,78 Gb Total Space | 214,35 Gb Free Space | 92,08% Space Free | Partition Type: NTFS
 
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{0B0F132E-6E8A-934D-A839-C5C15889F12B}" = ATI Catalyst Install Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{27347834-0853-0E3A-88F0-BC6BA43D8BC1}" = CCC Help Portuguese
"{28A4F99C-F116-1AFA-513A-8D44F4070B6C}" = CCC Help Greek
"{298B2F63-B391-BFC5-4AED-660BE336DE73}" = CCC Help Hungarian
"{2F96C5A9-792A-F6ED-4679-603DED5959E1}" = ccc-utility
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B1D7CF8-2A1F-CBA1-06B0-2F89327B198B}" = CCC Help French
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51A1EE33-49D5-5D85-4A0A-91D71C390BCF}" = CCC Help Italian
"{5229C090-842B-1CB0-1676-43E421294B5C}" = AMD Drag and Drop Transcoding
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DF6A7ED-3B51-8E41-B1C9-41DAD97CC08A}" = Catalyst Control Center InstallProxy
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9023988C-4F2B-EB63-7861-33D8F21624C2}" = CCC Help English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BACEBABA-2BA2-05BC-A5DC-CF495F155A24}" = Catalyst Control Center Localization All
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3D329F9-D32A-AB91-1DD2-92B6E5F649E2}" = CCC Help Spanish
"{E497FF62-960D-D750-D14F-C5E25C7AA14F}" = ccc-core-static
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E7613DC8-35E4-E46A-2960-12610864318E}" = CCC Help Polish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2898333-ED2F-EC49-5617-A23F2636A05A}" = Catalyst Control Center Graphics Previews Common
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4F9000-04FC-11E0-85D2-001AA037B01E}" = Google Earth Plug-in
"{FFA48C9D-8B43-772C-BECE-EA29587D8DDB}" = CCC Help German
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"FileZilla Client" = FileZilla Client 3.3.5.1
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.4 (Full)
"Lexmark 1200 Series" = Lexmark 1200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Opticon USB Installer" = Opticon USB Drivers Installer
"ScanIT-Client_is1" = ScanIT-Client 3.2
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Unlocker" = Unlocker 1.9.0
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"xp-AntiSpy" = xp-AntiSpy 3.97-11
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Code: Alles auswählenAufklappen

ATTFilter

2011/03/22 18:15:16.0629 3176	TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/22 18:15:16.0878 3176	================================================================================
2011/03/22 18:15:16.0878 3176	SystemInfo:
2011/03/22 18:15:16.0878 3176	
2011/03/22 18:15:16.0878 3176	OS Version: 6.1.7601 ServicePack: 1.0
2011/03/22 18:15:16.0878 3176	Product type: Workstation
2011/03/22 18:15:16.0878 3176	ComputerName: ACER-PC
2011/03/22 18:15:16.0878 3176	UserName: Acer
2011/03/22 18:15:16.0878 3176	Windows directory: C:\Windows
2011/03/22 18:15:16.0878 3176	System windows directory: C:\Windows
2011/03/22 18:15:16.0878 3176	Processor architecture: Intel x86
2011/03/22 18:15:16.0878 3176	Number of processors: 4
2011/03/22 18:15:16.0878 3176	Page size: 0x1000
2011/03/22 18:15:16.0878 3176	Boot type: Normal boot
2011/03/22 18:15:16.0878 3176	================================================================================
2011/03/22 18:15:17.0128 3176	Initialize success
2011/03/22 18:15:20.0014 3412	================================================================================
2011/03/22 18:15:20.0014 3412	Scan started
2011/03/22 18:15:20.0014 3412	Mode: Manual; 
2011/03/22 18:15:20.0014 3412	================================================================================
2011/03/22 18:15:20.0404 3412	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/03/22 18:15:20.0435 3412	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/03/22 18:15:20.0451 3412	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/03/22 18:15:20.0497 3412	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/03/22 18:15:20.0513 3412	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/03/22 18:15:20.0529 3412	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/03/22 18:15:20.0575 3412	AFD             (1151fd4fb0216cfed887bfde29ebd516) C:\Windows\system32\drivers\afd.sys
2011/03/22 18:15:20.0591 3412	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/03/22 18:15:20.0622 3412	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/03/22 18:15:20.0638 3412	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/03/22 18:15:20.0669 3412	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/03/22 18:15:20.0685 3412	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/03/22 18:15:20.0700 3412	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/03/22 18:15:20.0841 3412	amdkmdag        (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/22 18:15:20.0997 3412	amdkmdap        (92dc2e0ae49148f83b24d89c737b0c97) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/03/22 18:15:21.0012 3412	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/03/22 18:15:21.0043 3412	amdsata         (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
2011/03/22 18:15:21.0059 3412	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/03/22 18:15:21.0090 3412	amdxata         (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
2011/03/22 18:15:21.0121 3412	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/03/22 18:15:21.0153 3412	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/03/22 18:15:21.0168 3412	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/03/22 18:15:21.0184 3412	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/22 18:15:21.0199 3412	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/03/22 18:15:21.0355 3412	atikmdag        (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/22 18:15:21.0433 3412	avgntflt        (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/22 18:15:21.0465 3412	avipbb          (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/22 18:15:21.0480 3412	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/03/22 18:15:21.0511 3412	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/03/22 18:15:21.0543 3412	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/03/22 18:15:21.0574 3412	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/03/22 18:15:21.0589 3412	bowser          (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/22 18:15:21.0621 3412	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/03/22 18:15:21.0636 3412	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/03/22 18:15:21.0667 3412	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/03/22 18:15:21.0699 3412	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/03/22 18:15:21.0714 3412	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/03/22 18:15:21.0745 3412	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/03/22 18:15:21.0761 3412	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/22 18:15:21.0855 3412	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/22 18:15:21.0886 3412	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
2011/03/22 18:15:21.0901 3412	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/03/22 18:15:21.0948 3412	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/03/22 18:15:21.0979 3412	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/22 18:15:21.0995 3412	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/03/22 18:15:22.0026 3412	CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/03/22 18:15:22.0042 3412	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/22 18:15:22.0073 3412	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
2011/03/22 18:15:22.0089 3412	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/03/22 18:15:22.0151 3412	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/03/22 18:15:22.0182 3412	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/03/22 18:15:22.0198 3412	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/03/22 18:15:22.0245 3412	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/03/22 18:15:22.0276 3412	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/22 18:15:22.0354 3412	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/03/22 18:15:22.0432 3412	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/03/22 18:15:22.0463 3412	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/03/22 18:15:22.0494 3412	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/03/22 18:15:22.0510 3412	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/03/22 18:15:22.0541 3412	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/22 18:15:22.0572 3412	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/03/22 18:15:22.0588 3412	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/03/22 18:15:22.0603 3412	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/22 18:15:22.0635 3412	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/03/22 18:15:22.0666 3412	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/03/22 18:15:22.0697 3412	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/22 18:15:22.0713 3412	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/03/22 18:15:22.0744 3412	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/03/22 18:15:22.0759 3412	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/03/22 18:15:22.0791 3412	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/03/22 18:15:22.0822 3412	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
2011/03/22 18:15:22.0837 3412	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/03/22 18:15:22.0869 3412	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/03/22 18:15:22.0900 3412	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/03/22 18:15:22.0915 3412	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
2011/03/22 18:15:22.0947 3412	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/03/22 18:15:22.0978 3412	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/03/22 18:15:23.0009 3412	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/03/22 18:15:23.0025 3412	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
2011/03/22 18:15:23.0056 3412	iaStorV         (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
2011/03/22 18:15:23.0087 3412	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/03/22 18:15:23.0165 3412	IntcAzAudAddService (39be782f9660545a491bf42320232aea) C:\Windows\system32\drivers\RTKVHDA.sys
2011/03/22 18:15:23.0212 3412	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/03/22 18:15:23.0227 3412	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/22 18:15:23.0259 3412	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/22 18:15:23.0274 3412	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/03/22 18:15:23.0305 3412	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/03/22 18:15:23.0321 3412	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/03/22 18:15:23.0337 3412	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/03/22 18:15:23.0368 3412	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
2011/03/22 18:15:23.0399 3412	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
2011/03/22 18:15:23.0415 3412	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
2011/03/22 18:15:23.0446 3412	KSecDD          (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/22 18:15:23.0461 3412	KSecPkg         (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/03/22 18:15:23.0493 3412	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/22 18:15:23.0524 3412	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/03/22 18:15:23.0571 3412	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/03/22 18:15:23.0586 3412	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/03/22 18:15:23.0602 3412	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/03/22 18:15:23.0633 3412	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/03/22 18:15:23.0664 3412	MBAMProtector   (836e0e09ca9869be7eb39ef2cf3602c7) C:\Windows\system32\drivers\mbam.sys
2011/03/22 18:15:23.0695 3412	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/03/22 18:15:23.0727 3412	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/03/22 18:15:23.0742 3412	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/03/22 18:15:23.0773 3412	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/22 18:15:23.0805 3412	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
2011/03/22 18:15:23.0820 3412	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/22 18:15:23.0851 3412	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/03/22 18:15:23.0883 3412	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/03/22 18:15:23.0914 3412	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/22 18:15:23.0945 3412	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/03/22 18:15:23.0976 3412	mrxsmb          (b272b4c3e085ea860c12f2e4faf2ffa2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/22 18:15:24.0007 3412	mrxsmb10        (9ac33ef26c8a3ad0f117d00eb7301d03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/22 18:15:24.0039 3412	mrxsmb20        (e0abdb5ed7e199e242a7d028e76c1d3a) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/22 18:15:24.0148 3412	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/03/22 18:15:24.0179 3412	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/03/22 18:15:24.0210 3412	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/03/22 18:15:24.0226 3412	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/03/22 18:15:24.0241 3412	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/03/22 18:15:24.0273 3412	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/22 18:15:24.0288 3412	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/22 18:15:24.0304 3412	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/03/22 18:15:24.0335 3412	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/03/22 18:15:24.0351 3412	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/03/22 18:15:24.0382 3412	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/03/22 18:15:24.0397 3412	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/03/22 18:15:24.0413 3412	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/03/22 18:15:24.0444 3412	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/22 18:15:24.0491 3412	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/03/22 18:15:24.0507 3412	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/03/22 18:15:24.0538 3412	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/22 18:15:24.0569 3412	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/22 18:15:24.0600 3412	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/22 18:15:24.0616 3412	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/03/22 18:15:24.0631 3412	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/22 18:15:24.0663 3412	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/22 18:15:24.0694 3412	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/03/22 18:15:24.0741 3412	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/03/22 18:15:24.0756 3412	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/22 18:15:24.0803 3412	Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
2011/03/22 18:15:24.0834 3412	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/03/22 18:15:24.0881 3412	NVENETFD        (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
2011/03/22 18:15:24.0912 3412	NVHDA           (f3ef6cb754c908c5e79fe5bb4a7e39ba) C:\Windows\system32\drivers\nvhda32v.sys
2011/03/22 18:15:24.0943 3412	nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
2011/03/22 18:15:24.0975 3412	nvsmu           (7ec12a73067baca25a8e3e2a58ae83d8) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/03/22 18:15:25.0006 3412	nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
2011/03/22 18:15:25.0021 3412	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/03/22 18:15:25.0037 3412	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/03/22 18:15:25.0068 3412	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/03/22 18:15:25.0099 3412	partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/03/22 18:15:25.0131 3412	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/03/22 18:15:25.0162 3412	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/03/22 18:15:25.0177 3412	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/03/22 18:15:25.0209 3412	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/22 18:15:25.0224 3412	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/03/22 18:15:25.0255 3412	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/03/22 18:15:25.0318 3412	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/22 18:15:25.0349 3412	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/03/22 18:15:25.0380 3412	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/22 18:15:25.0427 3412	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/03/22 18:15:25.0458 3412	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/03/22 18:15:25.0474 3412	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/22 18:15:25.0505 3412	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/22 18:15:25.0521 3412	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/03/22 18:15:25.0536 3412	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/22 18:15:25.0567 3412	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/22 18:15:25.0599 3412	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/22 18:15:25.0614 3412	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/22 18:15:25.0630 3412	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/03/22 18:15:25.0661 3412	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/22 18:15:25.0692 3412	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/22 18:15:25.0708 3412	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/03/22 18:15:25.0739 3412	RDPWD           (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/03/22 18:15:25.0770 3412	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/03/22 18:15:25.0817 3412	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/22 18:15:25.0848 3412	RTHDMIAzAudService (87407b31ea6ff0dc4765258164b98bea) C:\Windows\system32\drivers\RtHDMIV.sys
2011/03/22 18:15:25.0895 3412	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/03/22 18:15:25.0911 3412	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/03/22 18:15:25.0942 3412	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/22 18:15:25.0973 3412	Ser2at          (268dc6a0ea10a494b369e94525742589) C:\Windows\system32\DRIVERS\ser2at.sys
2011/03/22 18:15:26.0004 3412	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/22 18:15:26.0020 3412	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/03/22 18:15:26.0035 3412	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/03/22 18:15:26.0067 3412	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/03/22 18:15:26.0098 3412	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/22 18:15:26.0129 3412	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/22 18:15:26.0145 3412	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/22 18:15:26.0191 3412	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/03/22 18:15:26.0207 3412	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/03/22 18:15:26.0223 3412	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/03/22 18:15:26.0238 3412	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/03/22 18:15:26.0488 3412	SNP2STD         (01b4b8b721345692d53f10b584b3d5d8) C:\Windows\system32\DRIVERS\snp2sxp.sys
2011/03/22 18:15:26.0675 3412	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/03/22 18:15:26.0706 3412	srv             (112127c3b2e64d7680cc39cd0a39dd7e) C:\Windows\system32\DRIVERS\srv.sys
2011/03/22 18:15:26.0753 3412	srv2            (e5dd784a4ee5ebc72a86c677c988fcdb) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/22 18:15:26.0784 3412	srvnet          (cdbe627e16cc9e98f343d73f8e81d258) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/22 18:15:26.0831 3412	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/03/22 18:15:26.0847 3412	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/03/22 18:15:26.0878 3412	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/03/22 18:15:26.0940 3412	Tcpip           (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\drivers\tcpip.sys
2011/03/22 18:15:26.0971 3412	TCPIP6          (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/22 18:15:27.0018 3412	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/22 18:15:27.0049 3412	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/03/22 18:15:27.0065 3412	TDTCP           (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/03/22 18:15:27.0096 3412	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/22 18:15:27.0112 3412	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
2011/03/22 18:15:27.0159 3412	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/22 18:15:27.0190 3412	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/03/22 18:15:27.0205 3412	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/22 18:15:27.0237 3412	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/03/22 18:15:27.0268 3412	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/22 18:15:27.0299 3412	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/22 18:15:27.0315 3412	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
2011/03/22 18:15:27.0346 3412	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/03/22 18:15:27.0361 3412	usbccgp         (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\drivers\usbccgp.sys
2011/03/22 18:15:27.0393 3412	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/03/22 18:15:27.0424 3412	usbehci         (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/22 18:15:27.0439 3412	usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
2011/03/22 18:15:27.0471 3412	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/03/22 18:15:27.0486 3412	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/22 18:15:27.0517 3412	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/22 18:15:27.0533 3412	USBSTOR         (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\drivers\USBSTOR.SYS
2011/03/22 18:15:27.0564 3412	usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/22 18:15:27.0580 3412	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/03/22 18:15:27.0611 3412	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/22 18:15:27.0627 3412	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/03/22 18:15:27.0658 3412	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/03/22 18:15:27.0673 3412	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/03/22 18:15:27.0705 3412	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/03/22 18:15:27.0720 3412	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/03/22 18:15:27.0736 3412	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/03/22 18:15:27.0767 3412	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/03/22 18:15:27.0783 3412	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/03/22 18:15:27.0814 3412	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/03/22 18:15:27.0845 3412	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/03/22 18:15:27.0876 3412	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/03/22 18:15:27.0892 3412	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/22 18:15:27.0907 3412	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/22 18:15:27.0954 3412	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/03/22 18:15:27.0970 3412	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/22 18:15:28.0017 3412	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/03/22 18:15:28.0032 3412	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/03/22 18:15:28.0110 3412	WinRing0_1_2_0  (845af1ba23c8d5e64def61bcc441604c) C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys
2011/03/22 18:15:28.0157 3412	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/03/22 18:15:28.0204 3412	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/22 18:15:28.0251 3412	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/03/22 18:15:28.0266 3412	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/22 18:15:28.0313 3412	================================================================================
2011/03/22 18:15:28.0313 3412	Scan finished
2011/03/22 18:15:28.0313 3412	================================================================================
         

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

• Doppelklick auf die MBRCheck.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Das Tool braucht nur wenige Sekunden.
• Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

Code: Alles auswählenAufklappen

ATTFilter

GMER 1.0.15.15570 - hxxp://www.gmer.net
Rootkit scan 2011-03-22 18:34:30
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\0000005a WDC_WD50 rev.05.0
Running: gmer.exe; Driver: C:\Users\Acer\AppData\Local\Temp\kxldrpob.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKey + 13C1                                            8323F339 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                   83278D52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           C:\Windows\system32\DRIVERS\atikmdag.sys                                 section is writeable [0x9123B000, 0x37D761, 0xE8000020]
PAGE            peauth.sys                                                               9D41BE21 100 Bytes  CALL 4A7B4703 

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[2316] ntdll.dll!LdrLoadDll  771922B8 5 Bytes  JMP 001013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

Device          \Driver\ACPI_HAL \Device\00000041                                        halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume6                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume7                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
         

Code: Alles auswählenAufklappen

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:38:36 on 22.03.2011

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.15

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"bdeadmin.cpl" - "Borland Software Corporation" - C:\Windows\system32\bdeadmin.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\Acer\AppData\Local\Temp\catchme.sys  (File not found)
"kxldrpob" (kxldrpob) - ? - C:\Users\Acer\AppData\Local\Temp\kxldrpob.sys  (Hidden registry entry, rootkit activity | File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller" (usbehci) - "Microsoft Corporation" - C:\Windows\system32\DRIVERS\usbehci.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"WinRing0_1_2_0" (WinRing0_1_2_0) - "OpenLibSys.org" - C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - C:\Program Files\Unlocker\UnlockerCOM.dll  (File found, but it contains no detailed information)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -   (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
ITBar7Position "ITBar7Position" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"ProtexisLicensing" (ProtexisLicensing) - ? - C:\Windows\system32\PSIService.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
         

Code: Alles auswählenAufklappen

ATTFilter

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows 7 Home Premium Edition
Windows Information:		Service Pack 1 (build 7601), 32-bit
Base Board Manufacturer:	ACER
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		ACER
System Product Name:		M5640/M3640
Logical Drives Mask:		0x000001fc

Kernel Drivers (total 193):
  0x83201000 \SystemRoot\system32\ntkrnlpa.exe
  0x83613000 \SystemRoot\system32\halmacpi.dll
  0x80BA7000 \SystemRoot\system32\kdcom.dll
  0x8B210000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x8B295000 \SystemRoot\system32\PSHED.dll
  0x8B2A6000 \SystemRoot\system32\BOOTVID.dll
  0x8B2AE000 \SystemRoot\system32\CLFS.SYS
  0x8B2F0000 \SystemRoot\system32\CI.dll
  0x8B42E000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x8B49F000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x8B4AD000 \SystemRoot\system32\drivers\ACPI.sys
  0x8B4F5000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x8B4FE000 \SystemRoot\system32\drivers\msisadrv.sys
  0x8B506000 \SystemRoot\system32\drivers\pci.sys
  0x8B530000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x8B53B000 \SystemRoot\System32\drivers\partmgr.sys
  0x8B54C000 \SystemRoot\system32\drivers\volmgr.sys
  0x8B55C000 \SystemRoot\System32\drivers\volmgrx.sys
  0x8B5A7000 \SystemRoot\system32\drivers\nvraid.sys
  0x8B5C6000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x8B5EB000 \SystemRoot\system32\drivers\pciide.sys
  0x8B5F2000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x8B400000 \SystemRoot\System32\drivers\mountmgr.sys
  0x8B416000 \SystemRoot\system32\drivers\atapi.sys
  0x8B39B000 \SystemRoot\system32\drivers\ataport.SYS
  0x8B3BE000 \SystemRoot\system32\drivers\nvstor.sys
  0x8B611000 \SystemRoot\system32\drivers\storport.sys
  0x8B659000 \SystemRoot\system32\drivers\amdxata.sys
  0x8B662000 \SystemRoot\system32\drivers\fltmgr.sys
  0x8B696000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8B6A7000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x8B80C000 \SystemRoot\System32\Drivers\msrpc.sys
  0x8B837000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x8B84A000 \SystemRoot\System32\Drivers\cng.sys
  0x8B8A7000 \SystemRoot\System32\drivers\pcw.sys
  0x8B8B5000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x8B8BE000 \SystemRoot\system32\drivers\ndis.sys
  0x8B975000 \SystemRoot\system32\drivers\NETIO.SYS
  0x8B9B3000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x8BA0D000 \SystemRoot\System32\drivers\tcpip.sys
  0x8BB57000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x8BB88000 \SystemRoot\system32\drivers\volsnap.sys
  0x8BBC7000 \SystemRoot\System32\Drivers\spldr.sys
  0x8BBCF000 \SystemRoot\System32\drivers\rdyboost.sys
  0x8B9D8000 \SystemRoot\System32\Drivers\mup.sys
  0x8BA00000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x8BC2A000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x8BC5C000 \SystemRoot\system32\DRIVERS\disk.sys
  0x8BCBA000 \SystemRoot\system32\drivers\cdrom.sys
  0x8BCD9000 \SystemRoot\System32\Drivers\Null.SYS
  0x8BCE0000 \SystemRoot\System32\Drivers\Beep.SYS
  0x8BCE7000 \SystemRoot\System32\drivers\vga.sys
  0x8BCF3000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x8BD14000 \SystemRoot\System32\drivers\watchdog.sys
  0x8BD21000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x8BD29000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x8BD31000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x8BD39000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x8BD44000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x8BD52000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x8BD69000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x8BD75000 \SystemRoot\system32\drivers\afd.sys
  0x90839000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x9086B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x90872000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x90891000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x9089F000 \SystemRoot\system32\DRIVERS\serial.sys
  0x908B9000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x908CC000 \SystemRoot\system32\drivers\termdd.sys
  0x908DD000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
  0x908E3000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x90924000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x9092E000 \SystemRoot\system32\drivers\mssmbios.sys
  0x90938000 \SystemRoot\System32\drivers\discache.sys
  0x90944000 \SystemRoot\System32\Drivers\dfsc.sys
  0x9095C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x9096A000 \SystemRoot\system32\DRIVERS\avipbb.sys
  0x90990000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x909B1000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x909C3000 \SystemRoot\system32\DRIVERS\serenum.sys
  0x909E5000 \SystemRoot\system32\drivers\mouclass.sys
  0x909F2000 \SystemRoot\system32\DRIVERS\nvsmu.sys
  0x909F5000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x90A16000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x90A61000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x90A70000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x90A8F000 \SystemRoot\system32\drivers\1394ohci.sys
  0x90ABC000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x9123A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x90AFB000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x919C0000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x9242E000 \SystemRoot\system32\DRIVERS\nvm62x32.sys
  0x92483000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x92490000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x924A2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x924BA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x924C5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x924E7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x924FF000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x92516000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x9252D000 \SystemRoot\system32\drivers\kbdclass.sys
  0x9253A000 \SystemRoot\system32\drivers\swenum.sys
  0x9253C000 \SystemRoot\system32\drivers\ks.sys
  0x92570000 \SystemRoot\system32\drivers\umbus.sys
  0x9257E000 \SystemRoot\system32\drivers\usbhub.sys
  0x925C2000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x96A04000 \SystemRoot\system32\drivers\RTKVHDA.sys
  0x96D3E000 \SystemRoot\system32\drivers\portcls.sys
  0x96D6D000 \SystemRoot\system32\drivers\drmk.sys
  0x96D86000 \SystemRoot\system32\drivers\nvhda32v.sys
  0x96D91000 \SystemRoot\system32\drivers\RtHDMIV.sys
  0x98030000 \SystemRoot\System32\win32k.sys
  0x96DB7000 \SystemRoot\System32\drivers\Dxapi.sys
         

MBRCheck ist unvollständig.

Code: Alles auswählenAufklappen

ATTFilter

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows 7 Home Premium Edition
Windows Information:		Service Pack 1 (build 7601), 32-bit
Base Board Manufacturer:	ACER
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		ACER
System Product Name:		M5640/M3640
Logical Drives Mask:		0x000001fc

Kernel Drivers (total 193):
  0x83201000 \SystemRoot\system32\ntkrnlpa.exe
  0x83613000 \SystemRoot\system32\halmacpi.dll
  0x80BA7000 \SystemRoot\system32\kdcom.dll
  0x8B210000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x8B295000 \SystemRoot\system32\PSHED.dll
  0x8B2A6000 \SystemRoot\system32\BOOTVID.dll
  0x8B2AE000 \SystemRoot\system32\CLFS.SYS
  0x8B2F0000 \SystemRoot\system32\CI.dll
  0x8B42E000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x8B49F000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x8B4AD000 \SystemRoot\system32\drivers\ACPI.sys
  0x8B4F5000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x8B4FE000 \SystemRoot\system32\drivers\msisadrv.sys
  0x8B506000 \SystemRoot\system32\drivers\pci.sys
  0x8B530000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x8B53B000 \SystemRoot\System32\drivers\partmgr.sys
  0x8B54C000 \SystemRoot\system32\drivers\volmgr.sys
  0x8B55C000 \SystemRoot\System32\drivers\volmgrx.sys
  0x8B5A7000 \SystemRoot\system32\drivers\nvraid.sys
  0x8B5C6000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x8B5EB000 \SystemRoot\system32\drivers\pciide.sys
  0x8B5F2000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x8B400000 \SystemRoot\System32\drivers\mountmgr.sys
  0x8B416000 \SystemRoot\system32\drivers\atapi.sys
  0x8B39B000 \SystemRoot\system32\drivers\ataport.SYS
  0x8B3BE000 \SystemRoot\system32\drivers\nvstor.sys
  0x8B611000 \SystemRoot\system32\drivers\storport.sys
  0x8B659000 \SystemRoot\system32\drivers\amdxata.sys
  0x8B662000 \SystemRoot\system32\drivers\fltmgr.sys
  0x8B696000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8B6A7000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x8B80C000 \SystemRoot\System32\Drivers\msrpc.sys
  0x8B837000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x8B84A000 \SystemRoot\System32\Drivers\cng.sys
  0x8B8A7000 \SystemRoot\System32\drivers\pcw.sys
  0x8B8B5000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x8B8BE000 \SystemRoot\system32\drivers\ndis.sys
  0x8B975000 \SystemRoot\system32\drivers\NETIO.SYS
  0x8B9B3000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x8BA0D000 \SystemRoot\System32\drivers\tcpip.sys
  0x8BB57000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x8BB88000 \SystemRoot\system32\drivers\volsnap.sys
  0x8BBC7000 \SystemRoot\System32\Drivers\spldr.sys
  0x8BBCF000 \SystemRoot\System32\drivers\rdyboost.sys
  0x8B9D8000 \SystemRoot\System32\Drivers\mup.sys
  0x8BA00000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x8BC2A000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x8BC5C000 \SystemRoot\system32\DRIVERS\disk.sys
  0x8BCBA000 \SystemRoot\system32\drivers\cdrom.sys
  0x8BCD9000 \SystemRoot\System32\Drivers\Null.SYS
  0x8BCE0000 \SystemRoot\System32\Drivers\Beep.SYS
  0x8BCE7000 \SystemRoot\System32\drivers\vga.sys
  0x8BCF3000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x8BD14000 \SystemRoot\System32\drivers\watchdog.sys
  0x8BD21000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x8BD29000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x8BD31000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x8BD39000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x8BD44000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x8BD52000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x8BD69000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x8BD75000 \SystemRoot\system32\drivers\afd.sys
  0x90839000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x9086B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x90872000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x90891000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x9089F000 \SystemRoot\system32\DRIVERS\serial.sys
  0x908B9000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x908CC000 \SystemRoot\system32\drivers\termdd.sys
  0x908DD000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
  0x908E3000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x90924000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x9092E000 \SystemRoot\system32\drivers\mssmbios.sys
  0x90938000 \SystemRoot\System32\drivers\discache.sys
  0x90944000 \SystemRoot\System32\Drivers\dfsc.sys
  0x9095C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x9096A000 \SystemRoot\system32\DRIVERS\avipbb.sys
  0x90990000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x909B1000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x909C3000 \SystemRoot\system32\DRIVERS\serenum.sys
  0x909E5000 \SystemRoot\system32\drivers\mouclass.sys
  0x909F2000 \SystemRoot\system32\DRIVERS\nvsmu.sys
  0x909F5000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x90A16000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x90A61000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x90A70000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x90A8F000 \SystemRoot\system32\drivers\1394ohci.sys
  0x90ABC000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x9123A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x90AFB000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x919C0000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x9242E000 \SystemRoot\system32\DRIVERS\nvm62x32.sys
  0x92483000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x92490000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x924A2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x924BA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x924C5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x924E7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x924FF000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x92516000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x9252D000 \SystemRoot\system32\drivers\kbdclass.sys
  0x9253A000 \SystemRoot\system32\drivers\swenum.sys
  0x9253C000 \SystemRoot\system32\drivers\ks.sys
  0x92570000 \SystemRoot\system32\drivers\umbus.sys
  0x9257E000 \SystemRoot\system32\drivers\usbhub.sys
  0x925C2000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x96A04000 \SystemRoot\system32\drivers\RTKVHDA.sys
  0x96D3E000 \SystemRoot\system32\drivers\portcls.sys
  0x96D6D000 \SystemRoot\system32\drivers\drmk.sys
  0x96D86000 \SystemRoot\system32\drivers\nvhda32v.sys
  0x96D91000 \SystemRoot\system32\drivers\RtHDMIV.sys
  0x98030000 \SystemRoot\System32\win32k.sys
  0x96DB7000 \SystemRoot\System32\drivers\Dxapi.sys
  0x96DC1000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x96DCE000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x96DD8000 \SystemRoot\System32\Drivers\dump_nvstor.sys
  0x925D3000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x925E4000 \SystemRoot\system32\DRIVERS\ser2at.sys
  0x92400000 \SystemRoot\system32\drivers\hidusb.sys
  0x9240B000 \SystemRoot\system32\drivers\HIDCLASS.SYS
  0x9241E000 \SystemRoot\system32\drivers\HIDPARSE.SYS
  0x96DFD000 \SystemRoot\system32\drivers\USBD.SYS
  0x91200000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x9120B000 \SystemRoot\system32\DRIVERS\usbscan.sys
  0x98603000 \SystemRoot\system32\DRIVERS\snp2sxp.sys
  0x99186000 \SystemRoot\system32\DRIVERS\STREAM.SYS
  0x99194000 \SystemRoot\system32\DRIVERS\SNCAMD.SYS
  0x9919B000 \SystemRoot\system32\DRIVERS\usbprint.sys
  0x991A6000 \SystemRoot\system32\drivers\usbccgp.sys
  0x991BD000 \SystemRoot\system32\drivers\kbdhid.sys
  0x991C9000 \SystemRoot\system32\drivers\USBSTOR.SYS
  0x991E0000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x98290000 \SystemRoot\System32\TSDDD.dll
  0x982C0000 \SystemRoot\System32\cdd.dll
  0x91219000 \SystemRoot\system32\drivers\luafv.sys
  0x991EB000 \SystemRoot\system32\DRIVERS\avgntflt.sys
  0x90BB2000 \SystemRoot\system32\drivers\WudfPf.sys
  0x90BCC000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x90BDC000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x90800000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x90A00000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x8BDCF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x8BC6D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x90819000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x9D410000 \SystemRoot\system32\drivers\peauth.sys
  0x9D4A7000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x9D4B1000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x9D4D2000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x9D4DF000 \??\C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys
  0x9D4E1000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x9D530000 \SystemRoot\System32\DRIVERS\srv.sys
  0xA1217000 \SystemRoot\system32\drivers\HTTP.sys
  0xA12BD000 \??\C:\Windows\system32\drivers\mbam.sys
  0xA1341000 \??\C:\Users\Acer\AppData\Local\Temp\kxldrpob.sys
  0x77130000 \Windows\System32\ntdll.dll
  0x484C0000 \Windows\System32\smss.exe
  0x77370000 \Windows\System32\apisetschema.dll
  0x00FF0000 \Windows\System32\autochk.exe
  0x772B0000 \Windows\System32\msvcrt.dll
  0x770E0000 \Windows\System32\gdi32.dll
  0x77050000 \Windows\System32\oleaut32.dll
  0x76FB0000 \Windows\System32\advapi32.dll
  0x76F50000 \Windows\System32\shlwapi.dll
  0x772A0000 \Windows\System32\psapi.dll
  0x76DF0000 \Windows\System32\ole32.dll
  0x76D90000 \Windows\System32\difxapi.dll
  0x77280000 \Windows\System32\imm32.dll
  0x76140000 \Windows\System32\shell32.dll
  0x76060000 \Windows\System32\kernel32.dll
  0x77270000 \Windows\System32\normaliz.dll
  0x76040000 \Windows\System32\sechost.dll
  0x75F70000 \Windows\System32\user32.dll
  0x75F20000 \Windows\System32\Wldap32.dll
  0x75F10000 \Windows\System32\lpk.dll
  0x75E70000 \Windows\System32\usp10.dll
  0x75D60000 \Windows\System32\urlmon.dll
  0x75CB0000 \Windows\System32\rpcrt4.dll
  0x75C80000 \Windows\System32\imagehlp.dll
  0x75BF0000 \Windows\System32\clbcatq.dll
  0x75A50000 \Windows\System32\setupapi.dll
  0x75980000 \Windows\System32\msctf.dll
  0x75940000 \Windows\System32\ws2_32.dll
  0x75820000 \Windows\System32\wininet.dll
  0x75810000 \Windows\System32\nsi.dll
  0x75650000 \Windows\System32\iertutil.dll
  0x755D0000 \Windows\System32\comdlg32.dll
  0x755A0000 \Windows\System32\wintrust.dll
  0x75580000 \Windows\System32\devobj.dll
  0x75460000 \Windows\System32\crypt32.dll
  0x753D0000 \Windows\System32\comctl32.dll
  0x753A0000 \Windows\System32\cfgmgr32.dll
  0x75350000 \Windows\System32\KernelBase.dll
  0x75340000 \Windows\System32\msasn1.dll

Processes (total 37):
       0 System Idle Process
       4 System
     284 C:\Windows\System32\smss.exe
     432 csrss.exe
     512 C:\Windows\System32\wininit.exe
     520 csrss.exe
     560 C:\Windows\System32\services.exe
     580 C:\Windows\System32\lsass.exe
     588 C:\Windows\System32\lsm.exe
     672 C:\Windows\System32\winlogon.exe
     732 C:\Windows\System32\svchost.exe
     844 C:\Windows\System32\svchost.exe
     932 C:\Windows\System32\svchost.exe
     972 C:\Windows\System32\svchost.exe
    1020 C:\Windows\System32\svchost.exe
    1168 C:\Windows\System32\svchost.exe
    1260 C:\Windows\System32\svchost.exe
    1364 C:\Program Files\Avira\AntiVir Desktop\sched.exe
    1400 C:\Windows\System32\svchost.exe
    1540 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    1612 C:\Windows\System32\svchost.exe
    1864 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    1876 C:\Windows\System32\conhost.exe
     320 C:\Windows\System32\taskhost.exe
     748 C:\Windows\System32\dwm.exe
    1152 C:\Windows\explorer.exe
    2056 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    2064 C:\Program Files\Windows Sidebar\sidebar.exe
    2452 C:\Windows\System32\svchost.exe
    3636 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    3772 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
     460 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    2316 C:\Program Files\Mozilla Firefox\firefox.exe
    1308 C:\Windows\System32\audiodg.exe
    1076 C:\Users\Acer\Desktop\MBRCheck.exe
    3528 C:\Windows\System32\conhost.exe
    3960 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000003a`38600000  (NTFS)

PhysicalDrive0 Model Number: WDC WD5000AAKS-00V1A, Rev: 05.0

      Size  Device Name          MBR Status
  --------------------------------------------
    465 GB  \\.\PhysicalDrive0   MBR Code Faked!
            SHA1: A944880D6DB29DB73E8423C17FEC4364A7F69A83


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit: 
Options:
  [1] Dump the MBR of a physical disk to file.
  [2] Restore the MBR of a physical disk with a standard boot code.
  [3] Exit.

Enter your choice: 

Done!