| |
| |||||||
Log-Analyse und Auswertung: Facebook Virus. (bist du das auf dem Foto .........)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.08.2011, 16:44
| #31 |
 |  Facebook Virus. (bist du das auf dem Foto .........) 2011/08/26 17:30:41.0500 4056 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/08/26 17:30:41.0641 4056 ================================================================================ 2011/08/26 17:30:41.0641 4056 SystemInfo: 2011/08/26 17:30:41.0641 4056 2011/08/26 17:30:41.0641 4056 OS Version: 6.0.6002 ServicePack: 2.0 2011/08/26 17:30:41.0641 4056 Product type: Workstation 2011/08/26 17:30:41.0641 4056 ComputerName: PITTISNOTEBOOK 2011/08/26 17:30:41.0641 4056 UserName: Peter Reuter 2011/08/26 17:30:41.0641 4056 Windows directory: C:\Windows 2011/08/26 17:30:41.0641 4056 System windows directory: C:\Windows 2011/08/26 17:30:41.0641 4056 Processor architecture: Intel x86 2011/08/26 17:30:41.0641 4056 Number of processors: 2 2011/08/26 17:30:41.0641 4056 Page size: 0x1000 2011/08/26 17:30:41.0641 4056 Boot type: Normal boot 2011/08/26 17:30:41.0641 4056 ================================================================================ 2011/08/26 17:30:42.0811 4056 Initialize success 2011/08/26 17:31:21.0311 5432 ================================================================================ 2011/08/26 17:31:21.0311 5432 Scan started 2011/08/26 17:31:21.0311 5432 Mode: Manual; 2011/08/26 17:31:21.0311 5432 ================================================================================ 2011/08/26 17:31:22.0123 5432 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/08/26 17:31:22.0216 5432 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/08/26 17:31:22.0263 5432 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/08/26 17:31:22.0294 5432 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/08/26 17:31:22.0325 5432 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/08/26 17:31:22.0388 5432 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 2011/08/26 17:31:22.0466 5432 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys 2011/08/26 17:31:22.0559 5432 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/08/26 17:31:22.0606 5432 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/08/26 17:31:22.0622 5432 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/08/26 17:31:22.0653 5432 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/08/26 17:31:22.0669 5432 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/08/26 17:31:22.0700 5432 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/08/26 17:31:22.0731 5432 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/08/26 17:31:22.0809 5432 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/08/26 17:31:22.0856 5432 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/08/26 17:31:22.0918 5432 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/26 17:31:22.0965 5432 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/08/26 17:31:23.0090 5432 atikmdag (932481db5f321e7bd56d3d7baa1fb3c3) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/26 17:31:23.0168 5432 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys 2011/08/26 17:31:23.0261 5432 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/08/26 17:31:23.0339 5432 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/08/26 17:31:23.0402 5432 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys 2011/08/26 17:31:23.0464 5432 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/08/26 17:31:23.0527 5432 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/08/26 17:31:23.0589 5432 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/26 17:31:23.0636 5432 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/08/26 17:31:23.0651 5432 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/08/26 17:31:23.0683 5432 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/08/26 17:31:23.0714 5432 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/08/26 17:31:23.0729 5432 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/08/26 17:31:23.0761 5432 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/08/26 17:31:23.0839 5432 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/08/26 17:31:23.0963 5432 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/08/26 17:31:24.0010 5432 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/08/26 17:31:24.0073 5432 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 2011/08/26 17:31:24.0135 5432 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 2011/08/26 17:31:24.0182 5432 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys 2011/08/26 17:31:24.0213 5432 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys 2011/08/26 17:31:24.0244 5432 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/08/26 17:31:24.0291 5432 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/26 17:31:24.0369 5432 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/08/26 17:31:24.0400 5432 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/08/26 17:31:24.0463 5432 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/08/26 17:31:24.0541 5432 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/08/26 17:31:24.0587 5432 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/08/26 17:31:24.0619 5432 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/08/26 17:31:24.0650 5432 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/08/26 17:31:24.0681 5432 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/08/26 17:31:24.0759 5432 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 2011/08/26 17:31:24.0837 5432 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/08/26 17:31:24.0915 5432 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/08/26 17:31:24.0977 5432 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/26 17:31:25.0024 5432 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/08/26 17:31:25.0118 5432 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/08/26 17:31:25.0165 5432 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/08/26 17:31:25.0211 5432 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/08/26 17:31:25.0289 5432 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/08/26 17:31:25.0352 5432 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/08/26 17:31:25.0383 5432 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/08/26 17:31:25.0414 5432 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/08/26 17:31:25.0445 5432 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/08/26 17:31:25.0477 5432 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/08/26 17:31:25.0539 5432 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/08/26 17:31:25.0601 5432 fspad_wlh32 (8f8bcd8a0c98e1b2847f6dfec1696d9d) C:\Windows\system32\DRIVERS\fspad_wlh32.sys 2011/08/26 17:31:25.0633 5432 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/26 17:31:25.0648 5432 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/08/26 17:31:25.0742 5432 hcw95bda (22854653e20a005083e49f699dd311aa) C:\Windows\system32\Drivers\hcw95bda.sys 2011/08/26 17:31:25.0789 5432 hcw95rc (932bb28da599f3bd4a00855493d7fa1d) C:\Windows\system32\DRIVERS\hcw95rc.sys 2011/08/26 17:31:25.0851 5432 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 2011/08/26 17:31:25.0929 5432 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/08/26 17:31:25.0960 5432 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/08/26 17:31:26.0007 5432 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/08/26 17:31:26.0069 5432 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/08/26 17:31:26.0101 5432 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/08/26 17:31:26.0163 5432 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/08/26 17:31:26.0257 5432 hwdatacard (1720966d9c7ea5e2d78b6db92d2f9171) C:\Windows\system32\DRIVERS\ewusbmdm.sys 2011/08/26 17:31:26.0288 5432 hwpsgt (a439ebd90afdb1f516c875b9b317832f) C:\Windows\system32\DRIVERS\hwpsgt.sys 2011/08/26 17:31:26.0319 5432 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/08/26 17:31:26.0381 5432 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/08/26 17:31:26.0413 5432 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/08/26 17:31:26.0444 5432 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/08/26 17:31:26.0491 5432 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/08/26 17:31:26.0506 5432 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/08/26 17:31:26.0553 5432 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/26 17:31:26.0615 5432 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/08/26 17:31:26.0631 5432 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/08/26 17:31:26.0662 5432 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/08/26 17:31:26.0693 5432 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/08/26 17:31:26.0756 5432 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/08/26 17:31:26.0771 5432 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/08/26 17:31:26.0803 5432 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/08/26 17:31:26.0834 5432 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/08/26 17:31:26.0896 5432 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/08/26 17:31:26.0959 5432 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/26 17:31:27.0021 5432 lemsgt (057da656166893842dd401c25a058c4e) C:\Windows\system32\DRIVERS\lemsgt.sys 2011/08/26 17:31:27.0052 5432 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys 2011/08/26 17:31:27.0083 5432 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/26 17:31:27.0130 5432 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/08/26 17:31:27.0161 5432 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/08/26 17:31:27.0208 5432 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/08/26 17:31:27.0239 5432 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/08/26 17:31:27.0286 5432 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\Windows\system32\drivers\mbamswissarmy.sys 2011/08/26 17:31:27.0317 5432 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/08/26 17:31:27.0349 5432 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/08/26 17:31:27.0395 5432 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/08/26 17:31:27.0411 5432 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/26 17:31:27.0442 5432 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/08/26 17:31:27.0458 5432 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/26 17:31:27.0489 5432 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/08/26 17:31:27.0536 5432 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/08/26 17:31:27.0567 5432 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/26 17:31:27.0598 5432 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/08/26 17:31:27.0645 5432 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/08/26 17:31:27.0692 5432 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/26 17:31:27.0723 5432 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/26 17:31:27.0754 5432 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/26 17:31:27.0817 5432 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys 2011/08/26 17:31:27.0863 5432 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/08/26 17:31:27.0910 5432 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/08/26 17:31:27.0941 5432 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/08/26 17:31:27.0973 5432 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/26 17:31:28.0004 5432 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/26 17:31:28.0051 5432 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/08/26 17:31:28.0113 5432 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/08/26 17:31:28.0129 5432 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/08/26 17:31:28.0144 5432 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/08/26 17:31:28.0175 5432 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/08/26 17:31:28.0238 5432 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/26 17:31:28.0316 5432 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/08/26 17:31:28.0347 5432 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/26 17:31:28.0363 5432 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/26 17:31:28.0425 5432 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/26 17:31:28.0456 5432 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/08/26 17:31:28.0487 5432 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/26 17:31:28.0550 5432 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/26 17:31:28.0659 5432 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys 2011/08/26 17:31:28.0799 5432 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys 2011/08/26 17:31:28.0893 5432 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/08/26 17:31:28.0955 5432 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/08/26 17:31:29.0002 5432 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/26 17:31:29.0096 5432 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/08/26 17:31:29.0143 5432 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/08/26 17:31:29.0174 5432 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/08/26 17:31:29.0205 5432 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/08/26 17:31:29.0236 5432 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/08/26 17:31:29.0267 5432 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/08/26 17:31:29.0330 5432 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 2011/08/26 17:31:29.0377 5432 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/08/26 17:31:29.0439 5432 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/08/26 17:31:29.0455 5432 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/08/26 17:31:29.0533 5432 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/08/26 17:31:29.0548 5432 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/08/26 17:31:29.0579 5432 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/08/26 17:31:29.0657 5432 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/08/26 17:31:29.0782 5432 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/26 17:31:29.0813 5432 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/08/26 17:31:29.0876 5432 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/26 17:31:29.0938 5432 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/08/26 17:31:30.0001 5432 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/08/26 17:31:30.0016 5432 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/26 17:31:30.0047 5432 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/26 17:31:30.0079 5432 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/26 17:31:30.0141 5432 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/26 17:31:30.0203 5432 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/26 17:31:30.0266 5432 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/26 17:31:30.0297 5432 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/26 17:31:30.0328 5432 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/08/26 17:31:30.0344 5432 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/26 17:31:30.0375 5432 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/08/26 17:31:30.0453 5432 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/08/26 17:31:30.0500 5432 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/26 17:31:30.0547 5432 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys 2011/08/26 17:31:30.0593 5432 RTSTOR (6e7f2054faedbe766034aa8a185213ec) C:\Windows\system32\drivers\RTSTOR.SYS 2011/08/26 17:31:30.0625 5432 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/08/26 17:31:30.0671 5432 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/08/26 17:31:30.0703 5432 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/08/26 17:31:30.0734 5432 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/08/26 17:31:30.0765 5432 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/08/26 17:31:30.0796 5432 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/08/26 17:31:30.0827 5432 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/26 17:31:30.0843 5432 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/26 17:31:30.0874 5432 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/08/26 17:31:30.0905 5432 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/08/26 17:31:30.0937 5432 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/08/26 17:31:30.0968 5432 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/08/26 17:31:31.0030 5432 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/08/26 17:31:31.0061 5432 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/08/26 17:31:31.0108 5432 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys 2011/08/26 17:31:31.0108 5432 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b 2011/08/26 17:31:31.0124 5432 sptd - detected LockedFile.Multi.Generic (1) 2011/08/26 17:31:31.0186 5432 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/08/26 17:31:31.0233 5432 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/26 17:31:31.0249 5432 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/26 17:31:31.0311 5432 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/08/26 17:31:31.0373 5432 STHDA (9b33aa7f98d54747b486fe33d4903278) C:\Windows\system32\drivers\stwrt.sys 2011/08/26 17:31:31.0420 5432 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/08/26 17:31:31.0467 5432 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/08/26 17:31:31.0498 5432 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/08/26 17:31:31.0514 5432 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/08/26 17:31:31.0623 5432 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys 2011/08/26 17:31:31.0670 5432 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/26 17:31:31.0732 5432 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/26 17:31:31.0763 5432 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/08/26 17:31:31.0795 5432 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/08/26 17:31:31.0841 5432 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/26 17:31:31.0904 5432 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/08/26 17:31:31.0951 5432 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/26 17:31:31.0982 5432 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/08/26 17:31:32.0044 5432 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/26 17:31:32.0075 5432 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/08/26 17:31:32.0107 5432 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/26 17:31:32.0138 5432 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/26 17:31:32.0169 5432 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/08/26 17:31:32.0200 5432 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/08/26 17:31:32.0231 5432 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/08/26 17:31:32.0263 5432 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/08/26 17:31:32.0309 5432 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/26 17:31:32.0341 5432 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/08/26 17:31:32.0387 5432 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/08/26 17:31:32.0434 5432 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/26 17:31:32.0465 5432 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/08/26 17:31:32.0497 5432 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 2011/08/26 17:31:32.0528 5432 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/08/26 17:31:32.0559 5432 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/08/26 17:31:32.0621 5432 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/08/26 17:31:32.0653 5432 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/26 17:31:32.0684 5432 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/08/26 17:31:32.0715 5432 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/08/26 17:31:32.0731 5432 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/08/26 17:31:32.0762 5432 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/08/26 17:31:32.0793 5432 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/08/26 17:31:32.0855 5432 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/08/26 17:31:32.0918 5432 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/08/26 17:31:32.0949 5432 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/08/26 17:31:32.0996 5432 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/08/26 17:31:33.0027 5432 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/26 17:31:33.0058 5432 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/26 17:31:33.0089 5432 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/08/26 17:31:33.0136 5432 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/26 17:31:33.0214 5432 whfltr2k (97d0d27a87622154bc90b92d84fd91b5) C:\Windows\system32\DRIVERS\whfltr2k.sys 2011/08/26 17:31:33.0277 5432 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/26 17:31:33.0308 5432 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/26 17:31:33.0370 5432 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/26 17:31:33.0417 5432 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 2011/08/26 17:31:33.0433 5432 Boot (0x1200) (35c4afef19698296dbc52f510f770bab) \Device\Harddisk0\DR0\Partition0 2011/08/26 17:31:33.0479 5432 Boot (0x1200) (7631820c3463c162e5476b96d9335ac6) \Device\Harddisk0\DR0\Partition1 2011/08/26 17:31:33.0479 5432 ================================================================================ 2011/08/26 17:31:33.0479 5432 Scan finished 2011/08/26 17:31:33.0479 5432 ================================================================================ 2011/08/26 17:31:33.0495 4644 Detected object count: 1 2011/08/26 17:31:33.0495 4644 Actual detected object count: 1 2011/08/26 17:34:36.0906 4644 LockedFile.Multi.Generic(sptd) - User select action: Skip 2011/08/26 17:35:26.0499 4416 ================================================================================ 2011/08/26 17:35:26.0499 4416 Scan started 2011/08/26 17:35:26.0499 4416 Mode: Manual; 2011/08/26 17:35:26.0499 4416 ================================================================================ 2011/08/26 17:35:26.0889 4416 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/08/26 17:35:26.0967 4416 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/08/26 17:35:26.0998 4416 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/08/26 17:35:27.0029 4416 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/08/26 17:35:27.0060 4416 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/08/26 17:35:27.0123 4416 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 2011/08/26 17:35:27.0185 4416 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys 2011/08/26 17:35:27.0216 4416 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/08/26 17:35:27.0247 4416 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/08/26 17:35:27.0279 4416 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/08/26 17:35:27.0310 4416 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/08/26 17:35:27.0325 4416 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/08/26 17:35:27.0357 4416 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/08/26 17:35:27.0372 4416 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/08/26 17:35:27.0435 4416 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/08/26 17:35:27.0466 4416 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/08/26 17:35:27.0513 4416 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/26 17:35:27.0559 4416 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/08/26 17:35:27.0669 4416 atikmdag (932481db5f321e7bd56d3d7baa1fb3c3) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/26 17:35:27.0731 4416 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys 2011/08/26 17:35:27.0809 4416 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/08/26 17:35:27.0856 4416 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/08/26 17:35:27.0887 4416 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys 2011/08/26 17:35:27.0934 4416 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/08/26 17:35:27.0981 4416 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/08/26 17:35:28.0027 4416 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/26 17:35:28.0043 4416 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/08/26 17:35:28.0090 4416 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/08/26 17:35:28.0121 4416 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/08/26 17:35:28.0152 4416 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/08/26 17:35:28.0168 4416 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/08/26 17:35:28.0199 4416 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/08/26 17:35:28.0246 4416 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/08/26 17:35:28.0277 4416 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/08/26 17:35:28.0324 4416 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/08/26 17:35:28.0371 4416 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 2011/08/26 17:35:28.0433 4416 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 2011/08/26 17:35:28.0480 4416 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys 2011/08/26 17:35:28.0495 4416 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys 2011/08/26 17:35:28.0511 4416 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/08/26 17:35:28.0542 4416 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/26 17:35:28.0605 4416 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/08/26 17:35:28.0636 4416 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/08/26 17:35:28.0698 4416 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/08/26 17:35:28.0761 4416 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/08/26 17:35:28.0776 4416 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/08/26 17:35:28.0792 4416 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/08/26 17:35:28.0807 4416 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/08/26 17:35:28.0839 4416 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/08/26 17:35:28.0901 4416 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 2011/08/26 17:35:28.0979 4416 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/08/26 17:35:29.0041 4416 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/08/26 17:35:29.0119 4416 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/26 17:35:29.0166 4416 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/08/26 17:35:29.0229 4416 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/08/26 17:35:29.0275 4416 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/08/26 17:35:29.0322 4416 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/08/26 17:35:29.0400 4416 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/08/26 17:35:29.0463 4416 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/08/26 17:35:29.0478 4416 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/08/26 17:35:29.0509 4416 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/08/26 17:35:29.0541 4416 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/08/26 17:35:29.0556 4416 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/08/26 17:35:29.0619 4416 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/08/26 17:35:29.0665 4416 fspad_wlh32 (8f8bcd8a0c98e1b2847f6dfec1696d9d) C:\Windows\system32\DRIVERS\fspad_wlh32.sys 2011/08/26 17:35:29.0697 4416 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/26 17:35:29.0712 4416 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/08/26 17:35:29.0806 4416 hcw95bda (22854653e20a005083e49f699dd311aa) C:\Windows\system32\Drivers\hcw95bda.sys 2011/08/26 17:35:29.0837 4416 hcw95rc (932bb28da599f3bd4a00855493d7fa1d) C:\Windows\system32\DRIVERS\hcw95rc.sys 2011/08/26 17:35:29.0899 4416 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 2011/08/26 17:35:29.0962 4416 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/08/26 17:35:30.0009 4416 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/08/26 17:35:30.0024 4416 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/08/26 17:35:30.0087 4416 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/08/26 17:35:30.0118 4416 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/08/26 17:35:30.0196 4416 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/08/26 17:35:30.0258 4416 hwdatacard (1720966d9c7ea5e2d78b6db92d2f9171) C:\Windows\system32\DRIVERS\ewusbmdm.sys 2011/08/26 17:35:30.0305 4416 hwpsgt (a439ebd90afdb1f516c875b9b317832f) C:\Windows\system32\DRIVERS\hwpsgt.sys 2011/08/26 17:35:30.0321 4416 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/08/26 17:35:30.0352 4416 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/08/26 17:35:30.0383 4416 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/08/26 17:35:30.0414 4416 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/08/26 17:35:30.0445 4416 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/08/26 17:35:30.0477 4416 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/08/26 17:35:30.0508 4416 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/26 17:35:30.0555 4416 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/08/26 17:35:30.0586 4416 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/08/26 17:35:30.0617 4416 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/08/26 17:35:30.0648 4416 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/08/26 17:35:30.0711 4416 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/08/26 17:35:30.0726 4416 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/08/26 17:35:30.0757 4416 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/08/26 17:35:30.0773 4416 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/08/26 17:35:30.0851 4416 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/08/26 17:35:30.0913 4416 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/26 17:35:30.0976 4416 lemsgt (057da656166893842dd401c25a058c4e) C:\Windows\system32\DRIVERS\lemsgt.sys 2011/08/26 17:35:31.0007 4416 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys 2011/08/26 17:35:31.0054 4416 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/26 17:35:31.0101 4416 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/08/26 17:35:31.0132 4416 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/08/26 17:35:31.0147 4416 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/08/26 17:35:31.0179 4416 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/08/26 17:35:31.0225 4416 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\Windows\system32\drivers\mbamswissarmy.sys 2011/08/26 17:35:31.0272 4416 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/08/26 17:35:31.0319 4416 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/08/26 17:35:31.0350 4416 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/08/26 17:35:31.0381 4416 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/26 17:35:31.0397 4416 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/08/26 17:35:31.0428 4416 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/26 17:35:31.0459 4416 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/08/26 17:35:31.0475 4416 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/08/26 17:35:31.0506 4416 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/26 17:35:31.0537 4416 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/08/26 17:35:31.0600 4416 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/08/26 17:35:31.0647 4416 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/26 17:35:31.0678 4416 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/26 17:35:31.0709 4416 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/26 17:35:31.0756 4416 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys 2011/08/26 17:35:31.0803 4416 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/08/26 17:35:31.0834 4416 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/08/26 17:35:31.0865 4416 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/08/26 17:35:31.0896 4416 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/26 17:35:31.0912 4416 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/26 17:35:31.0943 4416 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/08/26 17:35:32.0005 4416 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/08/26 17:35:32.0021 4416 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/08/26 17:35:32.0052 4416 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/08/26 17:35:32.0068 4416 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/08/26 17:35:32.0130 4416 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/26 17:35:32.0193 4416 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/08/26 17:35:32.0224 4416 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/26 17:35:32.0239 4416 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/26 17:35:32.0302 4416 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/26 17:35:32.0333 4416 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/08/26 17:35:32.0364 4416 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/26 17:35:32.0427 4416 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/26 17:35:32.0520 4416 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys 2011/08/26 17:35:32.0614 4416 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys 2011/08/26 17:35:32.0645 4416 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/08/26 17:35:32.0707 4416 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/08/26 17:35:32.0739 4416 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/26 17:35:32.0817 4416 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/08/26 17:35:32.0848 4416 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/08/26 17:35:32.0895 4416 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/08/26 17:35:32.0926 4416 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/08/26 17:35:32.0957 4416 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/08/26 17:35:32.0988 4416 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/08/26 17:35:33.0051 4416 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 2011/08/26 17:35:33.0097 4416 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/08/26 17:35:33.0160 4416 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/08/26 17:35:33.0191 4416 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/08/26 17:35:33.0269 4416 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/08/26 17:35:33.0300 4416 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/08/26 17:35:33.0331 4416 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/08/26 17:35:33.0378 4416 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/08/26 17:35:33.0456 4416 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/26 17:35:33.0487 4416 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/08/26 17:35:33.0565 4416 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/26 17:35:33.0612 4416 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/08/26 17:35:33.0659 4416 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/08/26 17:35:33.0675 4416 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/26 17:35:33.0706 4416 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/26 17:35:33.0753 4416 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/26 17:35:33.0815 4416 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/26 17:35:33.0877 4416 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/26 17:35:33.0940 4416 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/26 17:35:33.0971 4416 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/26 17:35:34.0002 4416 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/08/26 17:35:34.0018 4416 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/26 17:35:34.0049 4416 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/08/26 17:35:34.0143 4416 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/08/26 17:35:34.0174 4416 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/26 17:35:34.0205 4416 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys 2011/08/26 17:35:34.0236 4416 RTSTOR (6e7f2054faedbe766034aa8a185213ec) C:\Windows\system32\drivers\RTSTOR.SYS 2011/08/26 17:35:34.0267 4416 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/08/26 17:35:34.0314 4416 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/08/26 17:35:34.0345 4416 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/08/26 17:35:34.0377 4416 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/08/26 17:35:34.0408 4416 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/08/26 17:35:34.0439 4416 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/08/26 17:35:34.0470 4416 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/26 17:35:34.0486 4416 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/26 17:35:34.0517 4416 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/08/26 17:35:34.0548 4416 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/08/26 17:35:34.0579 4416 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/08/26 17:35:34.0611 4416 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/08/26 17:35:34.0657 4416 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/08/26 17:35:34.0704 4416 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/08/26 17:35:34.0751 4416 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys 2011/08/26 17:35:34.0751 4416 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b 2011/08/26 17:35:34.0767 4416 sptd - detected LockedFile.Multi.Generic (1) 2011/08/26 17:35:34.0829 4416 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/08/26 17:35:34.0860 4416 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/26 17:35:34.0907 4416 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/26 17:35:34.0969 4416 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/08/26 17:35:35.0016 4416 STHDA (9b33aa7f98d54747b486fe33d4903278) C:\Windows\system32\drivers\stwrt.sys 2011/08/26 17:35:35.0063 4416 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/08/26 17:35:35.0094 4416 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/08/26 17:35:35.0110 4416 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/08/26 17:35:35.0141 4416 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/08/26 17:35:35.0203 4416 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys 2011/08/26 17:35:35.0250 4416 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/26 17:35:35.0313 4416 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/26 17:35:35.0344 4416 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/08/26 17:35:35.0359 4416 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/08/26 17:35:35.0422 4416 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/26 17:35:35.0484 4416 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/08/26 17:35:35.0609 4416 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/26 17:35:35.0703 4416 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/08/26 17:35:35.0765 4416 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/26 17:35:35.0796 4416 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/08/26 17:35:35.0843 4416 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/26 17:35:35.0890 4416 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/26 17:35:35.0921 4416 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/08/26 17:35:35.0952 4416 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/08/26 17:35:35.0983 4416 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/08/26 17:35:36.0015 4416 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/08/26 17:35:36.0061 4416 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/26 17:35:36.0093 4416 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/08/26 17:35:36.0124 4416 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/08/26 17:35:36.0186 4416 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/26 17:35:36.0202 4416 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/08/26 17:35:36.0233 4416 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 2011/08/26 17:35:36.0264 4416 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/08/26 17:35:36.0280 4416 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/08/26 17:35:36.0327 4416 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/08/26 17:35:36.0358 4416 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/26 17:35:36.0389 4416 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/08/26 17:35:36.0405 4416 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/08/26 17:35:36.0436 4416 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/08/26 17:35:36.0451 4416 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/08/26 17:35:36.0483 4416 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/08/26 17:35:36.0545 4416 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/08/26 17:35:36.0607 4416 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/08/26 17:35:36.0654 4416 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/08/26 17:35:36.0685 4416 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/08/26 17:35:36.0717 4416 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/26 17:35:36.0732 4416 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/26 17:35:36.0763 4416 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/08/26 17:35:36.0810 4416 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/26 17:35:36.0873 4416 whfltr2k (97d0d27a87622154bc90b92d84fd91b5) C:\Windows\system32\DRIVERS\whfltr2k.sys 2011/08/26 17:35:36.0935 4416 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/26 17:35:36.0982 4416 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/26 17:35:37.0044 4416 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/26 17:35:37.0091 4416 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 2011/08/26 17:35:37.0107 4416 Boot (0x1200) (35c4afef19698296dbc52f510f770bab) \Device\Harddisk0\DR0\Partition0 2011/08/26 17:35:37.0138 4416 Boot (0x1200) (7631820c3463c162e5476b96d9335ac6) \Device\Harddisk0\DR0\Partition1 2011/08/26 17:35:37.0153 4416 ================================================================================ 2011/08/26 17:35:37.0153 4416 Scan finished 2011/08/26 17:35:37.0153 4416 ================================================================================ 2011/08/26 17:35:37.0153 5852 Detected object count: 1 2011/08/26 17:35:37.0153 5852 Actual detected object count: 1 2011/08/26 17:37:44.0573 5852 LockedFile.Multi.Generic(sptd) - User select action: Skip 2011/08/26 17:39:59.0769 5020 ================================================================================ 2011/08/26 17:39:59.0769 5020 Scan started 2011/08/26 17:39:59.0769 5020 Mode: Manual; 2011/08/26 17:39:59.0769 5020 ================================================================================ 2011/08/26 17:40:00.0315 5020 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/08/26 17:40:00.0408 5020 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/08/26 17:40:00.0455 5020 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/08/26 17:40:00.0486 5020 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/08/26 17:40:00.0518 5020 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/08/26 17:40:00.0580 5020 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 2011/08/26 17:40:00.0642 5020 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys 2011/08/26 17:40:00.0689 5020 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/08/26 17:40:00.0720 5020 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/08/26 17:40:00.0752 5020 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/08/26 17:40:00.0783 5020 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/08/26 17:40:00.0798 5020 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/08/26 17:40:00.0845 5020 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/08/26 17:40:00.0876 5020 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/08/26 17:40:00.0939 5020 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/08/26 17:40:00.0970 5020 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/08/26 17:40:01.0001 5020 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/26 17:40:01.0064 5020 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/08/26 17:40:01.0173 5020 atikmdag (932481db5f321e7bd56d3d7baa1fb3c3) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/26 17:40:01.0235 5020 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys 2011/08/26 17:40:01.0329 5020 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/08/26 17:40:01.0360 5020 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/08/26 17:40:01.0407 5020 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys 2011/08/26 17:40:01.0454 5020 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/08/26 17:40:01.0485 5020 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/08/26 17:40:01.0532 5020 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/26 17:40:01.0563 5020 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/08/26 17:40:01.0594 5020 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/08/26 17:40:01.0610 5020 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/08/26 17:40:01.0641 5020 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/08/26 17:40:01.0656 5020 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/08/26 17:40:01.0688 5020 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/08/26 17:40:01.0766 5020 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/08/26 17:40:01.0781 5020 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/08/26 17:40:01.0828 5020 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/08/26 17:40:01.0890 5020 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 2011/08/26 17:40:01.0984 5020 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 2011/08/26 17:40:02.0046 5020 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys 2011/08/26 17:40:02.0078 5020 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys 2011/08/26 17:40:02.0109 5020 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/08/26 17:40:02.0156 5020 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/26 17:40:02.0218 5020 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/08/26 17:40:02.0249 5020 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/08/26 17:40:02.0327 5020 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/08/26 17:40:02.0390 5020 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/08/26 17:40:02.0405 5020 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/08/26 17:40:02.0436 5020 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/08/26 17:40:02.0452 5020 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/08/26 17:40:02.0483 5020 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/08/26 17:40:02.0561 5020 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 2011/08/26 17:40:02.0624 5020 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/08/26 17:40:02.0686 5020 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/08/26 17:40:02.0748 5020 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/26 17:40:02.0795 5020 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/08/26 17:40:02.0858 5020 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/08/26 17:40:02.0936 5020 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/08/26 17:40:02.0982 5020 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/08/26 17:40:03.0060 5020 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/08/26 17:40:03.0107 5020 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/08/26 17:40:03.0123 5020 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/08/26 17:40:03.0154 5020 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/08/26 17:40:03.0185 5020 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/08/26 17:40:03.0216 5020 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/08/26 17:40:03.0279 5020 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/08/26 17:40:03.0310 5020 fspad_wlh32 (8f8bcd8a0c98e1b2847f6dfec1696d9d) C:\Windows\system32\DRIVERS\fspad_wlh32.sys 2011/08/26 17:40:03.0341 5020 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/26 17:40:03.0388 5020 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/08/26 17:40:03.0466 5020 hcw95bda (22854653e20a005083e49f699dd311aa) C:\Windows\system32\Drivers\hcw95bda.sys 2011/08/26 17:40:03.0497 5020 hcw95rc (932bb28da599f3bd4a00855493d7fa1d) C:\Windows\system32\DRIVERS\hcw95rc.sys 2011/08/26 17:40:03.0560 5020 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 2011/08/26 17:40:03.0638 5020 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/08/26 17:40:03.0669 5020 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/08/26 17:40:03.0700 5020 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/08/26 17:40:03.0762 5020 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/08/26 17:40:03.0794 5020 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/08/26 17:40:03.0856 5020 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/08/26 17:40:03.0918 5020 hwdatacard (1720966d9c7ea5e2d78b6db92d2f9171) C:\Windows\system32\DRIVERS\ewusbmdm.sys 2011/08/26 17:40:03.0981 5020 hwpsgt (a439ebd90afdb1f516c875b9b317832f) C:\Windows\system32\DRIVERS\hwpsgt.sys 2011/08/26 17:40:04.0012 5020 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/08/26 17:40:04.0043 5020 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/08/26 17:40:04.0090 5020 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/08/26 17:40:04.0121 5020 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/08/26 17:40:04.0168 5020 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/08/26 17:40:04.0199 5020 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/08/26 17:40:04.0215 5020 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/26 17:40:04.0262 5020 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/08/26 17:40:04.0293 5020 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/08/26 17:40:04.0324 5020 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/08/26 17:40:04.0355 5020 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/08/26 17:40:04.0418 5020 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/08/26 17:40:04.0449 5020 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/08/26 17:40:04.0480 5020 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/08/26 17:40:04.0496 5020 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/08/26 17:40:04.0558 5020 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/08/26 17:40:04.0636 5020 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/26 17:40:04.0698 5020 lemsgt (057da656166893842dd401c25a058c4e) C:\Windows\system32\DRIVERS\lemsgt.sys 2011/08/26 17:40:04.0745 5020 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys 2011/08/26 17:40:04.0776 5020 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/26 17:40:04.0808 5020 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/08/26 17:40:04.0854 5020 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/08/26 17:40:04.0886 5020 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/08/26 17:40:04.0917 5020 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/08/26 17:40:04.0979 5020 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\Windows\system32\drivers\mbamswissarmy.sys 2011/08/26 17:40:05.0026 5020 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/08/26 17:40:05.0057 5020 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/08/26 17:40:05.0104 5020 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/08/26 17:40:05.0135 5020 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/26 17:40:05.0151 5020 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/08/26 17:40:05.0182 5020 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/26 17:40:05.0213 5020 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/08/26 17:40:05.0260 5020 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/08/26 17:40:05.0291 5020 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/26 17:40:05.0322 5020 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/08/26 17:40:05.0385 5020 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/08/26 17:40:05.0432 5020 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/26 17:40:05.0463 5020 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/26 17:40:05.0494 5020 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/26 17:40:05.0572 5020 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys 2011/08/26 17:40:05.0603 5020 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/08/26 17:40:05.0650 5020 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/08/26 17:40:05.0666 5020 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/08/26 17:40:05.0712 5020 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/26 17:40:05.0728 5020 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/26 17:40:05.0759 5020 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/08/26 17:40:05.0822 5020 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/08/26 17:40:05.0853 5020 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/08/26 17:40:05.0868 5020 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/08/26 17:40:05.0884 5020 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/08/26 17:40:05.0962 5020 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/26 17:40:05.0993 5020 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/08/26 17:40:06.0040 5020 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/26 17:40:06.0071 5020 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/26 17:40:06.0118 5020 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/26 17:40:06.0165 5020 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/08/26 17:40:06.0180 5020 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/26 17:40:06.0243 5020 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/26 17:40:06.0336 5020 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys 2011/08/26 17:40:06.0430 5020 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys 2011/08/26 17:40:06.0477 5020 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/08/26 17:40:06.0555 5020 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/08/26 17:40:06.0664 5020 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/26 17:40:06.0758 5020 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/08/26 17:40:06.0804 5020 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/08/26 17:40:06.0836 5020 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/08/26 17:40:06.0867 5020 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/08/26 17:40:06.0898 5020 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/08/26 17:40:06.0929 5020 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/08/26 17:40:06.0992 5020 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 2011/08/26 17:40:07.0054 5020 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/08/26 17:40:07.0116 5020 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/08/26 17:40:07.0148 5020 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/08/26 17:40:07.0210 5020 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/08/26 17:40:07.0241 5020 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/08/26 17:40:07.0272 5020 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/08/26 17:40:07.0319 5020 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/08/26 17:40:07.0397 5020 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/26 17:40:07.0428 5020 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/08/26 17:40:07.0506 5020 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/26 17:40:07.0553 5020 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/08/26 17:40:07.0584 5020 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/08/26 17:40:07.0616 5020 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/26 17:40:07.0647 5020 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/26 17:40:07.0662 5020 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/26 17:40:07.0740 5020 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/26 17:40:07.0803 5020 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/26 17:40:07.0865 5020 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/26 17:40:07.0896 5020 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/26 17:40:07.0928 5020 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/08/26 17:40:07.0959 5020 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/26 17:40:08.0006 5020 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/08/26 17:40:08.0084 5020 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/08/26 17:40:08.0115 5020 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/26 17:40:08.0162 5020 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys 2011/08/26 17:40:08.0177 5020 RTSTOR (6e7f2054faedbe766034aa8a185213ec) C:\Windows\system32\drivers\RTSTOR.SYS 2011/08/26 17:40:08.0224 5020 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/08/26 17:40:08.0271 5020 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/08/26 17:40:08.0302 5020 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/08/26 17:40:08.0333 5020 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/08/26 17:40:08.0364 5020 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/08/26 17:40:08.0427 5020 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/08/26 17:40:08.0458 5020 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/26 17:40:08.0489 5020 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/26 17:40:08.0536 5020 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/08/26 17:40:08.0567 5020 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/08/26 17:40:08.0598 5020 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/08/26 17:40:08.0630 5020 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/08/26 17:40:08.0692 5020 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/08/26 17:40:08.0723 5020 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/08/26 17:40:08.0786 5020 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys 2011/08/26 17:40:08.0786 5020 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b 2011/08/26 17:40:08.0786 5020 sptd - detected LockedFile.Multi.Generic (1) 2011/08/26 17:40:08.0864 5020 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/08/26 17:40:08.0895 5020 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/26 17:40:08.0942 5020 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/26 17:40:09.0020 5020 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/08/26 17:40:09.0082 5020 STHDA (9b33aa7f98d54747b486fe33d4903278) C:\Windows\system32\drivers\stwrt.sys 2011/08/26 17:40:09.0129 5020 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/08/26 17:40:09.0160 5020 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/08/26 17:40:09.0191 5020 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/08/26 17:40:09.0222 5020 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/08/26 17:40:09.0300 5020 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys 2011/08/26 17:40:09.0363 5020 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/26 17:40:09.0425 5020 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/26 17:40:09.0456 5020 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/08/26 17:40:09.0472 5020 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/08/26 17:40:09.0534 5020 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/26 17:40:09.0581 5020 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/08/26 17:40:09.0644 5020 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/26 17:40:09.0675 5020 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/08/26 17:40:09.0737 5020 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/26 17:40:09.0768 5020 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/08/26 17:40:09.0800 5020 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/26 17:40:09.0831 5020 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/26 17:40:09.0862 5020 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/08/26 17:40:09.0893 5020 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/08/26 17:40:09.0924 5020 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/08/26 17:40:09.0956 5020 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/08/26 17:40:10.0002 5020 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/26 17:40:10.0065 5020 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/08/26 17:40:10.0096 5020 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/08/26 17:40:10.0158 5020 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/26 17:40:10.0190 5020 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/08/26 17:40:10.0205 5020 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 2011/08/26 17:40:10.0236 5020 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/08/26 17:40:10.0252 5020 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/08/26 17:40:10.0283 5020 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/08/26 17:40:10.0330 5020 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/26 17:40:10.0361 5020 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/08/26 17:40:10.0392 5020 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/08/26 17:40:10.0408 5020 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/08/26 17:40:10.0455 5020 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/08/26 17:40:10.0486 5020 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/08/26 17:40:10.0548 5020 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/08/26 17:40:10.0626 5020 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/08/26 17:40:10.0673 5020 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/08/26 17:40:10.0704 5020 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/08/26 17:40:10.0736 5020 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/26 17:40:10.0751 5020 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/26 17:40:10.0798 5020 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/08/26 17:40:10.0829 5020 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/26 17:40:10.0907 5020 whfltr2k (97d0d27a87622154bc90b92d84fd91b5) C:\Windows\system32\DRIVERS\whfltr2k.sys 2011/08/26 17:40:10.0970 5020 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/26 17:40:11.0048 5020 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/26 17:40:11.0079 5020 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/26 17:40:11.0126 5020 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 2011/08/26 17:40:11.0141 5020 Boot (0x1200) (35c4afef19698296dbc52f510f770bab) \Device\Harddisk0\DR0\Partition0 2011/08/26 17:40:11.0172 5020 Boot (0x1200) (7631820c3463c162e5476b96d9335ac6) \Device\Harddisk0\DR0\Partition1 2011/08/26 17:40:11.0172 5020 ================================================================================ 2011/08/26 17:40:11.0172 5020 Scan finished 2011/08/26 17:40:11.0172 5020 ================================================================================ 2011/08/26 17:40:11.0188 4060 Detected object count: 1 2011/08/26 17:40:11.0188 4060 Actual detected object count: 1 2011/08/26 17:41:55.0990 4060 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot 2011/08/26 17:41:56.0052 4060 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted after reboot 2011/08/26 17:41:56.0083 4060 C:\Windows\system32\Drivers\sptd.sys - will be deleted after reboot 2011/08/26 17:41:56.0083 4060 LockedFile.Multi.Generic(sptd) - User select action: Delete |
|
26.08.2011, 19:04
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Facebook Virus. (bist du das auf dem Foto .........) Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ |
|
26.08.2011, 20:43
| #33 |
| | Facebook Virus. (bist du das auf dem Foto .........) Combofix Logfile:
__________________Code:
ATTFilter ComboFix 11-08-26.04 - Peter 26.08.2011 21:18:39.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.1905 [GMT 2:00]
ausgeführt von:: c:\users\Annika\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-07-26 bis 2011-08-26 ))))))))))))))))))))))))))))))
.
.
2011-08-26 19:24 . 2011-08-26 19:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-26 19:24 . 2011-08-26 19:24 -------- d-----w- c:\users\Peter Reuter\AppData\Local\temp
2011-08-25 19:52 . 2011-08-25 19:52 -------- d-----w- C:\_OTL
2011-08-24 16:23 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-23 17:00 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{57AD0A0B-29F4-48CA-987D-D3709754657A}\mpengine.dll
2011-08-17 13:41 . 2011-08-17 13:41 -------- d-----w- c:\users\Annika\AppData\Roaming\Malwarebytes
2011-08-17 13:05 . 2011-08-17 13:05 -------- d-----w- c:\users\Peter \AppData\Roaming\Malwarebytes
2011-08-17 13:05 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-17 13:05 . 2011-08-17 13:05 -------- d-----w- c:\programdata\Malwarebytes
2011-08-17 13:05 . 2011-08-17 13:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-17 13:05 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-14 17:30 . 2011-08-22 18:49 -------- d-----w- c:\users\Annika\Tracing
2011-08-14 17:30 . 2011-08-17 05:03 -------- d-sh--r- c:\users\Annika\M-1-54-6324-575-5275
2011-08-14 11:25 . 2011-08-14 11:25 766976 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-08-10 11:47 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 11:47 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-10 11:47 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-10 11:47 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-10 11:47 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 11:47 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-29 11:27 . 2009-08-14 23:14 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-29 11:27 . 2009-08-14 23:14 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-02 13:34 . 2011-07-12 18:52 2043392 ----a-w- c:\windows\system32\win32k.sys
2010-09-02 09:44 . 2009-01-16 17:10 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-04-10 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"fspuip"="c:\program files\FSP\fspuip.exe" [2007-09-13 352256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"GnabTray"="c:\program files\Common Files\Gnab\Service\GnabTray.exe" [2007-04-13 327680]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-02 30192]
"toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2007-03-11 86016]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-08-15 281768]
"SigmatelSysTrayApp"="sttray.exe" [2007-07-27 405504]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\users\Peter Reuter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft SharePoint Workspace.lnk - c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2009-5-19 110647]
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GOEC62~1.DLL
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2008-09-09 562176]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2008-09-09 15616]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2011-08-15 340136]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-08-15 136360]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-08-15 428200]
S2 GnabService;GnabService;c:\program files\common files\gnab\service\servicecontroller.exe [2007-04-13 36864]
S2 WTGService;WTGService;c:\program files\Verbindungsassistent\wtgservice.exe [2010-07-18 329168]
S3 fspad_wlh32;AVC Finger-sensing Pad Driver for Windows 2000/XP/Vista_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [2007-09-13 24064]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 55836260
*Deregistered* - 55836260
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to MP3 Converter - c:\users\Peter Reuter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: Interfaces\{8374E2D9-7FAB-4E10-8FCB-3B6386BC6DCA}: NameServer = 62.220.18.8 89.246.64.8
FF - ProfilePath - c:\users\Peter Reuter\AppData\Roaming\Mozilla\Firefox\Profiles\s6t96755.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage -
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-55836260.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-08-26 21:24
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2276)
c:\advanced wheel mouse\wh_hook.dll
c:\windows\system32\btmmhook.dll
.
Zeit der Fertigstellung: 2011-08-26 21:28:58
ComboFix-quarantined-files.txt 2011-08-26 19:28
.
Vor Suchlauf: 9 Verzeichnis(se), 155.998.011.392 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 155.959.119.872 Bytes frei
.
- - End Of File - - 52199AAA4B2284A5A948EFE5666D3796
|
|
27.08.2011, 09:54
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook Virus. (bist du das auf dem Foto .........) Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter Folder::
c:\users\Annika\M-1-54-6324-575-5275
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.08.2011, 12:59
| #35 |
| | Facebook Virus. (bist du das auf dem Foto .........) Combofix Logfile: Code:
ATTFilter ComboFix 11-08-27.01 - Peter Reuter 27.08.2011 12:59:32.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.1714 [GMT 2:00]
ausgeführt von:: c:\users\Annika\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Annika\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-07-27 bis 2011-08-27 ))))))))))))))))))))))))))))))
.
.
2011-08-27 11:05 . 2011-08-27 11:05 -------- d-----w- c:\users\Peter Reuter\AppData\Local\temp
2011-08-27 11:05 . 2011-08-27 11:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-27 08:36 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{814D4454-131E-47D3-9DA3-C55D2841196A}\mpengine.dll
2011-08-25 19:52 . 2011-08-25 19:52 -------- d-----w- C:\_OTL
2011-08-24 16:23 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-17 13:41 . 2011-08-17 13:41 -------- d-----w- c:\users\Annika\AppData\Roaming\Malwarebytes
2011-08-17 13:05 . 2011-08-17 13:05 -------- d-----w- c:\users\Peter Reuter\AppData\Roaming\Malwarebytes
2011-08-17 13:05 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-17 13:05 . 2011-08-17 13:05 -------- d-----w- c:\programdata\Malwarebytes
2011-08-17 13:05 . 2011-08-17 13:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-17 13:05 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-14 17:30 . 2011-08-22 18:49 -------- d-----w- c:\users\Annika\Tracing
2011-08-14 17:30 . 2011-08-17 05:03 -------- d-sh--r- c:\users\Annika\M-1-54-6324-575-5275
2011-08-14 11:25 . 2011-08-14 11:25 766976 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-08-10 11:47 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 11:47 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-10 11:47 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-10 11:47 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-10 11:47 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 11:47 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-29 11:27 . 2009-08-14 23:14 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-29 11:27 . 2009-08-14 23:14 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-02 13:34 . 2011-07-12 18:52 2043392 ----a-w- c:\windows\system32\win32k.sys
2010-09-02 09:44 . 2009-01-16 17:10 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-04-10 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"fspuip"="c:\program files\FSP\fspuip.exe" [2007-09-13 352256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"GnabTray"="c:\program files\Common Files\Gnab\Service\GnabTray.exe" [2007-04-13 327680]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-02 30192]
"toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2007-03-11 86016]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-08-15 281768]
"SigmatelSysTrayApp"="sttray.exe" [2007-07-27 405504]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\users\Peter Reuter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft SharePoint Workspace.lnk - c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2009-5-19 110647]
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GOEC62~1.DLL
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2008-09-09 562176]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2008-09-09 15616]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2011-08-15 340136]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-08-15 136360]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-08-15 428200]
S2 GnabService;GnabService;c:\program files\common files\gnab\service\servicecontroller.exe [2007-04-13 36864]
S2 WTGService;WTGService;c:\program files\Verbindungsassistent\wtgservice.exe [2010-07-18 329168]
S3 fspad_wlh32;AVC Finger-sensing Pad Driver for Windows 2000/XP/Vista_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [2007-09-13 24064]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to MP3 Converter - c:\users\Peter Reuter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: Interfaces\{8374E2D9-7FAB-4E10-8FCB-3B6386BC6DCA}: NameServer = 62.220.18.8 89.246.64.8
FF - ProfilePath - c:\users\Peter Reuter\AppData\Roaming\Mozilla\Firefox\Profiles\s6t96755.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage -
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: yahoo.homepage.dontask - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-08-27 13:05
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3688)
c:\advanced wheel mouse\wh_hook.dll
c:\windows\system32\btmmhook.dll
.
Zeit der Fertigstellung: 2011-08-27 13:09:54
ComboFix-quarantined-files.txt 2011-08-27 11:09
ComboFix2.txt 2011-08-26 19:28
.
Vor Suchlauf: 12 Verzeichnis(se), 154.637.099.008 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 154.598.858.752 Bytes frei
.
- - End Of File - - E8F9BF380CB731641B68F1F25597B3DF
|
|
28.08.2011, 12:52
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook Virus. (bist du das auf dem Foto .........) Bitte mal den Avenger anwenden: 1.) Lade Dir von hier Avenger: Swandog46's Public Anti-Malware Tools (Download, linksseitig) 2.) Entpack das zip-Archiv, führe die Datei "avenger.exe" aus (unter Vista per Rechtsklick => als Administrator ausführen). Die Haken unten wie abgebildet setzen:  3.) Kopiere Dir exakt die Zeilen aus dem folgenden Code-Feld: Code:
ATTFilter Folders to delete:
c:\users\Annika\M-1-54-6324-575-5275
5.) Der Code-Text hier aus meinem Beitrag müsste nun unter "Input Script here" in "The Avenger" zu sehen sein. 6.) Falls dem so ist, klick unten rechts auf "Execute". Bestätige die nächste Abfrage mit "Ja", die Frage zu "Reboot now" (Neustart des Systems) ebenso. 7.) Nach dem Neustart erhältst Du ein LogFile von Avenger eingeblendet. Kopiere dessen Inhalt und poste ihn hier. 8.) Die Datei c:\avenger\backup.zip bei File-Upload.net - Ihr kostenloser File Hoster! hochladen und hier verlinken
__________________ --> Facebook Virus. (bist du das auf dem Foto .........) |
|
28.08.2011, 13:54
| #37 |
| | Facebook Virus. (bist du das auf dem Foto .........) Logfile of The Avenger Version 2.0, (c) by Swandog46 hxxp://swandog46.geekstogo.com Platform: Windows Vista ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Folder "c:\users\Annika\M-1-54-6324-575-5275" deleted successfully. Completed script processing. ******************* Finished! Terminate. Hey, nur diese Datei :c:\avenger\backup.zip finde ich bei mir unter C nirgendwo. Da ist nur der Avenger Ordner der leer ist und der Logfile. lg annika Geändert von Annika2833 (28.08.2011 um 13:59 Uhr) |
|
28.08.2011, 15:27
| #38 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook Virus. (bist du das auf dem Foto .........) Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.08.2011, 18:54
| #39 |
| | Facebook Virus. (bist du das auf dem Foto .........) GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-08-28 19:52:47
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD3200BEVT-22ZCT0 rev.11.01A11
Running: o25mtnbo.exe; Driver: C:\Users\PETERR~1\AppData\Local\Temp\axddraow.sys
---- System - GMER 1.0.15 ----
SSDT 8CCD2E2E ZwCreateSection
SSDT 8CCD2E0B ZwLoadDriver
SSDT 8CCD2E33 ZwSetContextThread
SSDT 8CCD2E10 ZwSetSystemInformation
SSDT 8CCD2DCF ZwTerminateProcess
SSDT 8CCD2DCA ZwWriteVirtualMemory
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 215 820E9998 4 Bytes [2E, 2E, CD, 8C]
.text ntkrnlpa.exe!KeSetEvent + 37D 820E9B00 4 Bytes [0B, 2E, CD, 8C] {OR EBP, [ESI]; INT 0x8c}
.text ntkrnlpa.exe!KeSetEvent + 56D 820E9CF0 4 Bytes [33, 2E, CD, 8C] {XOR EBP, [ESI]; INT 0x8c}
.text ntkrnlpa.exe!KeSetEvent + 5DD 820E9D60 4 Bytes [10, 2E, CD, 8C] {ADC [ESI], CH; INT 0x8c}
.text ntkrnlpa.exe!KeSetEvent + 621 820E9DA4 4 Bytes [CF, 2D, CD, 8C]
.text ...
? system32\drivers\plndv.sys Das System kann den angegebenen Pfad nicht finden. !
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9CF29300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9CF91300, 0x1BEE, 0xE8000020]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00197edfb902
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e4cd05367
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00197edfb902 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e4cd05367 (not active ControlSet)
Reg HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@\24!s!y!f!c!`!j!t!f!t!t!e!d!c!s!f! 19583823
---- EOF - GMER 1.0.15 ----
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-08-28 19:57:07 ----------------------------- 19:57:07.916 OS Version: Windows 6.0.6002 Service Pack 2 19:57:07.916 Number of processors: 2 586 0x1706 19:57:07.916 ComputerName: PITTISNOTEBOOK UserName: Peter Reuter 19:57:09.492 Initialize success 19:58:30.257 AVAST engine defs: 11082800 19:58:55.387 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 19:58:55.387 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3 19:58:57.649 Disk 0 MBR read successfully 19:58:57.680 Disk 0 MBR scan 19:58:57.695 Disk 0 Windows VISTA default MBR code 19:58:57.758 Disk 0 scanning sectors +625139712 19:58:58.085 Disk 0 scanning C:\Windows\system32\drivers 20:00:16.865 Service scanning 20:00:18.254 Modules scanning 20:01:01.825 Disk 0 trace - called modules: 20:01:01.840 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys 20:01:01.840 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85978558] 20:01:01.856 3 CLASSPNP.SYS[8a7a68b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x856f08a0] 20:01:03.135 AVAST engine scan C:\Windows 20:01:21.122 AVAST engine scan C:\Windows\system32 20:08:25.785 AVAST engine scan C:\Windows\system32\drivers 20:08:42.165 AVAST engine scan C:\Users\Peter Reuter 20:12:12.117 AVAST engine scan C:\ProgramData 20:13:54.067 Scan finished successfully 20:20:59.747 Disk 0 MBR has been saved successfully to "C:\Users\Peter Reuter\Desktop\MBR.dat" 20:20:59.747 The log file has been saved successfully to "C:\Users\Peter Reuter\Desktop\aswMBR.txt" aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-08-28 19:57:07 ----------------------------- 19:57:07.916 OS Version: Windows 6.0.6002 Service Pack 2 19:57:07.916 Number of processors: 2 586 0x1706 19:57:07.916 ComputerName: PITTISNOTEBOOK UserName: Peter Reuter 19:57:09.492 Initialize success 19:58:30.257 AVAST engine defs: 11082800 19:58:55.387 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 19:58:55.387 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3 19:58:57.649 Disk 0 MBR read successfully 19:58:57.680 Disk 0 MBR scan 19:58:57.695 Disk 0 Windows VISTA default MBR code 19:58:57.758 Disk 0 scanning sectors +625139712 19:58:58.085 Disk 0 scanning C:\Windows\system32\drivers 20:00:16.865 Service scanning 20:00:18.254 Modules scanning 20:01:01.825 Disk 0 trace - called modules: 20:01:01.840 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys 20:01:01.840 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85978558] 20:01:01.856 3 CLASSPNP.SYS[8a7a68b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x856f08a0] 20:01:03.135 AVAST engine scan C:\Windows 20:01:21.122 AVAST engine scan C:\Windows\system32 20:08:25.785 AVAST engine scan C:\Windows\system32\drivers 20:08:42.165 AVAST engine scan C:\Users\Peter Reuter 20:12:12.117 AVAST engine scan C:\ProgramData 20:13:54.067 Scan finished successfully 20:20:59.747 Disk 0 MBR has been saved successfully to "C:\Users\Peter Reuter\Desktop\MBR.dat" 20:20:59.747 The log file has been saved successfully to "C:\Users\Peter Reuter\Desktop\aswMBR.txt" 20:22:46.296 Disk 0 MBR has been saved successfully to "C:\Users\Peter Reuter\Documents\MBR.dat" 20:22:46.312 The log file has been saved successfully to "C:\Users\Peter Reuter\Documents\aswMBR.txt" 20:23:49.523 Disk 0 MBR has been saved successfully to "C:\Users\Peter Reuter\Documents\DVDVideoSoft\MBR.dat" 20:23:49.539 The log file has been saved successfully to "C:\Users\Peter Reuter\Documents\DVDVideoSoft\aswMBR.txt" 20:25:27.866 Disk 0 MBR has been saved successfully to "C:\Users\Peter Reuter\Desktop\MBR.dat" 20:25:27.882 The log file has been saved successfully to "C:\Users\Peter Reuter\Desktop\aswMBR.txt" Sobald ich OSAm runterladen will bleibt mein rechner irgendwie immer hängen. Geändert von Annika2833 (28.08.2011 um 19:29 Uhr) |
|
28.08.2011, 19:59
| #40 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook Virus. (bist du das auf dem Foto .........)Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.08.2011, 11:24
| #41 |
| | Facebook Virus. (bist du das auf dem Foto .........) Ne beim Runterladen. Das ich vorher ein programm zum entpacken brauch das weiß ich ja das habe ich mir auch besorgt. Aber beim öffnen der Datei bleibt mein pc dann immer hängen |
|
29.08.2011, 12:04
| #42 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook Virus. (bist du das auf dem Foto .........)Zitat:
Nimm zum Entpacken WinRAR oder 7zip! Entpacken über Rechtklick, entpacken nach ...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.08.2011, 19:16
| #43 |
| | Facebook Virus. (bist du das auf dem Foto .........) Ja ich hab ja 7 zip das ist ja auch nicht das problemm. Wenn ich auf den Link klicke wo ich mir OSAM runterladen soll und ich will den download beginnen dann bleibt mein pc hängen. Wie ich entpacke darüber habe ich mich ja informiert aber wenn ich die datei nicht runterladen kann, kann ich diese doch auch nicht enpacken das meine ich. lg |
|
29.08.2011, 19:34
| #44 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook Virus. (bist du das auf dem Foto .........) Probier OSAM von hier zu laden => File-Upload.net - osam.zip
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.08.2011, 20:05
| #45 |
| | Facebook Virus. (bist du das auf dem Foto .........) So jetzt hat es geklappt sogar mit dem alten Link keine ahnung warum mein Laptop gestern so gestreikt hat: OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:04:02 on 29.08.2011 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 3.0.11 Scanner Settings [ ] Rootkits detection (hidden registry) [ ] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLCFG32.CPL "Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "catchme" (catchme) - ? - C:\Users\PETERR~1\AppData\Local\Temp\catchme.sys (File not found) "hwpsgt" (hwpsgt) - ? - C:\Windows\System32\DRIVERS\hwpsgt.sys (File found, but it contains no detailed information) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "lemsgt" (lemsgt) - ? - C:\Windows\System32\DRIVERS\lemsgt.sys (File found, but it contains no detailed information) "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "MBAMSwissArmy" (MBAMSwissArmy) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbamswissarmy.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {0A9007C0-4076-11D3-8789-0000F8105754} "ms-itss" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-37276-17534-15/4 (HTTP value) -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" - ? - (File not found | COM-object registry key not found) <binary data> "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" - ? - (File not found | COM-object registry key not found) <binary data> "{3041D03E-FD4B-44E0-B742-2D9B88305F98}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.6.0_03" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10n.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll "eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (HTTP value) "ICQ7.4" - "ICQ, LLC." - C:\Program Files\ICQ7.4\ICQ.exe {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Annika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "AutoStart IR.lnk" - "Hauppauge Computer Works" - C:\Program Files\WinTV\Ir.exe (Shortcut exists | File exists) "BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" "L08DXLRD_2509120" - ? - "C:\Program Files\Microsoft Lernen und Wissen\Microsoft Encarta 2008 – Lernen und Wissen DVD\EDICT.EXE" -m (File not found) "msnmsgr" - ? - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (File not found) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "BCSSync" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices "GnabTray" - "Empolis GmbH" - C:\Program Files\Common Files\Gnab\Service\GnabTray.exe -checkstart "Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup "NBKeyScan" - "Nero AG" - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe "SigmatelSysTrayApp" - "IDT, Inc." - sttray.exe "StartCCC" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (File found, but it contains no detailed information) "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "toolbar_eula_launcher" - " " - C:\Program Files\GoogleEULA\EULALauncher.exe "UCam_Menu" - "CyberLink Corp." - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" "WheelMouse" - ? - C:\ADVANC~1\wh_exec.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce )----- "Cleanup" - ? - C:\cleanup.exe (File found, but it contains no detailed information) "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir MailGuard" (AntiVirMailService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Avira AntiVir WebGuard" (AntiVirWebService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE "GnabService" (GnabService) - "Empolis GmbH" - c:\program files\common files\gnab\service\servicecontroller.exe "Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe "HauppaugeTVServer" (HauppaugeTVServer) - "Hauppauge Computer Works" - C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE "Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe (File found, but it contains no detailed information) "SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe "WTGService" (WTGService) - ? - C:\Program Files\Verbindungsassistent\wtgservice.exe (File found, but it contains no detailed information) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
| Themen zu Facebook Virus. (bist du das auf dem Foto .........) |
| angemeldet, antivir, bilder, bist du das, blöde, bruder, datei, facebook virus, foto, frage, gesendet, google, hallo zusammen, laptop, neu, neue, neuen, online, online banking, programme, schlägt, schützen, thema, trojaner ?, trotz, viren, virus, wirklich |
Linear-Darstellung
