| |
| |||||||
Log-Analyse und Auswertung: TR/ATRAPS.GEN, damit hat es angefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.06.2012, 21:17
| #1 |
 |  TR/ATRAPS.GEN, damit hat es angefangen Hallo zusammen, ich habe folgendes Problem: Auf dem Laptop meiner Freundin kam vor einiger Zeit eine Meldung über einen Fund von Avira. Daraufhin habe ich Avira und (ich glaube) AdAware laufen lassen, aber soweit ich noch weiß nur einige Cookies über AdAware gefunden... Danach war aber vorerst Ruhe. Nun hatte sie kürzlich wieder eine Meldung über TR/ATRAPS.GEN. Die Meldung hatte sie in letzter Zeit aber scheinbar auch schon öfters ohne etwas zu sagen und hat bei Avira immer auf entfernen geklickt. Laut Avira lag die Datei im Windows-Ordner System32. Entfernen über Avira hat scheinbar nicht funktioniert, manuell löschen ebenfalls nicht. Daraufhin habe ich die Datei über Avira in die Quarantäne verschoben. Bevor ich aber dazu gekommen bin, mich hier zu melden ging es richtig rund. Es wurde noch ein zweiter anderer Fund (?) gemeldet und der Scanner von Avira lässt sich nicht mehr starten. Genauso wie die Windows-Firewall. Daraufhin habe ich die Internet-Verbindung getrennt und der Laptop wird nun vorerst nur noch gestartet um die notwendigen Schritte durchzuführen... Und nun brauche ich Hilfe...  Im Voraus aber schon mal vielen Dank für die Hilfe!! Ich hoffe wir werden erfolgreich... Eine Frage noch: Besteht Gefahr meinen Laptop "anzustecken" wenn ich die Logs per USB-Stick übertrage um sie hochzuladen? Oder gibt es da eine sicherere Möglichkeit? Möchte den infizierten Laptop momentan ungern ins Netz lassen. Hier nun die Logs: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:42 on 04/06/2012 (***)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read 3b54d32e95b5a867.sys
Unable to read djsvs.sys
Unable to read Dot4.sys
Unable to read Dot4Prt.sys
Unable to read Dot4usb.sys
Unable to read drmk.sys
Unable to read drmkaud.sys
Unable to read Dumpata.sys
Unable to read dxapi.sys
Unable to read dxg.sys
Unable to read dxgkrnl.sys
Unable to read E1G60I32.sys
Unable to read ecache.sys
Unable to read elxstor.sys
Unable to read fastfat.sys
Unable to read fdc.sys
Unable to read fileinfo.sys
Unable to read filetrace.sys
Unable to read flpydisk.sys
Unable to read fltMgr.sys
Unable to read fs_rec.sys
Unable to read FWPKCLNT.SYS
Unable to read GAGP30KX.SYS
Unable to read GEARAspiWDM.sys
Unable to read hdaudbus.sys
Unable to read HdAudio.sys
Unable to read hidbth.sys
Unable to read hidclass.sys
Unable to read hidir.sys
Unable to read hidusb.sys
Unable to read HpCISSs.sys
Unable to read http.sys
Unable to read i2omgmt.sys
Unable to read i2omp.sys
Unable to read i8042prt.sys
Unable to read iaStor.sys
Unable to read iaStorV.sys
Unable to read iirsp.sys
Unable to read intelide.sys
Unable to read intelppm.sys
Unable to read ipfltdrv.sys
Unable to read IPMIDrv.sys
Unable to read ipnat.sys
Unable to read irda.sys
Unable to read irenum.sys
Unable to read isapnp.sys
Unable to read iteatapi.sys
Unable to read iteraid.sys
Unable to read kbdclass.sys
Unable to read kbdhid.sys
Unable to read ks.sys
Unable to read ksecdd.sys
Unable to read lltdio.sys
Unable to read lsi_fc.sys
Unable to read lsi_sas.sys
Unable to read lsi_scsi.sys
Unable to read luafv.sys
Unable to read mcd.sys
Unable to read megasas.sys
Unable to read modem.sys
Unable to read monitor.sys
Unable to read mouclass.sys
Unable to read mouhid.sys
Unable to read mountmgr.sys
Unable to read mpio.sys
Unable to read mpsdrv.sys
Unable to read Mraid35x.sys
Unable to read mrxdav.sys
Unable to read mrxsmb.sys
Unable to read mrxsmb10.sys
Unable to read mrxsmb20.sys
Unable to read msahci.sys
Unable to read msdsm.sys
Unable to read msfs.sys
Unable to read msisadrv.sys
Unable to read msiscsi.sys
Unable to read mskssrv.sys
Unable to read mspclock.sys
Unable to read mspqm.sys
Unable to read msrpc.sys
Unable to read mssmbios.sys
Unable to read mstee.sys
Unable to read mup.sys
Unable to read ndis.sys
Unable to read ndistapi.sys
Unable to read ndisuio.sys
Unable to read ndiswan.sys
Unable to read ndproxy.sys
Unable to read netaapl.sys
Unable to read netbios.sys
Unable to read netbt.sys
Unable to read netio.sys
Unable to read nfrd960.sys
Unable to read npfs.sys
Unable to read nsiproxy.sys
Unable to read ntfs.sys
Unable to read ntrigdigi.sys
Unable to read null.sys
Unable to read nvatabus.sys
Unable to read nvraid.sys
Unable to read nvstor.sys
Unable to read NV_AGP.SYS
Unable to read nwifi.sys
Unable to read ohci1394.sys
Unable to read pacer.sys
Unable to read parport.sys
Unable to read partmgr.sys
Unable to read parvdm.sys
Unable to read pci.sys
Unable to read pciide.sys
Unable to read pciidex.sys
Unable to read pcmcia.sys
Unable to read PEAuth.sys
Unable to read portcls.sys
Unable to read processr.sys
Unable to read pxhelp20.sys
Unable to read ql2300.sys
Unable to read ql40xx.sys
Unable to read qwavedrv.sys
Unable to read rasacd.sys
Unable to read rasl2tp.sys
Unable to read raspppoe.sys
Unable to read raspptp.sys
Unable to read rdbss.sys
Unable to read RDPCDD.sys
Unable to read rdpdr.sys
Unable to read RDPENCDD.sys
Unable to read rdpwd.sys
Unable to read rmcast.sys
Unable to read RNDISMP.sys
Unable to read rootmdm.sys
Unable to read rspndr.sys
Unable to read RTKVHDA.sys
Unable to read Rtlh86.sys
Unable to read sbapifs.sys
Unable to read SbFw.sys
Unable to read SbFwIm.sys
Unable to read sbhips.sys
Unable to read sbp2port.sys
Unable to read SBREDrv.sys
Unable to read sbtis.sys
Unable to read scsiport.sys
Unable to read secdrv.sys
Unable to read serenum.sys
Unable to read serial.sys
Unable to read sermouse.sys
Unable to read serscan.sys
Unable to read sffdisk.sys
Unable to read sffp_mmc.sys
Unable to read sffp_sd.sys
Unable to read sfloppy.sys
Unable to read SISAGP.SYS
Unable to read sisraid2.sys
Unable to read sisraid4.sys
Unable to read smb.sys
Unable to read smclib.sys
Unable to read smserial.sys
Unable to read spldr.sys
Unable to read spsys.sys
Unable to read srv.sys
Unable to read srv2.sys
Unable to read srvnet.sys
Unable to read Storport.sys
Unable to read swenum.sys
Unable to read symc8xx.sys
Unable to read sym_hi.sys
Unable to read sym_u3.sys
Unable to read tape.sys
Unable to read tcpip.sys
Unable to read tcpipreg.sys
Unable to read tdi.sys
Unable to read tdpipe.sys
Unable to read tdtcp.sys
Unable to read tdx.sys
Unable to read termdd.sys
Unable to read tssecsrv.sys
Unable to read TUNMP.SYS
Unable to read tunnel.sys
Unable to read UAGP35.SYS
Unable to read udfs.sys
Unable to read ULIAGPKX.SYS
Unable to read uliahci.sys
Unable to read ulsata.sys
Unable to read ulsata2.sys
Unable to read umbus.sys
Unable to read umpass.sys
Unable to read usb8023.sys
Unable to read usbaapl.sys
Unable to read USBAUDIO.sys
Unable to read usbccgp.sys
Unable to read usbcir.sys
Unable to read usbehci.sys
Unable to read usbhub.sys
Unable to read usbohci.sys
Unable to read usbport.sys
Unable to read usbprint.sys
Unable to read usbscan.sys
Unable to read USBSTOR.SYS
Unable to read usbuhci.sys
Unable to read vga.sys
Unable to read vgapnp.sys
Unable to read VIAAGP.SYS
Unable to read viac7.sys
Unable to read viaide.sys
Unable to read viamraid.sys
Unable to read videoprt.sys
Unable to read volmgr.sys
Unable to read volmgrx.sys
Unable to read volsnap.sys
Unable to read vsmraid.sys
Unable to read wacompen.sys
Unable to read wanarp.sys
Unable to read watchdog.sys
Unable to read wd.sys
Unable to read Wdf01000.sys
Unable to read WdfLdr.sys
Unable to read wmiacpi.sys
Unable to read wmilib.sys
Unable to read WpdUsb.sys
Unable to read ws2ifsl.sys
Unable to read WUDFPf.sys
Unable to read WUDFRd.sys
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 04.06.2012 19:44:09 - Run 1 OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\***\Desktop Windows Vista Unlicensed product (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 57,83% Memory free 3,96 Gb Paging File | 2,97 Gb Available in Paging File | 74,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 148,59 Gb Total Space | 58,52 Gb Free Space | 39,39% Space Free | Partition Type: NTFS Drive D: | 72,58 Gb Total Space | 72,49 Gb Free Space | 99,88% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.04 19:35:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2012.05.19 14:23:22 | 000,039,424 | ---- | M] () -- C:\ProgramData\368o0qiuym.exe PRC - [2012.05.13 10:25:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.13 10:25:17 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe PRC - [2012.05.03 18:37:50 | 020,221,792 | ---- | M] (Lavasoft Limited) -- C:\PROGRA~1\AD-AWA~1\AdAware.exe PRC - [2012.03.11 21:13:22 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2012.03.11 21:13:02 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cfp.exe PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.12.19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe PRC - [2011.11.23 12:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe PRC - [2011.11.23 12:27:04 | 000,992,056 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe PRC - [2011.10.21 11:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2009.05.21 19:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe PRC - [2008.12.11 15:33:04 | 000,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007.09.10 22:30:02 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN PRC - [2007.09.10 22:30:00 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe PRC - [2007.04.10 16:01:32 | 004,431,872 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2006.11.22 18:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2006.11.02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2006.03.16 01:07:06 | 000,421,888 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe ========== Modules (No Company Name) ========== MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.05.12 18:17:06 | 011,796,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03858406f9a9514402888707e8b93abe\System.Web.ni.dll MOD - [2010.05.12 18:16:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll MOD - [2010.05.12 18:15:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll MOD - [2010.04.23 19:46:50 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll MOD - [2010.04.23 19:46:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll MOD - [2010.04.23 19:45:37 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll MOD - [2010.04.23 19:41:36 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll MOD - [2010.04.23 19:41:12 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll MOD - [2008.07.27 20:00:27 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2008.07.27 20:00:17 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2008.07.27 20:00:17 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2007.09.18 11:38:25 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2589.34534__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2007.09.18 11:38:25 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2589.34592__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2007.09.18 11:38:25 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2589.34570__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2007.09.18 11:38:25 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2589.34591__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll MOD - [2007.09.18 11:38:25 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2589.34555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2007.09.18 11:38:24 | 001,671,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2589.34579__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2007.09.18 11:38:24 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2589.34821__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2007.09.18 11:38:24 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2589.34808__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2007.09.18 11:38:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2589.34761__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2007.09.18 11:38:24 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2589.34693__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2007.09.18 11:38:23 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2589.34851__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2007.09.18 11:37:53 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2589.34857__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:53 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2589.34549__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:52 | 000,344,064 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2589.34776__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:52 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2589.34843__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:52 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2589.34781__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2007.09.18 11:37:52 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2589.34773__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2007.09.18 11:37:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2589.34842__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2007.09.18 11:37:51 | 000,909,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2589.34815__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2589.34707__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2589.34606__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2589.34557__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2589.34795__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2007.09.18 11:37:51 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2589.34748__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2589.34613__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2007.09.18 11:37:51 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2589.34599__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2589.34728__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2589.34703__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2007.09.18 11:37:51 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2589.34727__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2007.09.18 11:37:51 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2589.34612__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2007.09.18 11:37:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2589.34747__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2007.09.18 11:37:50 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2589.34698__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:50 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2589.34694__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2007.09.18 11:37:50 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2589.34702__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2007.09.18 11:37:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2007.09.18 11:37:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2007.09.18 11:37:50 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2007.09.18 11:37:49 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2560.25961__90ba9c70f846762e\CLI.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2560.25971__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2007.09.18 11:37:49 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2537.29860__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2007.09.18 11:37:49 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2007.09.18 11:37:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2007.09.18 11:37:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2560.25959__90ba9c70f846762e\LOG.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2560.26040__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2007.09.18 11:37:49 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2560.25964__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2560.25973__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2560.25968__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2560.25974__90ba9c70f846762e\MOM.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2560.26001__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2560.26002__90ba9c70f846762e\DEM.OS.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2560.25997__90ba9c70f846762e\DEM.Graphics.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2531.19989__90ba9c70f846762e\DEM.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2007.09.18 11:37:48 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2560.26001__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2560.25986__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2560.26001__90ba9c70f846762e\APM.Foundation.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2560.25960__90ba9c70f846762e\AEM.Foundation.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2531.19989__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2007.09.18 11:37:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2560.25970__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2007.09.18 11:37:43 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2589.34827_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2007.09.18 11:37:43 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2589.34878__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2007.09.18 11:37:42 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2589.34565__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2007.09.18 11:37:42 | 000,389,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2589.34827__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2007.09.18 11:37:42 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2589.34834__90ba9c70f846762e\MOM.Implementation.dll MOD - [2007.09.18 11:37:42 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2589.34833__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2007.09.18 11:37:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2560.25980__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2007.09.18 11:37:42 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2560.25964__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2007.09.18 11:37:42 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2560.26010__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2007.09.18 11:37:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2560.25982__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2007.09.18 11:37:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2560.25966__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2007.09.18 11:37:41 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2589.34533__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2007.09.18 11:37:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2560.25981__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2007.09.18 11:37:40 | 001,404,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2589.34543__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2007.09.18 11:37:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2560.25970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2007.09.18 11:37:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2560.26004__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2007.09.18 11:37:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2589.34533__90ba9c70f846762e\ATIDEMOS.dll MOD - [2007.09.18 11:37:39 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2589.34532__90ba9c70f846762e\AEM.Server.dll MOD - [2007.09.18 11:37:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2007.09.18 11:37:39 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2589.34834__90ba9c70f846762e\CCC.Implementation.dll MOD - [2007.08.08 20:15:02 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.3\program\libxml2.dll MOD - [2007.02.02 16:01:32 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2007.01.19 17:23:44 | 000,016,384 | R--- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2006.12.19 19:16:04 | 000,073,728 | ---- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll MOD - [2006.11.22 18:31:30 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll MOD - [2006.11.22 18:31:28 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService) SRV - [2012.05.13 10:25:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.13 10:25:17 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.07 12:47:07 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.05.03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service) SRV - [2012.03.11 21:13:22 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.12.19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc) SRV - [2011.11.23 12:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS) SRV - [2008.06.20 03:17:50 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2007.09.18 11:24:16 | 000,286,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) SRV - [2007.09.18 11:00:38 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) SRV - [2006.11.02 14:35:32 | 000,051,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2006.11.02 11:46:05 | 000,065,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | System | Unknown] -- C:\Windows\system32\ntqfmifz.sys -- (ntqfmifz) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2012.05.13 10:25:19 | 000,137,928 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\avipbb.sys -- (avipbb) DRV - [2012.05.13 10:25:19 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.03.11 21:13:30 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\inspect.sys -- (inspect) DRV - [2012.03.11 21:13:30 | 000,038,616 | ---- | M] (COMODO) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2012.03.11 21:13:28 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Stopped] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2011.12.19 12:44:24 | 000,223,864 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SbFw.sys -- (SbFw) DRV - [2011.12.19 12:44:24 | 000,093,816 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips) DRV - [2011.12.19 12:44:24 | 000,084,600 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sbtis.sys -- (sbtis) DRV - [2011.11.29 06:59:52 | 000,077,816 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\System32\DRIVERS\sbapifs.sys -- (sbapifs) DRV - [2011.10.26 14:23:40 | 000,101,112 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREdrv.sys -- (SBRE) DRV - [2011.10.19 17:56:15 | 000,036,000 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\avkmgr.sys -- (avkmgr) DRV - [2011.09.29 12:16:18 | 000,094,584 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\SBFWIM.sys -- (SBFWIMCLMP) DRV - [2011.09.29 12:16:18 | 000,094,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\sbfwim.sys -- (SBFWIMCL) DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\Rtlh86.sys -- (RTL8169) DRV - [2010.06.17 16:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.04.19 21:29:20 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\netaapl.sys -- (Netaapl) DRV - [2010.02.23 15:14:51 | 000,211,968 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\mrxsmb10.sys -- (mrxsmb10) DRV - [2010.02.23 15:14:42 | 000,058,368 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\mrxsmb20.sys -- (mrxsmb20) DRV - [2010.02.23 15:14:41 | 000,102,400 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\mrxsmb.sys -- (mrxsmb) DRV - [2010.02.20 23:30:16 | 000,396,800 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HTTP.sys -- (HTTP) DRV - [2010.02.18 14:05:37 | 000,815,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\tcpip.sys -- (Tcpip6) DRV - [2010.02.18 14:05:37 | 000,815,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip) DRV - [2010.02.18 14:04:38 | 000,025,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\tunnel.sys -- (tunnel) DRV - [2010.02.18 14:04:30 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\tunmp.sys -- (tunmp) DRV - [2009.12.11 14:15:49 | 000,306,688 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\srv.sys -- (srv) DRV - [2009.12.11 14:15:30 | 000,084,992 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\srvnet.sys -- (srvnet) DRV - [2009.09.14 11:50:54 | 000,130,048 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\srv2.sys -- (srv2) DRV - [2009.09.05 14:25:36 | 001,183,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\athr.sys -- (athr) DRV - [2009.07.14 03:19:10 | 000,445,008 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000) DRV - [2009.06.15 20:12:26 | 000,408,136 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD) DRV - [2008.09.22 15:54:47 | 000,258,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI) DRV - [2008.09.22 15:54:47 | 000,020,920 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\compbatt.sys -- (Compbatt) DRV - [2008.09.22 15:54:47 | 000,014,208 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\CmBatt.sys -- (CmBatt) DRV - [2008.09.22 15:53:31 | 000,110,080 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2008.09.22 15:48:26 | 001,060,920 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs) DRV - [2008.09.22 15:48:25 | 000,041,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\monitor.sys -- (monitor) DRV - [2008.09.22 15:42:33 | 000,021,560 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi) DRV - [2008.09.22 15:42:33 | 000,015,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pciide.sys -- (pciide) DRV - [2008.09.22 15:42:32 | 000,211,000 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap) DRV - [2008.09.22 15:42:31 | 000,154,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\nwifi.sys -- (NativeWifiP) DRV - [2008.09.22 15:40:48 | 000,193,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\usbhub.sys -- (usbhub) DRV - [2008.09.22 15:40:47 | 000,038,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\usbehci.sys -- (usbehci) DRV - [2008.09.22 15:40:47 | 000,019,456 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\usbohci.sys -- (usbohci) DRV - [2008.09.22 15:40:46 | 000,073,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\usbccgp.sys -- (usbccgp) DRV - [2008.09.22 15:28:16 | 000,224,824 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\CLFS.sys -- (CLFS) Common Log (CLFS) DRV - [2008.09.22 15:28:09 | 000,054,784 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\i8042prt.sys -- (i8042prt) DRV - [2008.09.22 15:28:09 | 000,035,384 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\kbdclass.sys -- (kbdclass) DRV - [2008.09.22 15:28:09 | 000,034,360 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\mouclass.sys -- (mouclass) DRV - [2008.09.22 15:28:09 | 000,019,968 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse) DRV - [2007.09.18 11:28:01 | 000,621,056 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl) DRV - [2007.09.18 11:24:17 | 000,048,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy) DRV - [2007.09.18 11:24:17 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\ndistapi.sys -- (NdisTapi) DRV - [2007.09.18 11:24:16 | 000,061,952 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\wanarp.sys -- (Wanarpv6) DRV - [2007.09.18 11:24:16 | 000,061,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wanarp.sys -- (Wanarp) DRV - [2007.09.18 11:24:15 | 000,070,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\pacer.sys -- (PSched) DRV - [2007.09.18 11:16:56 | 000,055,296 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\USBSTOR.SYS -- (USBSTOR) DRV - [2007.09.18 11:12:49 | 000,063,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv) DRV - [2007.09.18 11:01:49 | 000,012,800 | ---- | M] () [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV - [2007.09.18 10:58:55 | 000,074,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\rasl2tp.sys -- (Rasl2tp) WAN-Miniport (L2TP) DRV - [2007.09.18 10:58:55 | 000,060,928 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\raspptp.sys -- (PptpMiniport) WAN-Miniport (PPTP) DRV - [2007.02.02 16:09:42 | 002,385,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\atikmdag.sys -- (R300) DRV - [2006.11.22 18:35:00 | 000,982,272 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\smserial.sys -- (smserial) DRV - [2006.11.02 14:34:35 | 000,132,200 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ecache.sys -- (Ecache) DRV - [2006.11.02 14:34:31 | 000,031,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv) DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300) DRV - [2006.11.02 11:51:42 | 000,500,840 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS) DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor) DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci) DRV - [2006.11.02 11:51:30 | 000,290,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx) DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci) DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iastorv.sys -- (iaStorV) DRV - [2006.11.02 11:51:14 | 000,183,912 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltmgr.sys -- (FltMgr) DRV - [2006.11.02 11:51:12 | 000,168,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\msiscsi.sys -- (iScsiPrt) DRV - [2006.11.02 11:51:12 | 000,167,528 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia) DRV - [2006.11.02 11:51:09 | 000,160,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC) DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320) DRV - [2006.11.02 11:50:57 | 000,140,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci) DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006.11.02 11:50:40 | 000,106,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nv_agp.sys -- (nv_agp) DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006.11.02 11:50:28 | 000,050,792 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\termdd.sys -- (TermDD) DRV - [2006.11.02 11:50:24 | 000,050,280 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr) DRV - [2006.11.02 11:50:24 | 000,047,208 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp) DRV - [2006.11.02 11:50:24 | 000,046,696 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\System32\Drivers\mup.sys -- (Mup) DRV - [2006.11.02 11:50:23 | 000,049,256 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr) DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 11:50:17 | 000,080,488 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm) DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 11:50:16 | 000,078,952 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio) DRV - [2006.11.02 11:50:16 | 000,076,392 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port) DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor) DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas) DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc) DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006.11.02 11:50:04 | 000,058,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gagp30kx.sys -- (gagp30kx) DRV - [2006.11.02 11:50:04 | 000,058,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uliagpkx.sys -- (uliagpkx) DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 11:49:59 | 000,056,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uagp35.sys -- (uagp35) DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 11:49:58 | 000,056,424 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo) DRV - [2006.11.02 11:49:57 | 000,054,888 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr) DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 11:49:54 | 000,028,776 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\mssmbios.sys -- (mssmbios) DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas) DRV - [2006.11.02 11:49:52 | 000,054,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viaagp.sys -- (viaagp) DRV - [2006.11.02 11:49:52 | 000,053,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\agp440.sys -- (agp440) DRV - [2006.11.02 11:49:51 | 000,052,840 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (disk) DRV - [2006.11.02 11:49:49 | 000,027,752 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp) DRV - [2006.11.02 11:49:44 | 000,023,144 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci) DRV - [2006.11.02 11:49:43 | 000,022,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2006.11.02 11:49:38 | 000,019,560 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd) DRV - [2006.11.02 11:49:35 | 000,018,536 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr) DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide) DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide) DRV - [2006.11.02 11:49:26 | 000,015,464 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide) DRV - [2006.11.02 11:49:24 | 000,014,952 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide) DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide) DRV - [2006.11.02 11:49:20 | 000,013,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv) DRV - [2006.11.02 11:49:20 | 000,012,776 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\swenum.sys -- (swenum) DRV - [2006.11.02 11:14:58 | 000,018,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\usbprint.sys -- (usbprint) DRV - [2006.11.02 11:14:19 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\serscan.sys -- (StillCam) DRV - [2006.11.02 11:14:17 | 000,035,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\usbscan.sys -- (usbscan) DRV - [2006.11.02 11:04:35 | 000,878,080 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\peauth.sys -- (PEAUTH) DRV - [2006.11.02 11:04:23 | 000,039,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wpdusb.sys -- (WpdUsb) DRV - [2006.11.02 11:03:00 | 000,242,688 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr) DRV - [2006.11.02 11:02:15 | 000,160,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD) DRV - [2006.11.02 11:02:07 | 000,023,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\tssecsrv.sys -- (tssecsrv) DRV - [2006.11.02 11:02:01 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP) DRV - [2006.11.02 11:02:01 | 000,017,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2006.11.02 11:02:01 | 000,006,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\rdpencdd.sys -- (RDPENCDD) DRV - [2006.11.02 11:02:01 | 000,006,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\RDPCDD.sys -- (RDPCDD) DRV - [2006.11.02 10:58:52 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\modem.sys -- (Modem) DRV - [2006.11.02 10:58:43 | 000,270,336 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD) DRV - [2006.11.02 10:58:26 | 000,015,872 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2006.11.02 10:58:14 | 000,118,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\ndiswan.sys -- (NdisWan) DRV - [2006.11.02 10:58:13 | 000,011,776 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\rasacd.sys -- (RasAcd) DRV - [2006.11.02 10:58:12 | 000,041,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\raspppoe.sys -- (RasPppoe) DRV - [2006.11.02 10:58:10 | 000,017,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\asyncmac.sys -- (AsyncMac) DRV - [2006.11.02 10:58:09 | 000,099,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipnat.sys -- (IPNAT) DRV - [2006.11.02 10:58:04 | 000,047,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipfltdrv.sys -- (IpFilterDriver) DRV - [2006.11.02 10:57:47 | 000,027,648 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg) DRV - [2006.11.02 10:57:35 | 000,068,096 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\tdx.sys -- (tdx) DRV - [2006.11.02 10:57:30 | 000,016,384 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy) DRV - [2006.11.02 10:57:26 | 000,035,840 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\DRIVERS\netbios.sys -- (NetBIOS) DRV - [2006.11.02 10:57:22 | 000,016,896 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\ndisuio.sys -- (Ndisuio) DRV - [2006.11.02 10:57:20 | 000,184,320 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\netbt.sys -- (netbt) DRV - [2006.11.02 10:57:10 | 000,066,048 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\smb.sys -- (Smb) DRV - [2006.11.02 10:57:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM) DRV - [2006.11.02 10:56:49 | 000,060,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\DRIVERS\rspndr.sys -- (rspndr) DRV - [2006.11.02 10:56:49 | 000,047,104 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\DRIVERS\lltdio.sys -- (lltdio) DRV - [2006.11.02 10:55:24 | 000,034,816 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\umbus.sys -- (umbus) DRV - [2006.11.02 10:55:23 | 000,039,936 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM) DRV - [2006.11.02 10:55:22 | 000,029,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth) DRV - [2006.11.02 10:55:16 | 000,062,080 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394) DRV - [2006.11.02 10:55:09 | 000,068,608 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR) DRV - [2006.11.02 10:55:08 | 000,035,328 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass) DRV - [2006.11.02 10:55:05 | 000,022,528 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\usbuhci.sys -- (usbuhci) DRV - [2006.11.02 10:55:04 | 000,071,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaudio.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2006.11.02 10:55:01 | 000,021,504 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr) DRV - [2006.11.02 10:55:01 | 000,012,288 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb) DRV - [2006.11.02 10:54:59 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud) DRV - [2006.11.02 10:54:52 | 000,082,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\WUDFRd.sys -- (WUDFRd) DRV - [2006.11.02 10:53:56 | 000,026,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\vgapnp.sys -- (vga) DRV - [2006.11.02 10:53:56 | 000,025,088 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave) DRV - [2006.11.02 10:52:52 | 000,020,608 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen) DRV - [2006.11.02 10:51:44 | 000,067,072 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\cdrom.sys -- (cdrom) DRV - [2006.11.02 10:51:40 | 000,013,312 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy) DRV - [2006.11.02 10:51:40 | 000,012,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd) DRV - [2006.11.02 10:51:40 | 000,012,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc) DRV - [2006.11.02 10:51:38 | 000,013,312 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk) DRV - [2006.11.02 10:51:33 | 000,025,088 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\fdc.sys -- (fdc) DRV - [2006.11.02 10:51:32 | 000,020,480 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\flpydisk.sys -- (flpydisk) DRV - [2006.11.02 10:51:30 | 000,083,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2006.11.02 10:51:30 | 000,079,360 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport) DRV - [2006.11.02 10:51:25 | 000,017,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum) DRV - [2006.11.02 10:51:23 | 000,008,704 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm) DRV - [2006.11.02 10:51:15 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MSKSSRV.sys -- (MSKSSRV) DRV - [2006.11.02 10:51:14 | 000,005,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MSPQM.sys -- (MSPQM) DRV - [2006.11.02 10:51:13 | 000,006,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MSTEE.sys -- (MSTEE) DRV - [2006.11.02 10:51:13 | 000,005,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MSPCLOCK.sys -- (MSPCLOCK) DRV - [2006.11.02 10:51:12 | 000,015,872 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid) DRV - [2006.11.02 10:51:12 | 000,015,872 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid) DRV - [2006.11.02 10:51:05 | 000,004,608 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null) DRV - [2006.11.02 10:51:04 | 000,131,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\Dot4.sys -- (Dot4) DRV - [2006.11.02 10:51:03 | 000,036,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\dot4usb.sys -- (dot4usb) DRV - [2006.11.02 10:51:03 | 000,006,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep) DRV - [2006.11.02 10:51:02 | 000,016,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\Dot4Prt.sys -- (Dot4Print) DRV - [2006.11.02 10:42:03 | 000,065,536 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ipmidrv.sys -- (IPMIDRV) DRV - [2006.11.02 10:35:03 | 000,011,264 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi) DRV - [2006.11.02 10:33:07 | 000,083,456 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv) DRV - [2006.11.02 10:32:55 | 000,027,648 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace) DRV - [2006.11.02 10:31:26 | 000,222,208 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\DRIVERS\rdbss.sys -- (rdbss) DRV - [2006.11.02 10:31:12 | 000,069,632 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\bowser.sys -- (bowser) DRV - [2006.11.02 10:31:04 | 000,074,752 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\Drivers\dfsc.sys -- (DfsC) DRV - [2006.11.02 10:30:57 | 000,225,280 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\udfs.sys -- (udfs) DRV - [2006.11.02 10:30:57 | 000,034,816 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs) DRV - [2006.11.02 10:30:56 | 000,022,528 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs) DRV - [2006.11.02 10:30:50 | 000,070,144 | ---- | M] () [File_System | Disabled | Running] -- C:\Windows\System32\DRIVERS\cdfs.sys -- (cdfs) DRV - [2006.11.02 10:30:49 | 000,142,336 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat) DRV - [2006.11.02 10:30:19 | 000,039,424 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7) DRV - [2006.11.02 10:30:18 | 000,040,960 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\amdk8.sys -- (AmdK8) DRV - [2006.11.02 10:30:18 | 000,039,424 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\intelppm.sys -- (intelppm) DRV - [2006.11.02 10:30:18 | 000,038,912 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe) DRV - [2006.11.02 10:30:18 | 000,038,912 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7) DRV - [2006.11.02 10:30:18 | 000,038,400 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor) DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 09:36:49 | 000,235,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService) DRV - [2006.07.14 14:55:42 | 000,089,344 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm) DRV - [2006.07.14 14:55:34 | 000,105,088 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2006.05.11 11:30:52 | 000,247,808 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iastor.sys -- (iaStor) DRV - [2006.03.31 02:18:30 | 000,100,992 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viamraid.sys -- (viamraid) DRV - [2005.01.11 17:58:48 | 000,030,976 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&q={searchTerms}&rlz=1I7FUJC_deDE294 IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.12.11 15:33:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.04.03 17:07:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.20 16:45:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.14 17:47:34 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.04.03 17:07:41 | 000,000,000 | ---D | M] [2010.04.13 12:53:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2012.01.29 22:43:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions [2010.04.30 13:47:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Petra\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2008.10.05 20:02:29 | 000,000,681 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\ask.xml [2012.05.14 17:53:21 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-1.xml [2010.11.01 22:25:10 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-10.xml [2010.11.04 11:51:58 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-11.xml [2010.12.16 21:13:15 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-12.xml [2011.05.15 13:15:01 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-13.xml [2008.10.01 16:42:27 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-2.xml [2008.11.20 14:16:25 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-3.xml [2009.01.04 10:12:02 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-4.xml [2009.01.04 10:14:25 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-5.xml [2010.07.02 08:08:31 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-6.xml [2010.07.08 18:56:42 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-7.xml [2010.08.11 14:34:57 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-8.xml [2010.08.11 18:36:10 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-9.xml [2009.07.13 18:12:02 | 000,000,944 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin.xml [2011.11.20 15:07:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2007.09.18 11:44:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.03.04 18:59:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.11.20 15:07:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2012.01.29 22:43:25 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70AG819C.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2011.11.20 14:11:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.10.25 09:30:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.25 09:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.10.25 09:30:40 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.10.25 09:30:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.25 09:30:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.25 09:30:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [368o0qiuym] C:\ProgramData\368o0qiuym.exe () O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO) O4 - HKLM..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKLM..\Run: [Regedit32] C:\Windows\system32\regedit.exe File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm Installer] "C:\Program Files\CheckPoint\Install\Launcher.exe" "C:\Program Files\CheckPoint\Install\Install.exe" /r download /c "C:\Program Files\CheckPoint\Install\Install.xml" /w File not found O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [368o0qiuym] C:\Users\***\368o0qiuym.exe () O4 - HKCU..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent File not found O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKCU..\Run: [Regedit32] C:\Windows\system32\regedit.exe File not found O4 - HKCU..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3BB9DE0-2AD6-4225-9C24-D26B30D33C84}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.06.04 19:35:26 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2012.05.20 13:43:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [2012.05.20 13:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo [2012.05.20 13:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo [2012.05.20 13:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA [2012.05.20 13:21:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO [2012.05.14 22:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.05.14 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Simply Super Software [2012.05.14 19:19:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\adaware [2012.05.14 19:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus [2012.05.14 19:17:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\VDD [2012.05.14 19:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012.05.14 19:16:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Ad-Aware Antivirus [2012.05.14 18:49:48 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys [2012.05.14 18:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\stinger [2012.05.14 18:28:54 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software [2012.05.14 18:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection [2012.05.14 18:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.04 19:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.04 19:42:03 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2012.06.04 19:40:51 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.06.04 19:40:51 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.06.04 19:40:51 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.06.04 19:40:51 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.06.04 19:37:22 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\fvuuqzt8.exe [2012.06.04 19:37:11 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.04 19:36:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.04 19:35:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Petra\Desktop\OTL.exe [2012.06.04 19:34:56 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe [2012.06.04 19:07:17 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{52B109CC-A65C-4907-8388-666C93303733}.job [2012.06.04 19:06:46 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\RegistryDoktor.job [2012.06.04 19:06:45 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.04 19:06:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.04 19:06:25 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.04 19:06:02 | 2011,283,456 | -HS- | M] () -- C:\hiberfil.sys [2012.05.20 13:44:45 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk [2012.05.20 13:44:08 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\COMODO GeekBuddy.lnk [2012.05.20 13:43:52 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk [2012.05.20 12:39:05 | 193,313,219 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.05.20 12:33:16 | 000,069,376 | ---- | M] () -- C:\Windows\System32\drivers\3b54d32e95b5a867.sys [2012.05.19 14:23:22 | 000,039,424 | ---- | M] () -- C:\Users\***\368o0qiuym.exe [2012.05.19 14:23:22 | 000,039,424 | ---- | M] () -- C:\ProgramData\368o0qiuym.exe [2012.05.14 18:49:48 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys [2012.05.13 10:25:19 | 000,137,928 | ---- | M] () -- C:\Windows\System32\drivers\avipbb.sys [2012.05.13 10:25:19 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.04 19:42:03 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2012.06.04 19:37:24 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\fvuuqzt8.exe [2012.06.04 19:35:07 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe [2012.05.20 13:44:45 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk [2012.05.20 13:44:08 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\COMODO GeekBuddy.lnk [2012.05.20 13:43:52 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk [2012.05.20 12:33:15 | 000,069,376 | ---- | C] () -- C:\Windows\System32\drivers\3b54d32e95b5a867.sys [2012.05.20 12:31:38 | 000,039,424 | ---- | C] () -- C:\ProgramData\368o0qiuym.exe [2012.05.19 14:23:22 | 000,039,424 | ---- | C] () -- C:\Users\***\368o0qiuym.exe [2012.05.14 19:18:30 | 000,093,816 | ---- | C] () -- C:\Windows\System32\drivers\sbhips.sys [2012.05.14 19:18:30 | 000,084,600 | ---- | C] () -- C:\Windows\System32\drivers\sbtis.sys [2012.05.14 19:18:01 | 000,094,584 | ---- | C] () -- C:\Windows\System32\drivers\SbFwIm.sys [2012.05.14 19:18:00 | 000,223,864 | ---- | C] () -- C:\Windows\System32\drivers\SbFw.sys [2012.05.07 12:09:38 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.02.09 23:36:00 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.02.09 23:36:00 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.01.29 22:03:26 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2012.01.29 22:03:26 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011.11.29 06:59:52 | 000,077,816 | ---- | C] () -- C:\Windows\System32\drivers\sbapifs.sys [2011.11.20 17:41:42 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011.11.20 14:58:24 | 000,137,928 | ---- | C] () -- C:\Windows\System32\drivers\avipbb.sys [2011.11.20 14:58:24 | 000,036,000 | ---- | C] () -- C:\Windows\System32\drivers\avkmgr.sys [2011.10.26 14:23:40 | 000,101,112 | ---- | C] () -- C:\Windows\System32\drivers\SBREDrv.sys [2011.05.10 08:06:08 | 000,042,496 | ---- | C] () -- C:\Windows\System32\drivers\usbaapl.sys [2011.04.03 16:52:32 | 000,217,396 | ---- | C] () -- C:\Windows\hpoins46.dat [2011.04.03 16:52:32 | 000,000,606 | ---- | C] () -- C:\Windows\hpomdl46.dat [2011.03.18 15:38:15 | 000,219,409 | ---- | C] () -- C:\Windows\hpoins46.dat.temp [2011.03.18 15:38:15 | 000,000,606 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp [2011.02.19 13:02:55 | 000,445,008 | ---- | C] () -- C:\Windows\System32\drivers\Wdf01000.sys [2011.02.19 13:02:55 | 000,038,480 | ---- | C] () -- C:\Windows\System32\drivers\WdfLdr.sys [2010.09.20 18:09:05 | 000,546,482 | ---- | C] () -- C:\Users\***\AppData\Roaming\mdbu.bin [2010.06.23 09:21:32 | 000,259,176 | ---- | C] () -- C:\Windows\System32\drivers\Rtlh86.sys ========== LOP Check ========== [2012.05.14 19:23:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ad-Aware Antivirus [2010.04.15 09:56:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AVP 2009 [2012.04.17 10:58:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular [2008.10.19 17:30:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InterVideo [2011.11.20 17:41:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge [2010.07.08 21:14:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer [2008.12.08 16:05:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template [2012.06.04 19:06:46 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\RegistryDoktor.job [2012.06.04 19:06:23 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.06.04 19:07:17 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{52B109CC-A65C-4907-8388-666C93303733}.job ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 04.06.2012 19:44:10 - Run 1
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\***\Desktop
Windows Vista Unlicensed product (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,87 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 57,83% Memory free
3,96 Gb Paging File | 2,97 Gb Available in Paging File | 74,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,59 Gb Total Space | 58,52 Gb Free Space | 39,39% Space Free | Partition Type: NTFS
Drive D: | 72,58 Gb Total Space | 72,49 Gb Free Space | 99,88% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{147EEAEB-B3A8-4E22-A8BE-7149D8D96747}" = rport=138 | protocol=17 | dir=out | app=system |
"{31029E2F-EEEC-4968-AACD-FC56B7E5532D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3D2DF107-C328-4231-9481-D21BF1D30015}" = rport=445 | protocol=6 | dir=out | app=system |
"{3E2F8491-0F13-49DA-99EB-8782D070AEA6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{79E58E11-A849-430F-BCB6-AAA41E1BBEA0}" = rport=139 | protocol=6 | dir=out | app=system |
"{7D24B070-8BA3-4D8E-851A-29FA1F22356B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{88F84997-9334-4FB6-BC46-613D67D1C30C}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{8DED30FE-D70E-465E-8F4C-977915346A61}" = lport=138 | protocol=17 | dir=in | app=system |
"{9AE8018C-B563-4981-98A6-D4F2760CF770}" = lport=139 | protocol=6 | dir=in | app=system |
"{9C058F9E-C803-4D69-9C57-9DD7021F42DD}" = lport=445 | protocol=6 | dir=in | app=system |
"{BC6163AD-C48C-42DF-B86A-E7D1509EA8A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{C72FF11E-7D4C-4C09-8249-EDACD88DB9F0}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06510ED3-306D-412A-B6A7-F50978F1FFD9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{0E64587C-ECB0-4F3F-A320-774EF5581522}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{2A5AEEA3-965A-41B4-B92E-8E4B6864DF5B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{2B34FFFF-6385-4CB8-BFD9-3C18A81CD7C6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2F73251C-7D4A-4BBE-AD91-D429BD27BE9A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{32C55E2D-96AA-4B71-B3D5-AB519294CEC0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{3302D3F7-023F-433F-9B2F-B7CB460624E5}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3C3DDD5B-55E1-4762-B8D7-2828263478DA}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{3C9CB547-8680-44B6-B223-AA3EE1F17383}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{46F79B7C-62A0-4C37-AC0F-1E46A9C100DA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4C9E3607-549A-4F0F-A804-A1B2799BB6AC}" = dir=in | app=e:\setup\hpznui01.exe |
"{4D18927C-D94C-4A3D-A5E3-33DFD82AD921}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{57C5FAF6-6D5C-425D-B745-5135B752E42C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{59BD84C7-88DD-4072-80AC-FA02693D183E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{73BF3674-6F48-4A28-BE01-3320DD17A1F4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{75EBE356-878E-4BDF-A354-578C276E826A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{77AF53DF-7E73-4853-AAA7-2F04AC490875}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{7C50B8B9-65E9-4B4C-ABCE-1508B8A0E935}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{802AD285-D08E-4349-A3F4-48DE8DEC43EE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{88679F7E-B0E9-45B9-A274-E75AEBDEF8FB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{8CEA08A4-B204-46E1-8A03-ECA9337AC345}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8F0E0CF6-A8A6-433F-AC3B-3F2C1C183CA3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{91CEA91A-3ACB-4D88-9EF8-FF5120BAC534}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{9490006B-A420-47A9-8A1D-B0DC168F9648}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{95474F2E-5959-405A-8FC6-4E65F8CAC657}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B71892F6-05E1-45BD-9B4F-BD9F283CA35B}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{C7D2450A-EA84-47A0-A029-B46218F0C77D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C8CF663C-7254-4D6C-899B-BC612BA926E5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CF6A91F5-5788-4F76-91D5-39D4CE0642AD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{D228DF36-909C-446B-AE08-8EF53A5211DE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{D3F1AC8E-9007-483E-90A2-6766F56D5E00}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D4D38B03-1EC8-4294-9285-89E155549B31}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D8220D9F-C8E4-4AFB-926F-EBDD0B4AB4BA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DFB0E60D-C0CA-4352-9385-574EF6C285D1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{11B0F0EC-6DA9-4966-8E4C-BF59D5C1DCFE}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{D88378F1-6C63-4F26-8580-710A36630B8D}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{FF67FA35-1BA2-4E7D-861F-8E8814ADD266}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{48FFC8CE-D0E1-4AF1-B65C-B7DBC745D208}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{4E157104-22F3-430B-9761-C14E14B1B948}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{575FE77E-D69C-4509-9505-8CA1047636B7}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{028741EB-70F5-BF63-EB23-480A7C48F096}" = CCC Help German
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0343FEB6-43EA-0608-CF1F-6B4D20784AA8}" = Catalyst Control Center Localization Italian
"{03B5882D-D9DB-B950-CBE1-D03DDBFFF458}" = CCC Help Chinese Traditional
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1B3A67B0-F54D-2F98-763C-B8E309135C38}" = Catalyst Control Center Localization Swedish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F9B00FC-AD74-A45C-3E73-83CF895E9CD0}" = Catalyst Control Center Localization Spanish
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{29F482A1-9828-5830-1F96-798E75CB90EB}" = CCC Help French
"{2B541619-4920-A88A-AEB6-C4E76672B726}" = ccc-utility
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{32AFDE70-6890-478B-BC92-8F3C76B8A77B}" = Branding
"{37AF3415-B43F-FB0B-124B-4B207657DF66}" = Catalyst Control Center Localization Japanese
"{3E5D1BD1-3451-15A7-D5EB-FB4C1C713C33}" = Catalyst Control Center Localization Chinese Standard
"{3FB83D9B-35B3-44E2-639B-6839332BBB29}" = Catalyst Control Center Localization Portuguese
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{48FD4CEC-7ED7-5220-2032-E780075764E4}" = CCC Help Japanese
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_06_F4500_SW_MIN
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{55A7B938-3D1E-4819-A87B-F83E736EF52E}" = F4500
"{587601F9-A917-AE27-263A-0854BE106BE9}" = Catalyst Control Center Localization German
"{5A9AA2C0-972F-4239-AA41-E409434194D5}" = MobileMe Control Panel
"{625309B9-9853-B259-CA17-DA4838E2D7C6}" = Catalyst Control Center Localization Dutch
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66E98E51-BFF9-5922-1316-7AF58170CA54}" = Catalyst Control Center Graphics Light
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{71C97813-ADFC-AA48-D24F-17E6CD41B413}" = Skins
"{74EF2D1D-D3A6-3A56-1DD7-56A338BADD29}" = CCC Help Chinese Standard
"{787AD427-7FEB-A87C-4C2E-C95610EF345B}" = Catalyst Control Center Core Implementation
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F08A772-2816-4F46-84F1-49578502AD28}" = HP Deskjet F4500 Printer Driver Software 13.0 Rel .6
"{81CD6232-10F5-4832-B3DA-1B88B1571031}" = Nero 7 Essentials
"{8535028B-D4EE-B929-97A0-354013AE5D94}" = Catalyst Control Center Localization Korean
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9279B0F3-C831-7C50-9F07-73B1219322B6}" = Catalyst Control Center Localization Chinese Traditional
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{94E89EFD-5841-17EA-4F69-37A5DA58A735}" = CCC Help Spanish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A983135-BB9F-6E62-F282-AD76BB9551FE}" = CCC Help English
"{9AE73DF3-2349-A626-AE42-7959D7583E2B}" = Catalyst Control Center Graphics Full Existing
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A603BB91-F08F-025F-4158-E897DC29D037}" = Catalyst Control Center Localization French
"{A625D45F-1DC4-47FB-ABCF-6B27684AA717}" = OpenOffice.org 2.3
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA27D595-32F0-97EB-BC94-1ED22E7444A8}" = CCC Help Portuguese
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C61E8F12-31F1-C2E6-DC0C-505CBF2BEE57}" = ccc-core-static
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCC67B82-CD80-9C07-4C4A-D5B9C7137399}" = CCC Help Italian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2B49278-3321-FFBA-0F7C-127878A9CB5D}" = CCC Help Dutch
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{D723FE60-F9EC-D688-0274-7BF2FF96E80A}" = Catalyst Control Center Graphics Full New
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E1FA2D24-5633-83B3-3C72-FB3749DAF724}" = CCC Help Swedish
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E23357-CDCE-0246-677C-8097DAA6F8C5}" = CCC Help Korean
"{FA2B72B1-B29E-57FB-5AFB-74734AC3442E}" = Catalyst Control Center Graphics Previews Vista
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{fc8208f2-b1c1-4253-9e89-d518e983b7bb}" = Ad-Aware Antivirus
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ATI Uninstaller" = ATI Uninstaller
"Avira AntiVir Desktop" = Avira Free Antivirus
"Big Fish Games Center" = Big Fish Games Center (remove only)
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Comodo Dragon" = Comodo Dragon
"COMODO GeekBuddy" = COMODO GeekBuddy
"Cradle of Rome" = Cradle of Rome (remove only)
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Lidl-Fotos_is1" = Lidl-Fotos
"Luxor Amun Rising" = Luxor Amun Rising (remove only)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MyCamera" = Canon Utilities MyCamera
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa2" = Picasa 2
"Poker Superstars II" = Poker Superstars II (remove only)
"RealPlayer 6.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Uninstall_is1" = Uninstall 1.0.0.1
"Virtual Villagers" = Virtual Villagers (remove only)
"VLC media player" = VLC media player 0.9.4
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.12.2010 15:12:15 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16.12.2010 15:16:29 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description =
Error - 17.12.2010 03:32:00 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.12.2010 03:32:00 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.12.2010 03:32:04 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.12.2010 03:36:24 | Computer Name = ***-PC | Source = WerSvc | ID = 5007
Description =
Error - 17.12.2010 03:50:43 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description =
Error - 17.12.2010 07:36:40 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.12.2010 07:36:40 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.12.2010 07:36:43 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 04.06.2012 13:05:04 | Computer Name = ***-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
4, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 04.06.2012 13:05:04 | Computer Name = ***-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
7, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 04.06.2012 13:05:04 | Computer Name = ***-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
6, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 04.06.2012 13:07:00 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 04.06.2012 13:07:00 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 04.06.2012 13:07:00 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 04.06.2012 13:07:00 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7024
Description =
Error - 04.06.2012 13:07:00 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 04.06.2012 13:07:00 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 04.06.2012 13:38:08 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7024
Description =
< End of report >
Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-06-04 20:23:42
Windows 6.0.6000
Running: fvuuqzt8.exe
---- Services - GMER 1.0.15 ----
Service C:\SystemRoot\System32\Drivers\3b54d32e95b5a867.sys (*** hidden *** ) [BOOT] 3b54d32e95b5a867 <-- ROOTKIT !!!
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\3b54d32e95b5a867@ImagePath \SystemRoot\System32\Drivers\3b54d32e95b5a867.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\3b54d32e95b5a867@Group Boot Bus Extender
Reg HKLM\SYSTEM\CurrentControlSet\Services\3b54d32e95b5a867@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\3b54d32e95b5a867@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\3b54d32e95b5a867@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\3b54d32e95b5a867@Tag 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\3b54d32e95b5a867@DisplayName 368o0qiuym.exe
Reg HKLM\SYSTEM\ControlSet003\Services\3b54d32e95b5a867@ImagePath \SystemRoot\System32\Drivers\3b54d32e95b5a867.sys
Reg HKLM\SYSTEM\ControlSet003\Services\3b54d32e95b5a867@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet003\Services\3b54d32e95b5a867@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet003\Services\3b54d32e95b5a867@Type 1
Reg HKLM\SYSTEM\ControlSet003\Services\3b54d32e95b5a867@Start 0
Reg HKLM\SYSTEM\ControlSet003\Services\3b54d32e95b5a867@Tag 1
Reg HKLM\SYSTEM\ControlSet003\Services\3b54d32e95b5a867@DisplayName 368o0qiuym.exe
---- EOF - GMER 1.0.15 ----
|
|
10.06.2012, 02:30
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | TR/ATRAPS.GEN, damit hat es angefangenZitat:
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
15.06.2012, 18:11
| #3 |
| | TR/ATRAPS.GEN, damit hat es angefangen Da die Logs zu groß sind, habe ich sie als .zip angehängt.
__________________Ich habe einen kompletten Scan laufen lassen (Datei: 1_AVSCAN...). Die Funde wurden in die Quarantäne verschoben. Die Quarantäne konnte ich im Anschluss komplett löschen. Daraufhin habe ich noch einen kompletten Scan laufen lassen (Datei: 2_AVSCAN...) ohne Funde. Er hat zwar keinen Fund mehr angezeigt, aber ich befürchte so leicht ist es dann doch nicht, oder!?  Grüße |
|
15.06.2012, 20:58
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.GEN, damit hat es angefangen Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen! Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.06.2012, 19:27
| #5 |
| | TR/ATRAPS.GEN, damit hat es angefangen Der Echtzeit-Scanner von Antivir läuft noch nicht wieder und der Dienst lässt sich auch nicht manuell starten... auch automatische Updates von Windows kann ich nicht aktivieren... die Definition von Windows-Defender kann ich auch nicht aktualisieren. Ich denke, dass es auch noch an dem Befall liegt, oder? Aber vielleicht ist es ja zur Lösung interessant!? OK, und hier die Logs: Malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.18.07 Windows Vista x86 NTFS Internet Explorer 8.0.6001.18904 Petra :: ***-PC [Administrator] Schutz: Deaktiviert 18.06.2012 21:10:06 mbam-log-2012-06-18 (21-10-06).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 352794 Laufzeit: 47 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Regedit32 (Trojan.Agent) -> Daten: C:\Windows\system32\regedit.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Regedit32 (Trojan.Agent) -> Daten: C:\Windows\system32\regedit.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=9b0e88d67c720c4f9f4471cd4ce2ed68
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-19 05:51:00
# local_time=2012-06-19 07:51:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode=1792 16777215 100 0 77650 77650 0 0
# compatibility_mode=5892 16776573 100 100 3224119 177654890 0 0
# compatibility_mode=8192 67108863 100 0 95 95 0 0
# scanned=163866
# found=3
# cleaned=0
# scan_time=6098
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
C:\Users\***\Downloads\PDFCreator-1_2_3_setup.exe Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
C:\Users\***\Downloads\SoftonicDownloader24680.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
|
|
19.06.2012, 23:21
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.GEN, damit hat es angefangenCode:
ATTFilter C:\Users\***\Downloads\SoftonicDownloader24680.exe
 Finger weg von Softonic!!  Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ --> TR/ATRAPS.GEN, damit hat es angefangen |
|
21.06.2012, 21:32
| #7 |
| | TR/ATRAPS.GEN, damit hat es angefangen Ok, die Softonic-exe habe ich gelöscht... Und zudem auch einige zB Spiele von BigFish, die angeblich nie installiert und benutzt wurden... Zu deinen Fragen: 1: Nein, die Dienste funktionieren noch nicht. Ich kann keine Windows-Updates suchen und installieren. Die automatischen Updates kann ich ebenfalls nicht aktivieren. Weder automatisch noch manuell. Den Windows-Defender kann ich auch nicht aktualisieren und den Echtzeit-Scanner von Avira auch noch nicht. Der Dienst lässt sich auch weiterhin nicht manuell starten. Die Windows-Firewall ist angeblich an... 2: Das Startmenü sieht normal aus. Da ist mir nichts aufgefallen. |
|
22.06.2012, 08:41
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.GEN, damit hat es angefangen Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.06.2012, 14:48
| #9 |
| | TR/ATRAPS.GEN, damit hat es angefangen So, OTL iost nochmal durchgelaufen. Während des Scans war Windows-Defender aber wohl auch aktiv und hat einen Neustart verlangt. Als OTL dann durch war habe ich den Neustart auch durchgeführt, aber anstatt Windows wieder zu starten kam die Systemreperatur. Nach erfolgreicher Reparatur stand in dem Bericht, dass die Datei 3b54d32e95b5a867.sys nicht zu finden war und eine Systemwiederherstellung durchgeführt wurde... Im Anschluss hab ich beim Defender nachgeschaut und im Verlauf zeigt er mir an, dass diese Datei in C:\Windows\System32\Drivers entfernt wurde, weil Defender "Trojan:WinNT/Necurs.A" entdeckt hat... Und hier nun der Log: Code:
ATTFilter OTL logfile created on: 24.06.2012 14:24:10 - Run 2 OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\***\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 59,51% Memory free 3,96 Gb Paging File | 3,13 Gb Available in Paging File | 79,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 148,59 Gb Total Space | 64,19 Gb Free Space | 43,20% Space Free | Partition Type: NTFS Drive D: | 72,58 Gb Total Space | 72,49 Gb Free Space | 99,88% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.04 19:35:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2009.05.21 19:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe PRC - [2008.12.11 15:33:04 | 000,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007.09.18 11:00:38 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007.09.10 22:30:02 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN PRC - [2007.09.10 22:30:00 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe PRC - [2007.04.10 16:01:32 | 004,431,872 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2006.11.22 18:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2006.03.16 01:07:06 | 000,421,888 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe ========== Modules (No Company Name) ========== MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.05.12 18:17:06 | 011,796,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03858406f9a9514402888707e8b93abe\System.Web.ni.dll MOD - [2010.05.12 18:16:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll MOD - [2010.05.12 18:15:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll MOD - [2010.04.23 19:46:50 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll MOD - [2010.04.23 19:46:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll MOD - [2010.04.23 19:45:37 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll MOD - [2010.04.23 19:41:36 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll MOD - [2010.04.23 19:41:12 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll MOD - [2008.07.27 20:00:27 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2008.07.27 20:00:17 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2008.07.27 20:00:17 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2007.09.18 11:38:25 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2589.34534__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2007.09.18 11:38:25 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2589.34592__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2007.09.18 11:38:25 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2589.34570__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2007.09.18 11:38:25 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2589.34591__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll MOD - [2007.09.18 11:38:25 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2589.34555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2007.09.18 11:38:24 | 001,671,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2589.34579__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2007.09.18 11:38:24 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2589.34821__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2007.09.18 11:38:24 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2589.34808__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2007.09.18 11:38:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2589.34761__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2007.09.18 11:38:24 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2589.34693__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2007.09.18 11:38:23 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2589.34851__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2007.09.18 11:37:53 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2589.34857__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:53 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2589.34549__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:52 | 000,344,064 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2589.34776__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:52 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2589.34843__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:52 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2589.34781__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2007.09.18 11:37:52 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2589.34773__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2007.09.18 11:37:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2589.34842__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2007.09.18 11:37:51 | 000,909,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2589.34815__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2589.34707__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2589.34606__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2589.34557__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2589.34795__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2007.09.18 11:37:51 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2589.34748__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2589.34613__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2007.09.18 11:37:51 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2589.34599__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2589.34728__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:51 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2589.34703__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2007.09.18 11:37:51 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2589.34727__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2007.09.18 11:37:51 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2589.34612__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2007.09.18 11:37:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2589.34747__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2007.09.18 11:37:50 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2589.34698__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2007.09.18 11:37:50 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2589.34694__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2007.09.18 11:37:50 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2589.34702__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2007.09.18 11:37:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2007.09.18 11:37:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2007.09.18 11:37:50 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2007.09.18 11:37:49 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2560.25961__90ba9c70f846762e\CLI.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2560.25971__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2007.09.18 11:37:49 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2537.29860__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2007.09.18 11:37:49 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2007.09.18 11:37:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2007.09.18 11:37:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2560.25959__90ba9c70f846762e\LOG.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2560.26040__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2007.09.18 11:37:49 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2560.25964__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2560.25973__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2560.25968__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2560.25974__90ba9c70f846762e\MOM.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2560.26001__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2560.26002__90ba9c70f846762e\DEM.OS.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2560.25997__90ba9c70f846762e\DEM.Graphics.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2531.19989__90ba9c70f846762e\DEM.Foundation.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2007.09.18 11:37:48 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2560.26001__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2560.25986__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2560.26001__90ba9c70f846762e\APM.Foundation.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2560.25960__90ba9c70f846762e\AEM.Foundation.dll MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2531.19989__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2007.09.18 11:37:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2007.09.18 11:37:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2560.25970__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2007.09.18 11:37:43 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2589.34827_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2007.09.18 11:37:43 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2589.34878__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2007.09.18 11:37:42 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2589.34565__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2007.09.18 11:37:42 | 000,389,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2589.34827__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2007.09.18 11:37:42 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2589.34834__90ba9c70f846762e\MOM.Implementation.dll MOD - [2007.09.18 11:37:42 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2589.34833__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2007.09.18 11:37:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2560.25980__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2007.09.18 11:37:42 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2560.25964__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2007.09.18 11:37:42 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2560.26010__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2007.09.18 11:37:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2560.25982__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2007.09.18 11:37:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2560.25966__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2007.09.18 11:37:41 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2589.34533__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2007.09.18 11:37:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2560.25981__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2007.09.18 11:37:40 | 001,404,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2589.34543__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2007.09.18 11:37:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2560.25970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2007.09.18 11:37:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2560.26004__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2007.09.18 11:37:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2589.34533__90ba9c70f846762e\ATIDEMOS.dll MOD - [2007.09.18 11:37:39 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2589.34532__90ba9c70f846762e\AEM.Server.dll MOD - [2007.09.18 11:37:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2007.09.18 11:37:39 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2589.34834__90ba9c70f846762e\CCC.Implementation.dll MOD - [2007.08.08 20:15:02 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.3\program\libxml2.dll MOD - [2007.02.02 16:01:32 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2007.01.19 17:23:44 | 000,016,384 | R--- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2006.12.19 19:16:04 | 000,073,728 | ---- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll MOD - [2006.11.22 18:31:30 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll MOD - [2006.11.22 18:31:28 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService) SRV - [2012.06.18 22:07:31 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2008.06.20 03:17:50 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2007.09.18 11:24:16 | 000,286,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) SRV - [2007.09.18 11:00:38 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) SRV - [2006.11.02 14:35:32 | 000,051,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2006.11.02 11:46:05 | 000,065,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | System | Unknown] -- C:\Windows\system32\ntqfmifz.sys -- (ntqfmifz) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2012.05.13 10:25:19 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.10.26 14:23:40 | 000,101,112 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREdrv.sys -- (SBRE) DRV - [2011.10.19 17:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\Rtlh86.sys -- (RTL8169) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.04.19 21:29:20 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\netaapl.sys -- (Netaapl) DRV - [2010.02.23 15:14:51 | 000,211,968 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\mrxsmb10.sys -- (mrxsmb10) DRV - [2010.02.23 15:14:42 | 000,058,368 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\mrxsmb20.sys -- (mrxsmb20) DRV - [2010.02.23 15:14:41 | 000,102,400 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\mrxsmb.sys -- (mrxsmb) DRV - [2010.02.20 23:30:16 | 000,396,800 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HTTP.sys -- (HTTP) DRV - [2010.02.18 14:05:37 | 000,815,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\tcpip.sys -- (Tcpip6) DRV - [2010.02.18 14:05:37 | 000,815,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip) DRV - [2010.02.18 14:04:38 | 000,025,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\tunnel.sys -- (tunnel) DRV - [2010.02.18 14:04:30 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\tunmp.sys -- (tunmp) DRV - [2009.12.11 14:15:49 | 000,306,688 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\srv.sys -- (srv) DRV - [2009.12.11 14:15:30 | 000,084,992 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\srvnet.sys -- (srvnet) DRV - [2009.09.14 11:50:54 | 000,130,048 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\DRIVERS\srv2.sys -- (srv2) DRV - [2009.09.05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009.07.14 03:19:10 | 000,445,008 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000) DRV - [2009.06.15 20:12:26 | 000,408,136 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD) DRV - [2008.09.22 15:53:31 | 000,110,080 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2008.09.22 15:48:26 | 001,060,920 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs) DRV - [2008.09.22 15:48:25 | 000,041,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\monitor.sys -- (monitor) DRV - [2008.09.22 15:42:33 | 000,015,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pciide.sys -- (pciide) DRV - [2008.09.22 15:42:32 | 000,211,000 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap) DRV - [2008.09.22 15:42:31 | 000,154,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\nwifi.sys -- (NativeWifiP) DRV - [2008.09.22 15:40:48 | 000,193,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\usbhub.sys -- (usbhub) DRV - [2008.09.22 15:40:47 | 000,038,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\usbehci.sys -- (usbehci) DRV - [2008.09.22 15:40:47 | 000,019,456 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\usbohci.sys -- (usbohci) DRV - [2008.09.22 15:40:46 | 000,073,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\usbccgp.sys -- (usbccgp) DRV - [2008.09.22 15:28:09 | 000,054,784 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\i8042prt.sys -- (i8042prt) DRV - [2008.09.22 15:28:09 | 000,035,384 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\kbdclass.sys -- (kbdclass) DRV - [2008.09.22 15:28:09 | 000,034,360 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\mouclass.sys -- (mouclass) DRV - [2008.09.22 15:28:09 | 000,019,968 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse) DRV - [2007.09.18 11:24:17 | 000,048,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy) DRV - [2007.09.18 11:24:17 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\ndistapi.sys -- (NdisTapi) DRV - [2007.09.18 11:24:16 | 000,061,952 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\wanarp.sys -- (Wanarpv6) DRV - [2007.09.18 11:24:16 | 000,061,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wanarp.sys -- (Wanarp) DRV - [2007.09.18 11:24:15 | 000,070,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\pacer.sys -- (PSched) DRV - [2007.09.18 11:16:56 | 000,055,296 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\USBSTOR.SYS -- (USBSTOR) DRV - [2007.09.18 11:12:49 | 000,063,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv) DRV - [2007.09.18 10:58:55 | 000,074,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\rasl2tp.sys -- (Rasl2tp) WAN-Miniport (L2TP) DRV - [2007.09.18 10:58:55 | 000,060,928 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\raspptp.sys -- (PptpMiniport) WAN-Miniport (PPTP) DRV - [2007.02.02 16:09:42 | 002,385,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\atikmdag.sys -- (R300) DRV - [2006.11.22 18:35:00 | 000,982,272 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\smserial.sys -- (smserial) DRV - [2006.11.02 14:34:31 | 000,031,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv) DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300) DRV - [2006.11.02 11:51:42 | 000,500,840 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS) DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor) DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci) DRV - [2006.11.02 11:51:30 | 000,290,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx) DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci) DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iastorv.sys -- (iaStorV) DRV - [2006.11.02 11:51:12 | 000,168,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\msiscsi.sys -- (iScsiPrt) DRV - [2006.11.02 11:51:12 | 000,167,528 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia) DRV - [2006.11.02 11:51:09 | 000,160,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC) DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320) DRV - [2006.11.02 11:50:57 | 000,140,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci) DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006.11.02 11:50:40 | 000,106,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nv_agp.sys -- (nv_agp) DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 11:50:28 | 000,050,792 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\termdd.sys -- (TermDD) DRV - [2006.11.02 11:50:24 | 000,050,280 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr) DRV - [2006.11.02 11:50:24 | 000,047,208 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp) DRV - [2006.11.02 11:50:24 | 000,046,696 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\System32\Drivers\mup.sys -- (Mup) DRV - [2006.11.02 11:50:23 | 000,049,256 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr) DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 11:50:17 | 000,080,488 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm) DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 11:50:16 | 000,078,952 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio) DRV - [2006.11.02 11:50:16 | 000,076,392 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port) DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor) DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas) DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs) DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc) DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006.11.02 11:50:04 | 000,058,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uliagpkx.sys -- (uliagpkx) DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 11:49:59 | 000,056,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\uagp35.sys -- (uagp35) DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 11:49:57 | 000,054,888 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr) DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 11:49:54 | 000,028,776 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\mssmbios.sys -- (mssmbios) DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas) DRV - [2006.11.02 11:49:52 | 000,054,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viaagp.sys -- (viaagp) DRV - [2006.11.02 11:49:49 | 000,027,752 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp) DRV - [2006.11.02 11:49:44 | 000,023,144 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci) DRV - [2006.11.02 11:49:38 | 000,019,560 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd) DRV - [2006.11.02 11:49:35 | 000,018,536 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr) DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide) DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide) DRV - [2006.11.02 11:49:26 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide) DRV - [2006.11.02 11:49:24 | 000,014,952 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide) DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide) DRV - [2006.11.02 11:49:20 | 000,013,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv) DRV - [2006.11.02 11:49:20 | 000,012,776 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\swenum.sys -- (swenum) DRV - [2006.11.02 11:14:58 | 000,018,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\usbprint.sys -- (usbprint) DRV - [2006.11.02 11:14:19 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\serscan.sys -- (StillCam) DRV - [2006.11.02 11:14:17 | 000,035,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\usbscan.sys -- (usbscan) DRV - [2006.11.02 11:04:35 | 000,878,080 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\peauth.sys -- (PEAUTH) DRV - [2006.11.02 11:04:23 | 000,039,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wpdusb.sys -- (WpdUsb) DRV - [2006.11.02 11:03:00 | 000,242,688 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr) DRV - [2006.11.02 11:02:15 | 000,160,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD) DRV - [2006.11.02 11:02:07 | 000,023,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\tssecsrv.sys -- (tssecsrv) DRV - [2006.11.02 11:02:01 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP) DRV - [2006.11.02 11:02:01 | 000,017,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2006.11.02 11:02:01 | 000,006,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\rdpencdd.sys -- (RDPENCDD) DRV - [2006.11.02 11:02:01 | 000,006,144 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\RDPCDD.sys -- (RDPCDD) DRV - [2006.11.02 10:58:52 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\modem.sys -- (Modem) DRV - [2006.11.02 10:58:26 | 000,015,872 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2006.11.02 10:58:14 | 000,118,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\ndiswan.sys -- (NdisWan) DRV - [2006.11.02 10:58:13 | 000,011,776 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\rasacd.sys -- (RasAcd) DRV - [2006.11.02 10:58:12 | 000,041,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\raspppoe.sys -- (RasPppoe) DRV - [2006.11.02 10:58:09 | 000,099,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipnat.sys -- (IPNAT) DRV - [2006.11.02 10:58:04 | 000,047,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipfltdrv.sys -- (IpFilterDriver) DRV - [2006.11.02 10:57:47 | 000,027,648 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg) DRV - [2006.11.02 10:57:35 | 000,068,096 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\tdx.sys -- (tdx) DRV - [2006.11.02 10:57:30 | 000,016,384 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy) DRV - [2006.11.02 10:57:26 | 000,035,840 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\DRIVERS\netbios.sys -- (NetBIOS) DRV - [2006.11.02 10:57:22 | 000,016,896 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\ndisuio.sys -- (Ndisuio) DRV - [2006.11.02 10:57:20 | 000,184,320 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\netbt.sys -- (netbt) DRV - [2006.11.02 10:57:10 | 000,066,048 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\DRIVERS\smb.sys -- (Smb) DRV - [2006.11.02 10:57:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM) DRV - [2006.11.02 10:56:49 | 000,060,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\DRIVERS\rspndr.sys -- (rspndr) DRV - [2006.11.02 10:56:49 | 000,047,104 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\DRIVERS\lltdio.sys -- (lltdio) DRV - [2006.11.02 10:55:24 | 000,034,816 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\umbus.sys -- (umbus) DRV - [2006.11.02 10:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM) DRV - [2006.11.02 10:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth) DRV - [2006.11.02 10:55:16 | 000,062,080 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394) DRV - [2006.11.02 10:55:09 | 000,068,608 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR) DRV - [2006.11.02 10:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass) DRV - [2006.11.02 10:55:05 | 000,022,528 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\usbuhci.sys -- (usbuhci) DRV - [2006.11.02 10:55:04 | 000,071,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaudio.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2006.11.02 10:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr) DRV - [2006.11.02 10:55:01 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb) DRV - [2006.11.02 10:54:52 | 000,082,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\WUDFRd.sys -- (WUDFRd) DRV - [2006.11.02 10:53:56 | 000,026,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\vgapnp.sys -- (vga) DRV - [2006.11.02 10:53:56 | 000,025,088 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave) DRV - [2006.11.02 10:52:52 | 000,020,608 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen) DRV - [2006.11.02 10:51:40 | 000,013,312 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy) DRV - [2006.11.02 10:51:40 | 000,012,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd) DRV - [2006.11.02 10:51:40 | 000,012,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc) DRV - [2006.11.02 10:51:38 | 000,013,312 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk) DRV - [2006.11.02 10:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc) DRV - [2006.11.02 10:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk) DRV - [2006.11.02 10:51:30 | 000,083,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2006.11.02 10:51:30 | 000,079,360 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport) DRV - [2006.11.02 10:51:25 | 000,017,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum) DRV - [2006.11.02 10:51:23 | 000,008,704 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm) DRV - [2006.11.02 10:51:15 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MSKSSRV.sys -- (MSKSSRV) DRV - [2006.11.02 10:51:14 | 000,005,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MSPQM.sys -- (MSPQM) DRV - [2006.11.02 10:51:13 | 000,006,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MSTEE.sys -- (MSTEE) DRV - [2006.11.02 10:51:13 | 000,005,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MSPCLOCK.sys -- (MSPCLOCK) DRV - [2006.11.02 10:51:12 | 000,015,872 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid) DRV - [2006.11.02 10:51:12 | 000,015,872 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid) DRV - [2006.11.02 10:51:05 | 000,004,608 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null) DRV - [2006.11.02 10:42:03 | 000,065,536 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ipmidrv.sys -- (IPMIDRV) DRV - [2006.11.02 10:35:03 | 000,011,264 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi) DRV - [2006.11.02 10:33:07 | 000,083,456 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv) DRV - [2006.11.02 10:31:26 | 000,222,208 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\DRIVERS\rdbss.sys -- (rdbss) DRV - [2006.11.02 10:30:57 | 000,225,280 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\udfs.sys -- (udfs) DRV - [2006.11.02 10:30:57 | 000,034,816 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs) DRV - [2006.11.02 10:30:56 | 000,022,528 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs) DRV - [2006.11.02 10:30:19 | 000,039,424 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7) DRV - [2006.11.02 10:30:18 | 000,039,424 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\intelppm.sys -- (intelppm) DRV - [2006.11.02 10:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe) DRV - [2006.11.02 10:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7) DRV - [2006.11.02 10:30:18 | 000,038,400 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor) DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.07.14 14:55:42 | 000,089,344 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm) DRV - [2006.07.14 14:55:34 | 000,105,088 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2006.05.11 11:30:52 | 000,247,808 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iastor.sys -- (iaStor) DRV - [2006.03.31 02:18:30 | 000,100,992 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viamraid.sys -- (viamraid) DRV - [2005.01.11 17:58:48 | 000,030,976 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com/ IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&q={searchTerms}&rlz=1I7FUJC_deDE294 IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.12.11 15:33:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.04.03 17:07:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.20 16:45:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.18 21:08:02 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.04.03 17:07:41 | 000,000,000 | ---D | M] [2010.04.13 12:53:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2012.01.29 22:43:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions [2010.04.30 13:47:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2008.10.05 20:02:29 | 000,000,681 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\ask.xml [2012.06.18 20:52:17 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-1.xml [2010.11.01 22:25:10 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-10.xml [2010.11.04 11:51:58 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-11.xml [2010.12.16 21:13:15 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-12.xml [2011.05.15 13:15:01 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-13.xml [2008.10.01 16:42:27 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-2.xml [2008.11.20 14:16:25 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-3.xml [2009.01.04 10:12:02 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-4.xml [2009.01.04 10:14:25 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-5.xml [2010.07.02 08:08:31 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-6.xml [2010.07.08 18:56:42 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-7.xml [2010.08.11 14:34:57 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-8.xml [2010.08.11 18:36:10 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-9.xml [2009.07.13 18:12:02 | 000,000,944 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin.xml [2012.06.18 21:08:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2007.09.18 11:44:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.03.04 18:59:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.06.18 21:08:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.01.29 22:43:25 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70AG819C.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2011.11.20 14:11:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.25 09:30:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.25 09:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.10.25 09:30:40 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.10.25 09:30:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.25 09:30:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.25 09:30:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [368o0qiuym] C:\ProgramData\368o0qiuym.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm Installer] "C:\Program Files\CheckPoint\Install\Launcher.exe" "C:\Program Files\CheckPoint\Install\Install.exe" /r download /c "C:\Program Files\CheckPoint\Install\Install.xml" /w File not found O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [] File not found O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [368o0qiuym] C:\Users\***\368o0qiuym.exe () O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent File not found O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [Regedit32] C:\Windows\system32\regedit.exe File not found O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O7 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3BB9DE0-2AD6-4225-9C24-D26B30D33C84}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - C:\Windows\System32\drivers\sermouse.sys () SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - C:\Windows\System32\DRIVERS\vgapnp.sys () SafeBootMin: vgasave.sys - C:\Windows\System32\drivers\vga.sys () SafeBootMin: volmgr.sys - C:\Windows\System32\drivers\volmgr.sys () SafeBootMin: volmgrx.sys - C:\Windows\System32\drivers\volmgrx.sys () SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AFD - C:\Windows\System32\drivers\afd.sys () SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: bowser - C:\Windows\System32\DRIVERS\bowser.sys () SafeBootNet: dfsc - C:\Windows\System32\Drivers\dfsc.sys () SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: ipnat.sys - C:\Windows\System32\DRIVERS\ipnat.sys () SafeBootNet: Messenger - Service SafeBootNet: MPSDrv - C:\Windows\System32\drivers\mpsdrv.sys () SafeBootNet: mrxsmb - C:\Windows\System32\DRIVERS\mrxsmb.sys () SafeBootNet: mrxsmb10 - C:\Windows\System32\DRIVERS\mrxsmb10.sys () SafeBootNet: mrxsmb20 - C:\Windows\System32\DRIVERS\mrxsmb20.sys () SafeBootNet: NativeWifiP - C:\Windows\System32\DRIVERS\nwifi.sys () SafeBootNet: NDIS - C:\Windows\System32\drivers\ndis.sys () SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: Ndisuio - C:\Windows\System32\DRIVERS\ndisuio.sys () SafeBootNet: NetBIOS - C:\Windows\System32\DRIVERS\netbios.sys () SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetBT - C:\Windows\System32\DRIVERS\netbt.sys () SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nsiproxy.sys - C:\Windows\System32\drivers\nsiproxy.sys () SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdbss - C:\Windows\System32\DRIVERS\rdbss.sys () SafeBootNet: rdpencdd.sys - C:\Windows\System32\drivers\rdpencdd.sys () SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - C:\Windows\System32\drivers\sermouse.sys () SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: Tcpip - C:\Windows\System32\drivers\tcpip.sys () SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - C:\Windows\System32\DRIVERS\vgapnp.sys () SafeBootNet: vgasave.sys - C:\Windows\System32\drivers\vga.sys () SafeBootNet: volmgr.sys - C:\Windows\System32\drivers\volmgr.sys () SafeBootNet: volmgrx.sys - C:\Windows\System32\drivers\volmgrx.sys () SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: ccc-core-static - msiexec /fums {C61E8F12-31F1-C2E6-DC0C-505CBF2BEE57} /qb Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT System Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2012.06.24 14:18:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2012.06.21 22:10:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Avira [2012.06.21 22:09:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira(1) [2012.06.21 22:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\Avira(0) [2012.06.19 18:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.06.18 22:09:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Macromedia [2012.06.18 21:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.06.18 20:54:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2012.06.18 20:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.18 20:54:13 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.06.18 20:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.06.18 20:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.06.18 20:35:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.06.18 20:35:15 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2012.06.18 20:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.06.18 20:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.06.10 18:22:55 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.24 14:21:51 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.06.24 14:21:51 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.06.24 14:21:51 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.06.24 14:21:51 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.06.24 14:20:58 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{52B109CC-A65C-4907-8388-666C93303733}.job [2012.06.24 14:15:37 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.24 14:15:37 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\RegistryDoktor.job [2012.06.24 14:14:28 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.24 14:14:28 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.24 14:14:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.24 14:14:15 | 2011,283,456 | -HS- | M] () -- C:\hiberfil.sys [2012.06.19 20:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.19 20:37:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.11 19:45:42 | 099,308,192 | ---- | M] () -- C:\Users\***\Desktop\avira_free_antivirus_de12001125.exe [2012.06.04 19:42:03 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2012.06.04 19:35:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.11 19:44:48 | 099,308,192 | ---- | C] () -- C:\Users\***\Desktop\avira_free_antivirus_de12001125.exe [2012.06.04 19:42:03 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2012.05.20 12:33:15 | 000,069,376 | ---- | C] () -- C:\Windows\System32\drivers\3b54d32e95b5a867.sys [2012.05.20 12:31:38 | 000,039,424 | ---- | C] () -- C:\ProgramData\368o0qiuym.exe [2012.05.14 19:18:30 | 000,093,816 | ---- | C] () -- C:\Windows\System32\drivers\sbhips.sys [2012.05.14 19:18:30 | 000,084,600 | ---- | C] () -- C:\Windows\System32\drivers\sbtis.sys [2012.05.14 19:18:01 | 000,094,584 | ---- | C] () -- C:\Windows\System32\drivers\SbFwIm.sys [2012.05.14 19:18:00 | 000,223,864 | ---- | C] () -- C:\Windows\System32\drivers\SbFw.sys [2012.02.09 23:36:00 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.02.09 23:36:00 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.01.29 22:03:26 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2012.01.29 22:03:26 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011.11.29 06:59:52 | 000,077,816 | ---- | C] () -- C:\Windows\System32\drivers\sbapifs.sys [2011.11.20 17:41:42 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011.11.20 14:58:24 | 000,137,928 | ---- | C] () -- C:\Windows\System32\drivers\avipbb.sys [2011.11.20 14:58:24 | 000,036,000 | ---- | C] () -- C:\Windows\System32\drivers\avkmgr.sys [2011.10.26 14:23:40 | 000,101,112 | ---- | C] () -- C:\Windows\System32\drivers\SBREDrv.sys [2011.05.10 08:06:08 | 000,042,496 | ---- | C] () -- C:\Windows\System32\drivers\usbaapl.sys [2011.04.03 16:52:32 | 000,217,396 | ---- | C] () -- C:\Windows\hpoins46.dat [2011.04.03 16:52:32 | 000,000,606 | ---- | C] () -- C:\Windows\hpomdl46.dat [2011.03.18 15:38:15 | 000,219,409 | ---- | C] () -- C:\Windows\hpoins46.dat.temp [2011.03.18 15:38:15 | 000,000,606 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp [2011.02.19 13:02:55 | 000,445,008 | ---- | C] () -- C:\Windows\System32\drivers\Wdf01000.sys [2011.02.19 13:02:55 | 000,038,480 | ---- | C] () -- C:\Windows\System32\drivers\WdfLdr.sys [2010.09.20 18:09:05 | 000,546,482 | ---- | C] () -- C:\Users\***\AppData\Roaming\mdbu.bin ========== LOP Check ========== [2010.04.15 09:56:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AVP 2009 [2012.04.17 10:58:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular [2008.10.19 17:30:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InterVideo [2011.11.20 17:41:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge [2010.07.08 21:14:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer [2008.12.08 16:05:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template [2012.06.24 14:15:37 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\RegistryDoktor.job [2012.06.21 23:04:25 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.06.24 14:20:58 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{52B109CC-A65C-4907-8388-666C93303733}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.09.07 14:54:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe [2008.10.06 12:34:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ahead [2012.03.27 19:43:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Apple Computer [2008.09.21 14:53:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ATI [2012.06.21 22:10:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avira [2010.04.15 09:56:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AVP 2009 [2012.02.19 21:50:18 | 000,000,000 | R--D | M] -- C:\Users\***\AppData\Roaming\Brother [2008.12.28 00:25:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\dvdcss [2012.04.17 10:58:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular [2008.09.22 14:40:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Google [2009.11.26 10:19:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HP [2011.11.01 11:49:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HpUpdate [2008.09.21 14:47:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities [2008.10.19 17:30:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InterVideo [2012.06.24 14:22:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia [2012.06.18 20:54:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes [2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs [2011.09.07 14:54:42 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft [2010.04.13 12:53:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla [2012.06.24 14:16:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org2 [2011.11.20 17:41:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge [2009.12.04 23:06:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Real [2008.09.22 12:36:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Talkback [2010.07.08 21:14:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer [2008.12.08 16:05:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template [2010.01.20 03:31:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\vlc [2009.11.26 09:47:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Yahoo! < %APPDATA%\*.exe /s > [2010.05.23 12:52:48 | 000,443,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\***\AppData\Roaming\Real\Update\setup3.10\setup.exe [2010.09.13 11:04:23 | 000,456,200 | ---- | M] (RealNetworks, Inc.) -- C:\Users\***\AppData\Roaming\Real\Update\setup3.12\setup.exe [2011.01.28 14:53:26 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\***\AppData\Roaming\Real\Update\setup3.13\setup.exe [2012.06.18 21:01:33 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\***\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe [2012.06.11 19:37:49 | 028,087,744 | ---- | M] (RealNetworks, Inc.) -- C:\Users\***\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\stub_data\RealPlayer_de.exe [2012.06.11 19:36:56 | 000,693,504 | ---- | M] (RealNetworks, Inc.) -- C:\Users\***\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\stub_exe\RealPlayer_de.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\AGP440.sys < MD5 for: ATAPI.SYS > [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008.09.22 15:42:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2008.09.22 15:42:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2008.09.22 15:42:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys [2008.09.22 15:42:33 | 000,021,560 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2006.05.11 11:30:52 | 000,247,808 | ---- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_6c3369af\iaStor.sys [2006.05.11 11:30:52 | 000,247,808 | ---- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_0d20ce62\iaStor.sys [2006.05.11 11:30:52 | 000,247,808 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\iaStor.sys < MD5 for: IASTORV.SYS > [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll [2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll < MD5 for: NVATABUS.SYS > [2006.07.14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=7D960340BE5B0E008BB94E4C3B991339 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_27229839\nvatabus.sys [2006.07.14 14:55:34 | 000,105,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\nvatabus.sys < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2006.11.02 11:50:13 | 000,040,040 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\nvstor.sys < MD5 for: SCECLI.DLL > [2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll [2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll < MD5 for: USER32.DLL > [2007.09.18 10:51:37 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll [2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll [2007.09.18 10:51:37 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2007.09.18 10:51:37 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll < MD5 for: USERINIT.EXE > [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: VIAMRAID.SYS > [2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Windows\System32\DriverStore\FileRepository\viamraid.inf_2d6a7e3a\viamraid.sys [2006.03.31 02:18:30 | 000,100,992 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\viamraid.sys < MD5 for: WININIT.EXE > [2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\System32\wininit.exe [2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe [2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe < MD5 for: WS2IFSL.SYS > [2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys [2006.11.02 10:58:26 | 000,015,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2012.05.20 12:33:16 | 000,069,376 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\3b54d32e95b5a867.sys [2006.11.02 11:51:32 | 000,297,576 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\adpahci.sys [2006.11.02 11:50:35 | 000,098,408 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\adpu160m.sys [2006.11.02 11:51:00 | 000,147,048 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\adpu320.sys [2006.11.02 10:58:43 | 000,270,336 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\afd.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\AGP440.sys [2006.11.02 11:49:20 | 000,014,952 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\aliide.sys [2006.11.02 11:49:59 | 000,054,888 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\AMDAGP.SYS [2006.11.02 11:49:26 | 000,015,464 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\amdide.sys [2006.11.02 10:30:18 | 000,038,912 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\amdk7.sys [2006.11.02 10:30:18 | 000,040,960 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\amdk8.sys [2006.11.02 11:50:09 | 000,067,688 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\arc.sys [2006.11.02 11:50:10 | 000,067,688 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\arcsas.sys [2006.11.02 10:58:10 | 000,017,408 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\asyncmac.sys [2008.09.22 15:42:33 | 000,021,560 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\atapi.sys [2008.09.22 15:42:33 | 000,109,624 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ataport.sys [2009.09.05 14:25:36 | 001,183,744 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\athr.sys [2007.02.02 16:09:42 | 002,385,920 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\atikmdag.sys [2012.05.13 10:25:19 | 000,137,928 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\avipbb.sys [2011.10.19 17:56:15 | 000,036,000 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\avkmgr.sys [2008.09.22 15:54:46 | 000,028,344 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\battc.sys [2006.11.02 10:51:03 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\beep.sys [2006.11.02 10:31:12 | 000,069,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\bowser.sys [2006.11.02 10:24:45 | 000,013,568 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\BrFiltLo.sys [2006.11.02 10:24:46 | 000,005,248 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\BrFiltUp.sys [2006.11.02 11:23:19 | 000,093,184 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\bridge.sys [2006.11.02 10:25:24 | 000,071,808 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\BrSerId.sys [2006.11.02 10:24:44 | 000,062,336 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\BrSerWdm.sys [2006.11.02 10:24:44 | 000,012,160 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\BrUsbMdm.sys [2006.11.02 10:24:47 | 000,011,904 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\BrUsbSer.sys [2006.11.02 10:55:23 | 000,039,936 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\bthmodem.sys [2006.11.02 10:30:50 | 000,070,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\cdfs.sys [2006.11.02 10:51:44 | 000,067,072 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\cdrom.sys [2006.11.02 10:55:08 | 000,035,328 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\circlass.sys [2006.11.02 11:50:51 | 000,125,032 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Classpnp.sys [2008.09.22 15:54:47 | 000,014,208 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\CmBatt.sys [2006.11.02 11:49:28 | 000,016,488 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\cmdide.sys [2008.09.22 15:54:47 | 000,020,920 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\compbatt.sys [2006.11.02 11:50:02 | 000,033,384 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\crashdmp.sys [2006.11.02 11:49:43 | 000,022,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\crcdisk.sys [2006.11.02 10:30:18 | 000,038,912 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\crusoe.sys [2006.11.02 10:31:04 | 000,074,752 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\dfsc.sys [2006.11.02 11:49:51 | 000,052,840 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\disk.sys [2006.11.02 10:51:36 | 000,019,456 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Diskdump.sys [2006.11.02 11:50:11 | 000,071,272 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\djsvs.sys [2006.11.02 10:51:04 | 000,131,584 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Dot4.sys [2006.11.02 10:51:02 | 000,016,384 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Dot4Prt.sys [2006.11.02 10:51:03 | 000,036,864 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Dot4usb.sys [2006.11.02 11:20:50 | 000,130,048 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\drmk.sys [2006.11.02 10:54:59 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\drmkaud.sys [2006.11.02 11:49:48 | 000,026,728 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Dumpata.sys [2006.11.02 10:38:17 | 000,013,312 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\dxapi.sys [2006.11.02 10:38:18 | 000,076,288 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\dxg.sys [2007.09.18 11:28:01 | 000,621,056 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\dxgkrnl.sys [2006.11.02 09:30:54 | 000,117,760 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\E1G60I32.sys [2006.11.02 14:34:35 | 000,132,200 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ecache.sys [2006.11.02 11:51:34 | 000,316,520 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\elxstor.sys [2006.11.02 10:30:49 | 000,142,336 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\fastfat.sys [2006.11.02 10:51:33 | 000,025,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\fdc.sys [2006.11.02 11:49:58 | 000,056,424 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\fileinfo.sys [2006.11.02 10:32:55 | 000,027,648 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\filetrace.sys [2006.11.02 10:51:32 | 000,020,480 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\flpydisk.sys [2006.11.02 11:51:14 | 000,183,912 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\fltMgr.sys [2007.09.18 11:01:49 | 000,012,800 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\fs_rec.sys [2006.11.02 10:57:29 | 000,084,992 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\FWPKCLNT.SYS [2006.11.02 11:50:04 | 000,058,984 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\GAGP30KX.SYS [2009.05.18 15:17:00 | 000,026,600 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\GEARAspiWDM.sys [2007.09.18 11:18:21 | 000,053,760 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\hdaudbus.sys [2006.11.02 09:36:49 | 000,235,520 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\HdAudio.sys [2006.11.02 10:55:22 | 000,029,184 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\hidbth.sys [2006.11.02 10:55:01 | 000,038,912 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\hidclass.sys [2006.11.02 10:55:01 | 000,021,504 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\hidir.sys [2006.11.02 10:55:01 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\hidusb.sys [2006.11.02 11:50:10 | 000,037,480 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\HpCISSs.sys [2010.02.20 23:30:16 | 000,396,800 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\http.sys [2006.11.02 11:49:25 | 000,016,488 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\i2omgmt.sys [2006.11.02 11:49:49 | 000,027,752 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\i2omp.sys [2008.09.22 15:28:09 | 000,054,784 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\i8042prt.sys [2006.05.11 11:30:52 | 000,247,808 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\iaStor.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\iaStorV.sys [2006.11.02 11:50:17 | 000,041,576 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\iirsp.sys [2006.11.02 11:49:24 | 000,014,952 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\intelide.sys [2006.11.02 10:30:18 | 000,039,424 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\intelppm.sys [2006.11.02 10:58:04 | 000,047,104 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ipfltdrv.sys [2006.11.02 10:42:03 | 000,065,536 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\IPMIDrv.sys [2006.11.02 10:58:09 | 000,099,840 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ipnat.sys [2006.11.02 10:57:10 | 000,095,744 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\irda.sys [2006.11.02 10:57:04 | 000,013,312 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\irenum.sys [2006.11.02 11:50:24 | 000,047,208 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\isapnp.sys [2006.11.02 11:50:07 | 000,035,944 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\iteatapi.sys [2006.11.02 11:50:09 | 000,035,944 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\iteraid.sys [2008.09.22 15:28:09 | 000,035,384 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\kbdclass.sys [2006.11.02 10:51:12 | 000,015,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\kbdhid.sys [2006.11.02 10:51:20 | 000,148,992 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ks.sys [2009.06.15 20:12:26 | 000,408,136 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ksecdd.sys [2006.11.02 10:56:49 | 000,047,104 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\lltdio.sys [2006.11.02 11:50:04 | 000,065,640 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\lsi_fc.sys [2006.11.02 11:50:05 | 000,065,640 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\lsi_sas.sys [2006.11.02 11:50:10 | 000,065,640 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\lsi_scsi.sys [2006.11.02 10:33:07 | 000,083,456 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\luafv.sys [2006.11.02 10:52:01 | 000,018,944 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mcd.sys [2006.11.02 11:49:53 | 000,028,776 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\megasas.sys [2006.11.02 10:58:52 | 000,031,744 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\modem.sys [2008.09.22 15:48:25 | 000,041,984 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\monitor.sys [2008.09.22 15:28:09 | 000,034,360 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mouclass.sys [2006.11.02 10:51:12 | 000,015,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mouhid.sys [2006.11.02 11:49:57 | 000,054,888 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mountmgr.sys [2006.11.02 11:50:16 | 000,078,952 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mpio.sys [2007.09.18 11:12:49 | 000,063,488 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mpsdrv.sys [2006.11.02 11:49:59 | 000,033,384 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Mraid35x.sys [2008.09.22 15:53:31 | 000,110,080 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mrxdav.sys [2010.02.23 15:14:41 | 000,102,400 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mrxsmb.sys [2010.02.23 15:14:51 | 000,211,968 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mrxsmb10.sys [2010.02.23 15:14:42 | 000,058,368 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mrxsmb20.sys [2006.11.02 11:49:44 | 000,023,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\msahci.sys [2006.11.02 11:50:17 | 000,080,488 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\msdsm.sys [2006.11.02 10:30:56 | 000,022,528 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\msfs.sys [2006.11.02 11:49:20 | 000,013,928 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\msisadrv.sys [2006.11.02 11:51:12 | 000,168,552 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\msiscsi.sys [2006.11.02 10:51:15 | 000,008,192 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mskssrv.sys [2006.11.02 10:51:13 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mspclock.sys [2006.11.02 10:51:14 | 000,005,504 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mspqm.sys [2006.11.02 11:51:09 | 000,160,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\msrpc.sys [2006.11.02 11:49:54 | 000,028,776 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mssmbios.sys [2006.11.02 10:51:13 | 000,006,016 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mstee.sys [2006.11.02 11:50:24 | 000,046,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\mup.sys [2006.11.02 11:51:42 | 000,500,840 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ndis.sys [2007.09.18 11:24:17 | 000,020,480 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ndistapi.sys [2006.11.02 10:57:22 | 000,016,896 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ndisuio.sys [2006.11.02 10:58:14 | 000,118,784 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ndiswan.sys [2007.09.18 11:24:17 | 000,048,640 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ndproxy.sys [2010.04.19 21:29:20 | 000,018,432 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\netaapl.sys [2006.11.02 10:57:26 | 000,035,840 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\netbios.sys [2006.11.02 10:57:20 | 000,184,320 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\netbt.sys [2009.08.14 19:16:11 | 000,213,592 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\netio.sys [2006.11.02 11:50:19 | 000,045,160 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\nfrd960.sys [2006.11.02 10:30:57 | 000,034,816 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\npfs.sys [2006.11.02 10:57:30 | 000,016,384 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\nsiproxy.sys [2008.09.22 15:48:26 | 001,060,920 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ntfs.sys [2006.11.02 09:36:50 | 000,020,608 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ntrigdigi.sys [2006.11.02 10:51:05 | 000,004,608 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\null.sys [2006.07.14 14:55:34 | 000,105,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\nvatabus.sys [2006.07.14 14:55:42 | 000,089,344 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\nvraid.sys [2006.11.02 11:50:13 | 000,040,040 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\nvstor.sys [2006.11.02 11:50:40 | 000,106,600 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\NV_AGP.SYS [2008.09.22 15:42:31 | 000,154,624 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\nwifi.sys [2006.11.02 10:55:16 | 000,062,080 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ohci1394.sys [2007.09.18 11:24:15 | 000,070,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\pacer.sys [2006.11.02 10:51:30 | 000,079,360 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\parport.sys [2006.11.02 11:50:23 | 000,049,256 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\partmgr.sys [2006.11.02 10:51:23 | 000,008,704 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\parvdm.sys [2006.11.02 11:50:57 | 000,140,392 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\pci.sys [2008.09.22 15:42:33 | 000,015,928 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\pciide.sys [2008.09.22 15:42:33 | 000,045,112 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\pciidex.sys [2006.11.02 11:51:12 | 000,167,528 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\pcmcia.sys [2006.11.02 11:04:35 | 000,878,080 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\PEAuth.sys [2006.11.02 10:55:04 | 000,167,424 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\portcls.sys [2006.11.02 10:30:18 | 000,038,400 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\processr.sys [2005.10.26 22:12:48 | 000,020,640 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\pxhelp20.sys [2006.11.02 11:51:45 | 000,900,712 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ql2300.sys [2006.11.02 11:50:35 | 000,106,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ql40xx.sys [2006.11.02 14:34:31 | 000,031,232 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\qwavedrv.sys [2006.11.02 10:58:13 | 000,011,776 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\rasacd.sys [2007.09.18 10:58:55 | 000,074,752 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\rasl2tp.sys [2006.11.02 10:58:12 | 000,041,472 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\raspppoe.sys [2007.09.18 10:58:55 | 000,060,928 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\raspptp.sys [2006.11.02 10:31:26 | 000,222,208 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\rdbss.sys [2006.11.02 11:02:01 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\RDPCDD.sys [2006.11.02 11:03:00 | 000,242,688 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\rdpdr.sys [2006.11.02 11:02:01 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\RDPENCDD.sys [2006.11.02 11:02:15 | 000,160,256 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\rdpwd.sys [2008.09.22 15:24:42 | 000,113,664 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\rmcast.sys [2006.11.02 10:57:48 | 000,032,768 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\RNDISMP.sys [2006.11.02 10:58:51 | 000,008,192 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\rootmdm.sys [2006.11.02 10:56:49 | 000,060,416 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\rspndr.sys [2007.04.10 19:05:38 | 001,764,960 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\RTKVHDA.sys [2010.06.23 09:21:32 | 000,259,176 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Rtlh86.sys [2011.11.29 06:59:52 | 000,077,816 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sbapifs.sys [2011.12.19 12:44:24 | 000,223,864 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\SbFw.sys [2011.09.29 12:16:18 | 000,094,584 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\SbFwIm.sys [2011.12.19 12:44:24 | 000,093,816 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sbhips.sys [2006.11.02 11:50:16 | 000,076,392 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sbp2port.sys [2011.10.26 14:23:40 | 000,101,112 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\SBREDrv.sys [2011.12.19 12:44:24 | 000,084,600 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sbtis.sys [2006.11.02 11:50:59 | 000,140,392 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\scsiport.sys [2006.11.02 08:37:21 | 000,020,480 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\secdrv.sys [2006.11.02 10:51:25 | 000,017,920 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\serenum.sys [2006.11.02 10:51:30 | 000,083,456 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\serial.sys [2008.09.22 15:28:09 | 000,019,968 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sermouse.sys [2006.11.02 11:14:19 | 000,009,216 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\serscan.sys [2006.11.02 10:51:38 | 000,013,312 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sffdisk.sys [2006.11.02 10:51:40 | 000,012,800 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sffp_mmc.sys [2006.11.02 10:51:40 | 000,012,800 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sffp_sd.sys [2006.11.02 10:51:40 | 000,013,312 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sfloppy.sys [2006.11.02 11:49:51 | 000,053,352 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\SISAGP.SYS [2005.01.11 17:58:48 | 000,030,976 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sisraid2.sys [2006.11.02 11:50:16 | 000,071,784 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sisraid4.sys [2006.11.02 10:57:10 | 000,066,048 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\smb.sys [2006.11.02 10:51:25 | 000,017,408 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\smclib.sys [2006.11.22 18:35:00 | 000,982,272 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\smserial.sys [2006.11.02 11:49:35 | 000,018,536 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\spldr.sys [2006.11.02 09:16:44 | 000,551,936 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\spsys.sys [2009.12.11 14:15:49 | 000,306,688 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\srv.sys [2009.09.14 11:50:54 | 000,130,048 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\srv2.sys [2009.12.11 14:15:30 | 000,084,992 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\srvnet.sys [2006.11.02 11:50:47 | 000,117,864 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Storport.sys [2006.11.02 11:49:20 | 000,012,776 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\swenum.sys [2006.11.02 11:50:05 | 000,035,944 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\symc8xx.sys [2006.11.02 11:49:56 | 000,031,848 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sym_hi.sys [2006.11.02 11:50:03 | 000,034,920 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sym_u3.sys [2006.11.02 10:51:57 | 000,024,576 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tape.sys [2010.02.18 14:05:37 | 000,815,104 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tcpip.sys [2006.11.02 10:57:47 | 000,027,648 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tcpipreg.sys [2006.11.02 10:58:46 | 000,020,992 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tdi.sys [2006.11.02 11:02:01 | 000,017,920 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tdpipe.sys [2006.11.02 11:02:01 | 000,028,672 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tdtcp.sys [2006.11.02 10:57:35 | 000,068,096 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tdx.sys [2006.11.02 11:50:28 | 000,050,792 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\termdd.sys [2006.11.02 11:02:07 | 000,023,552 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tssecsrv.sys [2010.02.18 14:04:30 | 000,015,360 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\TUNMP.SYS [2010.02.18 14:04:38 | 000,025,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\tunnel.sys [2006.11.02 11:49:59 | 000,056,936 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\UAGP35.SYS [2006.11.02 10:30:57 | 000,225,280 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\udfs.sys [2006.11.02 11:50:04 | 000,058,472 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ULIAGPKX.SYS [2006.11.02 11:51:25 | 000,235,112 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\uliahci.sys [2006.11.02 11:50:35 | 000,098,408 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ulsata.sys [2006.11.02 11:50:45 | 000,115,816 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ulsata2.sys [2006.11.02 10:55:24 | 000,034,816 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\umbus.sys [2006.11.02 10:55:22 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\umpass.sys [2006.11.02 10:57:48 | 000,014,848 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usb8023.sys [2011.05.10 08:06:08 | 000,042,496 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbaapl.sys [2006.11.02 10:55:04 | 000,071,552 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\USBAUDIO.sys [2008.09.22 15:40:46 | 000,073,216 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbccgp.sys [2006.11.02 10:55:09 | 000,068,608 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbcir.sys [2008.09.22 15:40:47 | 000,038,400 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbehci.sys [2008.09.22 15:40:48 | 000,193,536 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbhub.sys [2008.09.22 15:40:47 | 000,019,456 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbohci.sys [2008.09.22 15:40:47 | 000,224,768 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbport.sys [2006.11.02 11:14:58 | 000,018,944 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbprint.sys [2006.11.02 11:14:17 | 000,035,328 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbscan.sys [2007.09.18 11:16:56 | 000,055,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\USBSTOR.SYS [2006.11.02 10:55:05 | 000,022,528 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\usbuhci.sys [2006.11.02 10:53:56 | 000,025,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\vga.sys [2006.11.02 10:53:56 | 000,026,112 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\vgapnp.sys [2006.11.02 11:49:52 | 000,054,376 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\VIAAGP.SYS [2006.11.02 10:30:19 | 000,039,424 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\viac7.sys [2006.11.02 11:49:30 | 000,017,512 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\viaide.sys [2006.03.31 02:18:30 | 000,100,992 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\viamraid.sys [2006.11.02 10:54:08 | 000,109,056 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\videoprt.sys [2006.11.02 11:50:24 | 000,050,280 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\volmgr.sys [2006.11.02 11:51:30 | 000,290,408 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\volmgrx.sys [2008.09.22 15:42:32 | 000,211,000 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\volsnap.sys [2006.11.02 11:50:41 | 000,112,232 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\vsmraid.sys [2006.11.02 10:52:52 | 000,020,608 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\wacompen.sys [2007.09.18 11:24:16 | 000,061,952 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\wanarp.sys [2006.11.02 10:37:46 | 000,032,256 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\watchdog.sys [2006.11.02 11:49:38 | 000,019,560 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\wd.sys [2009.07.14 03:19:10 | 000,445,008 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\Wdf01000.sys [2009.07.14 03:19:11 | 000,038,480 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\WdfLdr.sys [2006.11.02 10:35:03 | 000,011,264 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\wmiacpi.sys [2006.11.02 11:49:26 | 000,015,464 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\wmilib.sys [2006.11.02 11:04:23 | 000,039,936 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\WpdUsb.sys [2006.11.02 10:58:26 | 000,015,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\ws2ifsl.sys [2006.11.02 10:54:38 | 000,051,712 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\WUDFPf.sys [2006.11.02 10:54:52 | 000,082,560 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\WUDFRd.sys < %systemroot%\System32\config\*.sav > [2007.09.18 20:40:17 | 006,664,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2007.09.18 20:40:15 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2007.09.18 20:40:17 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2007.09.18 20:40:28 | 015,720,448 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2007.09.18 20:40:31 | 006,017,024 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.10.19 13:45:12 | 000,289,792 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\atmfd.dll [2006.11.02 11:49:40 | 000,021,608 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\BOOTVID.DLL [2007.09.18 11:28:01 | 000,036,864 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\cdd.dll [2008.09.22 15:28:17 | 000,620,088 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\ci.dll [2007.09.18 10:59:30 | 000,049,664 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\csrsrv.dll [2007.09.18 10:58:22 | 000,160,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\hal.dll [2007.09.18 10:58:22 | 000,134,760 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\halacpi.dll [2007.09.18 10:58:22 | 000,160,872 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\halmacpi.dll [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDBHC.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDBLR.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDBR.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDBU.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDBULG.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDCA.DLL [2006.11.02 11:39:43 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDCAN.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDCR.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDCZ.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDCZ1.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDCZ2.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDDA.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDDIV1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDDIV2.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDDV.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDES.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDEST.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDFA.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDFC.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDFI.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDFI1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDFO.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDFR.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDGAE.DLL [2006.11.02 11:39:43 | 000,005,120 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDGEO.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kbdgeoer.dll [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kbdgeoqw.dll [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDGKL.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDGR.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDGR1.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDGRLND.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHE.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHE220.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHE319.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHEB.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHELA2.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHELA3.DLL [2006.11.02 11:39:43 | 000,008,704 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHEPT.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHU.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDHU1.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kbdibm02.dll [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDIC.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINASA.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINBE1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINBE2.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINBEN.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINDEV.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINGUJ.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINHIN.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINKAN.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINMAL.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINMAR.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINORI.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINPUN.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINTAM.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINTEL.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDINUK2.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDIR.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDIT.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDIT142.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDIULAT.DLL [2006.11.02 11:46:05 | 000,010,752 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDJPN.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDKAZ.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDKHMR.DLL [2006.11.02 11:46:05 | 000,010,240 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDKOR.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDKYR.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDLA.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDLAO.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kbdlk41a.dll [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDLT.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDLT1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDLT2.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDLV.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDLV1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDMAC.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDMACST.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDMAORI.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDMLT47.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDMLT48.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDMON.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDMONMO.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDNE.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kbdnec.dll [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kbdnec95.dll [2006.11.02 11:39:43 | 000,009,216 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kbdnecat.dll [2006.11.02 11:39:43 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kbdnecnt.dll [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDNEPR.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDNO.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDNO1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDPASH.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDPL.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDPL1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDPO.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDRO.DLL [2006.11.02 11:39:43 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDROPR.DLL [2006.11.02 11:39:43 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDROST.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDRU.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDRU1.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSF.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSG.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSL.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSL1.DLL [2006.11.02 11:39:43 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSMSFI.DLL [2006.11.02 11:39:43 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSMSNO.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSN1.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSOREX.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSORST.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSP.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSW.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSW09.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSYR1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDSYR2.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTAJIK.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTAT.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTH0.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTH1.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTH2.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTH3.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTIPRC.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTUF.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTUQ.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDTURME.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUGHR.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUK.DLL [2006.11.02 11:39:43 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUKX.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUR.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUR1.DLL [2006.11.02 11:39:43 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDURDU.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUS.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUSA.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUSL.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUSR.DLL [2006.11.02 11:39:43 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUSX.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDUZB.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDVNTC.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDYAK.DLL [2006.11.02 11:39:43 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDYCC.DLL [2006.11.02 11:39:43 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\KBDYCL.DLL [2008.09.22 15:28:18 | 000,019,000 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kd1394.dll [2006.11.02 11:49:30 | 000,017,000 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kdcom.dll [2006.11.02 11:49:37 | 000,019,048 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\kdusb.dll < End of report > |
|
24.06.2012, 16:51
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.GEN, damit hat es angefangenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.06.2012, 19:37
| #11 |
| | TR/ATRAPS.GEN, damit hat es angefangen Die fehlende Datei bei der Systemreparatur: 3b54d32e95b5a867.sys |
|
25.06.2012, 10:15
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.GEN, damit hat es angefangen Achso diese Datei die auch vorher erwähnt wurde  Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - user.js - File not found
[2010.04.30 13:47:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.10.05 20:02:29 | 000,000,681 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\ask.xml
[2012.06.18 20:52:17 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-1.xml
[2010.11.01 22:25:10 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-10.xml
[2010.11.04 11:51:58 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-11.xml
[2010.12.16 21:13:15 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-12.xml
[2011.05.15 13:15:01 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-13.xml
[2008.10.01 16:42:27 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-2.xml
[2008.11.20 14:16:25 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-3.xml
[2009.01.04 10:12:02 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-4.xml
[2009.01.04 10:14:25 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-5.xml
[2010.07.02 08:08:31 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-6.xml
[2010.07.08 18:56:42 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-7.xml
[2010.08.11 14:34:57 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-8.xml
[2010.08.11 18:36:10 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-9.xml
[2009.07.13 18:12:02 | 000,000,944 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin.xml
[2007.09.18 11:44:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.03.04 18:59:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [368o0qiuym] C:\ProgramData\368o0qiuym.exe ()
O4 - HKLM..\Run: [ZoneAlarm Installer] "C:\Program Files\CheckPoint\Install\Launcher.exe" "C:\Program Files\CheckPoint\Install\Install.exe" /r download /c "C:\Program Files\CheckPoint\Install\Install.xml" /w File not found
O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [368o0qiuym] C:\Users\***\368o0qiuym.exe ()
O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent File not found
O4 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000..\Run: [Regedit32] C:\Windows\system32\regedit.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O7 - HKU\S-1-5-21-845182278-1820383479-3835861194-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
[2012.05.20 12:33:15 | 000,069,376 | ---- | C] () -- C:\Windows\System32\drivers\3b54d32e95b5a867.sys
[2012.05.20 12:31:38 | 000,039,424 | ---- | C] () -- C:\ProgramData\368o0qiuym.exe
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.06.2012, 18:57
| #13 |
| | TR/ATRAPS.GEN, damit hat es angefangen Genau die Datei  In der Zeile "File C:\Users\***\368o0qiuym.exe not found." waren die Sternchen bereits im Log, ich befürchte diese habe ich vorher übersehen. Kann / soll / muss / darf ich den Schritt nochmal ausführen? Ich habe bislang nichts weiter gemacht... Code:
ATTFilter All processes killed
========== OTL ==========
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Ask" removed from browser.search.order.1
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\70ag819c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\ask.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\70ag819c.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\tb-amulet-of-protection\content folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\tb-amulet-of-protection folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\google3 folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\firefox folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\368o0qiuym deleted successfully.
File C:\ProgramData\368o0qiuym.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ZoneAlarm Installer deleted successfully.
Registry value HKEY_USERS\S-1-5-21-845182278-1820383479-3835861194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-845182278-1820383479-3835861194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\368o0qiuym deleted successfully.
File C:\Users\***\368o0qiuym.exe not found.
Registry value HKEY_USERS\S-1-5-21-845182278-1820383479-3835861194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-845182278-1820383479-3835861194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-845182278-1820383479-3835861194-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File C:\Windows\System32\drivers\3b54d32e95b5a867.sys not found.
File C:\ProgramData\368o0qiuym.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ***
->Temp folder emptied: 497114638 bytes
->Temporary Internet Files folder emptied: 1063381492 bytes
->Java cache emptied: 121642 bytes
->FireFox cache emptied: 47687779 bytes
->Apple Safari cache emptied: 16384 bytes
->Flash cache emptied: 291 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40274647 bytes
RecycleBin emptied: 21174 bytes
Total Files Cleaned = 1.572,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: ***
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.46.0 log created on 06252012_192441
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
25.06.2012, 20:39
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.GEN, damit hat es angefangen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.06.2012, 17:43
| #15 |
| | TR/ATRAPS.GEN, damit hat es angefangen Beim Öffnen von TDSS kam eine Fehlermeldung: "Can´t load driver" Hab es aber trotzdem laufen lassen: Code:
ATTFilter 18:32:14.0366 3224 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
18:32:14.0491 3224 ============================================================
18:32:14.0491 3224 Current date / time: 2012/06/27 18:32:14.0491
18:32:14.0491 3224 SystemInfo:
18:32:14.0491 3224
18:32:14.0491 3224 OS Version: 6.0.6000 ServicePack: 0.0
18:32:14.0491 3224 Product type: Workstation
18:32:14.0491 3224 ComputerName: ***-PC
18:32:14.0491 3224 UserName: ***
18:32:14.0491 3224 Windows directory: C:\Windows
18:32:14.0491 3224 System windows directory: C:\Windows
18:32:14.0491 3224 Processor architecture: Intel x86
18:32:14.0491 3224 Number of processors: 2
18:32:14.0491 3224 Page size: 0x1000
18:32:14.0491 3224 Boot type: Normal boot
18:32:14.0491 3224 ============================================================
18:32:25.0723 3224 !crdlk
18:32:25.0723 3224 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
18:32:25.0754 3224 ============================================================
18:32:25.0754 3224 \Device\Harddisk0\DR0:
18:32:25.0754 3224 MBR partitions:
18:32:25.0754 3224 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x1292D800
18:32:25.0754 3224 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1409E000, BlocksNum 0x9127000
18:32:25.0754 3224 ============================================================
18:32:25.0770 3224 C: <-> \Device\Harddisk0\DR0\Partition0
18:32:25.0832 3224 D: <-> \Device\Harddisk0\DR0\Partition1
18:32:25.0832 3224 ============================================================
18:32:25.0832 3224 Initialize success
18:32:25.0832 3224 ============================================================
18:34:05.0585 3520 ============================================================
18:34:05.0585 3520 Scan started
18:34:05.0585 3520 Mode: Manual; SigCheck; TDLFS;
18:34:05.0585 3520 ============================================================
18:34:06.0599 3520 Suspicious service (NoAccess): 3b54d32e95b5a867
18:34:06.0755 3520 3b54d32e95b5a867 (13052af8c75015723e89a620bb8f1e71) C:\Windows\System32\Drivers\3b54d32e95b5a867.sys
18:34:06.0755 3520 Suspicious file (NoAccess): C:\Windows\System32\Drivers\3b54d32e95b5a867.sys. md5: 13052af8c75015723e89a620bb8f1e71
18:34:06.0771 3520 3b54d32e95b5a867 ( LockedService.Multi.Generic ) - warning
18:34:06.0771 3520 3b54d32e95b5a867 - detected LockedService.Multi.Generic (1)
18:34:06.0849 3520 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
18:34:06.0958 3520 ACPI - ok
18:34:07.0083 3520 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:34:07.0083 3520 AdobeARMservice - ok
18:34:07.0176 3520 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:34:07.0192 3520 AdobeFlashPlayerUpdateSvc - ok
18:34:07.0286 3520 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
18:34:07.0332 3520 adp94xx - ok
18:34:07.0379 3520 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
18:34:07.0395 3520 adpahci - ok
18:34:07.0426 3520 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
18:34:07.0442 3520 adpu160m - ok
18:34:07.0473 3520 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
18:34:07.0488 3520 adpu320 - ok
18:34:07.0535 3520 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
18:34:07.0613 3520 AeLookupSvc - ok
18:34:07.0691 3520 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
18:34:07.0769 3520 AFD - ok
18:34:07.0816 3520 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
18:34:07.0832 3520 agp440 - ok
18:34:07.0863 3520 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:34:07.0863 3520 aic78xx - ok
18:34:07.0910 3520 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
18:34:07.0956 3520 ALG - ok
18:34:07.0988 3520 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
18:34:08.0003 3520 aliide - ok
18:34:08.0034 3520 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
18:34:08.0050 3520 amdagp - ok
18:34:08.0066 3520 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
18:34:08.0081 3520 amdide - ok
18:34:08.0112 3520 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
18:34:08.0190 3520 AmdK7 - ok
18:34:08.0237 3520 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
18:34:08.0284 3520 AmdK8 - ok
18:34:08.0502 3520 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:34:08.0518 3520 AntiVirSchedulerService - ok
18:34:08.0549 3520 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:34:08.0565 3520 AntiVirService - ok
18:34:08.0627 3520 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
18:34:08.0705 3520 Appinfo - ok
18:34:08.0830 3520 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:34:08.0830 3520 Apple Mobile Device - ok
18:34:08.0877 3520 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
18:34:08.0877 3520 arc - ok
18:34:08.0939 3520 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
18:34:08.0955 3520 arcsas - ok
18:34:08.0986 3520 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
18:34:09.0064 3520 AsyncMac - ok
18:34:09.0111 3520 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
18:34:09.0111 3520 atapi - ok
18:34:09.0251 3520 athr (2846f5ee802889d500fcf5cc48b28381) C:\Windows\system32\DRIVERS\athr.sys
18:34:09.0360 3520 athr - ok
18:34:09.0454 3520 Ati External Event Utility (3481d12334f065bba19c16399c9cb171) C:\Windows\system32\Ati2evxx.exe
18:34:09.0532 3520 Ati External Event Utility - ok
18:34:09.0657 3520 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
18:34:09.0735 3520 AudioEndpointBuilder - ok
18:34:09.0766 3520 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
18:34:09.0828 3520 Audiosrv - ok
18:34:09.0906 3520 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
18:34:09.0938 3520 avgntflt - ok
18:34:09.0984 3520 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
18:34:09.0984 3520 avipbb - ok
18:34:10.0031 3520 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
18:34:10.0047 3520 avkmgr - ok
18:34:10.0094 3520 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
18:34:10.0156 3520 Beep - ok
18:34:10.0234 3520 BFE (98ebdffb824a7c265337d68dd480e45c) C:\Windows\System32\bfe.dll
18:34:10.0296 3520 BFE - ok
18:34:10.0421 3520 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
18:34:10.0499 3520 BITS - ok
18:34:10.0515 3520 blbdrive - ok
18:34:10.0686 3520 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:34:10.0702 3520 Bonjour Service - ok
18:34:10.0749 3520 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
18:34:10.0811 3520 bowser - ok
18:34:10.0858 3520 bpwezaoa (1a19a10b4203acc07d16a830ad59f7ea) C:\Windows\system32\drivers\bpwezaoa.sys
18:34:10.0874 3520 bpwezaoa - ok
18:34:10.0920 3520 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:34:10.0983 3520 BrFiltLo - ok
18:34:11.0014 3520 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:34:11.0092 3520 BrFiltUp - ok
18:34:11.0154 3520 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
18:34:11.0232 3520 Browser - ok
18:34:11.0279 3520 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:34:11.0357 3520 Brserid - ok
18:34:11.0404 3520 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:34:11.0451 3520 BrSerWdm - ok
18:34:11.0498 3520 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:34:11.0544 3520 BrUsbMdm - ok
18:34:11.0591 3520 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:34:11.0669 3520 BrUsbSer - ok
18:34:11.0716 3520 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:34:11.0778 3520 BTHMODEM - ok
18:34:11.0810 3520 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
18:34:11.0888 3520 cdfs - ok
18:34:11.0934 3520 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
18:34:11.0997 3520 cdrom - ok
18:34:12.0044 3520 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
18:34:12.0122 3520 CertPropSvc - ok
18:34:12.0168 3520 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
18:34:12.0215 3520 circlass - ok
18:34:12.0293 3520 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
18:34:12.0324 3520 CLFS - ok
18:34:12.0434 3520 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:34:12.0449 3520 clr_optimization_v2.0.50727_32 - ok
18:34:12.0512 3520 CLTNetCnService - ok
18:34:12.0558 3520 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
18:34:12.0621 3520 CmBatt - ok
18:34:12.0668 3520 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
18:34:12.0668 3520 cmdide - ok
18:34:12.0714 3520 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
18:34:12.0730 3520 Compbatt - ok
18:34:12.0746 3520 COMSysApp - ok
18:34:12.0777 3520 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
18:34:12.0792 3520 crcdisk - ok
18:34:12.0824 3520 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
18:34:12.0886 3520 Crusoe - ok
18:34:12.0964 3520 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
18:34:13.0042 3520 CryptSvc - ok
18:34:13.0167 3520 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
18:34:13.0260 3520 DcomLaunch - ok
18:34:13.0307 3520 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
18:34:13.0385 3520 DfsC - ok
18:34:13.0572 3520 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
18:34:13.0697 3520 DFSR - ok
18:34:13.0884 3520 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
18:34:13.0962 3520 Dhcp - ok
18:34:14.0040 3520 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
18:34:14.0040 3520 disk - ok
18:34:14.0118 3520 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
18:34:14.0165 3520 Dnscache - ok
18:34:14.0196 3520 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
18:34:14.0274 3520 dot3svc - ok
18:34:14.0384 3520 Dot4 (57b2d433a08b95e4f1b53a919937f3e5) C:\Windows\system32\DRIVERS\Dot4.sys
18:34:14.0446 3520 Dot4 - ok
18:34:14.0493 3520 Dot4Print (d93fa484bb62fbe7e5ef335c5415d3cf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:34:14.0571 3520 Dot4Print - ok
18:34:14.0633 3520 dot4usb (599742c4260fb3e8edb3be148b8ce856) C:\Windows\system32\DRIVERS\dot4usb.sys
18:34:14.0774 3520 dot4usb - ok
18:34:14.0852 3520 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
18:34:14.0898 3520 DPS - ok
18:34:14.0930 3520 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
18:34:15.0008 3520 drmkaud - ok
18:34:15.0117 3520 DXGKrnl (b95202efd0464d226e7542c1e319c028) C:\Windows\System32\drivers\dxgkrnl.sys
18:34:15.0164 3520 DXGKrnl - ok
18:34:15.0226 3520 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:34:15.0366 3520 E1G60 - ok
18:34:15.0429 3520 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
18:34:15.0491 3520 EapHost - ok
18:34:15.0538 3520 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
18:34:15.0554 3520 Ecache - ok
18:34:15.0632 3520 ehRecvr (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
18:34:15.0694 3520 ehRecvr - ok
18:34:15.0725 3520 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
18:34:15.0741 3520 ehSched - ok
18:34:15.0772 3520 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
18:34:15.0803 3520 ehstart - ok
18:34:15.0866 3520 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
18:34:15.0881 3520 elxstor - ok
18:34:15.0975 3520 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
18:34:16.0053 3520 EMDMgmt - ok
18:34:16.0146 3520 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
18:34:16.0209 3520 EventSystem - ok
18:34:16.0256 3520 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
18:34:16.0334 3520 fastfat - ok
18:34:16.0380 3520 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
18:34:16.0458 3520 fdc - ok
18:34:16.0505 3520 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
18:34:16.0583 3520 fdPHost - ok
18:34:16.0599 3520 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
18:34:16.0661 3520 FDResPub - ok
18:34:16.0739 3520 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
18:34:16.0755 3520 FileInfo - ok
18:34:16.0770 3520 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
18:34:16.0833 3520 Filetrace - ok
18:34:16.0911 3520 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
18:34:16.0973 3520 flpydisk - ok
18:34:17.0067 3520 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
18:34:17.0067 3520 FltMgr - ok
18:34:17.0192 3520 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:34:17.0192 3520 FontCache3.0.0.0 - ok
18:34:17.0223 3520 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
18:34:17.0270 3520 Fs_Rec - ok
18:34:17.0332 3520 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
18:34:17.0332 3520 gagp30kx - ok
18:34:17.0410 3520 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:34:17.0410 3520 GEARAspiWDM - ok
18:34:17.0488 3520 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
18:34:17.0644 3520 gpsvc - ok
18:34:17.0784 3520 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:34:17.0784 3520 gupdate - ok
18:34:17.0800 3520 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:34:17.0816 3520 gupdatem - ok
18:34:17.0878 3520 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:34:17.0956 3520 HdAudAddService - ok
18:34:18.0018 3520 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:34:18.0065 3520 HDAudBus - ok
18:34:18.0096 3520 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:34:18.0159 3520 HidBth - ok
18:34:18.0206 3520 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:34:18.0268 3520 HidIr - ok
18:34:18.0330 3520 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
18:34:18.0408 3520 hidserv - ok
18:34:18.0455 3520 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
18:34:18.0486 3520 HidUsb - ok
18:34:18.0533 3520 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
18:34:18.0611 3520 hkmsvc - ok
18:34:18.0658 3520 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
18:34:18.0674 3520 HpCISSs - ok
18:34:18.0845 3520 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:34:18.0876 3520 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
18:34:18.0876 3520 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
18:34:18.0954 3520 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:34:18.0986 3520 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
18:34:18.0986 3520 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
18:34:19.0079 3520 HPSLPSVC (568e44f6dcfa173f3670172b69379891) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
18:34:19.0157 3520 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
18:34:19.0157 3520 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
18:34:19.0251 3520 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
18:34:19.0251 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\HTTP.sys. md5: ea24fe637d974a8a31bc650f478e3533
18:34:19.0282 3520 HTTP ( LockedFile.Multi.Generic ) - warning
18:34:19.0282 3520 HTTP - detected LockedFile.Multi.Generic (1)
18:34:19.0329 3520 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
18:34:19.0329 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\i2omp.sys. md5: 324c2152ff2c61abae92d09f3cca4d63
18:34:19.0329 3520 i2omp ( LockedFile.Multi.Generic ) - warning
18:34:19.0329 3520 i2omp - detected LockedFile.Multi.Generic (1)
18:34:19.0376 3520 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
18:34:19.0376 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\i8042prt.sys. md5: 1c9ee072baa3abb460b91d7ee9152660
18:34:19.0391 3520 i8042prt ( LockedFile.Multi.Generic ) - warning
18:34:19.0391 3520 i8042prt - detected LockedFile.Multi.Generic (1)
18:34:19.0438 3520 iaStor (294110966cedd127629c5be48367c8cf) C:\Windows\system32\drivers\iastor.sys
18:34:19.0438 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\iastor.sys. md5: 294110966cedd127629c5be48367c8cf
18:34:19.0438 3520 iaStor ( LockedFile.Multi.Generic ) - warning
18:34:19.0438 3520 iaStor - detected LockedFile.Multi.Generic (1)
18:34:19.0485 3520 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
18:34:19.0485 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\iastorv.sys. md5: c957bf4b5d80b46c5017bf0101e6c906
18:34:19.0500 3520 iaStorV ( LockedFile.Multi.Generic ) - warning
18:34:19.0500 3520 iaStorV - detected LockedFile.Multi.Generic (1)
18:34:19.0656 3520 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:34:19.0734 3520 idsvc - ok
18:34:19.0766 3520 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:34:19.0766 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\iirsp.sys. md5: 2d077bf86e843f901d8db709c95b49a5
18:34:19.0781 3520 iirsp ( LockedFile.Multi.Generic ) - warning
18:34:19.0781 3520 iirsp - detected LockedFile.Multi.Generic (1)
18:34:19.0890 3520 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
18:34:19.0968 3520 IKEEXT - ok
18:34:20.0140 3520 IntcAzAudAddService (4fa59a84069d9d0991bae34cc4aff99c) C:\Windows\system32\drivers\RTKVHDA.sys
18:34:20.0140 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\RTKVHDA.sys. md5: 4fa59a84069d9d0991bae34cc4aff99c
18:34:20.0171 3520 IntcAzAudAddService ( LockedFile.Multi.Generic ) - warning
18:34:20.0171 3520 IntcAzAudAddService - detected LockedFile.Multi.Generic (1)
18:34:20.0343 3520 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
18:34:20.0343 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\intelide.sys. md5: 97469037714070e45194ed318d636401
18:34:20.0343 3520 intelide ( LockedFile.Multi.Generic ) - warning
18:34:20.0343 3520 intelide - detected LockedFile.Multi.Generic (1)
18:34:20.0374 3520 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
18:34:20.0374 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelppm.sys. md5: ce44cc04262f28216dd4341e9e36a16f
18:34:20.0374 3520 intelppm ( LockedFile.Multi.Generic ) - warning
18:34:20.0374 3520 intelppm - detected LockedFile.Multi.Generic (1)
18:34:20.0421 3520 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
18:34:20.0499 3520 IPBusEnum - ok
18:34:20.0530 3520 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:34:20.0530 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipfltdrv.sys. md5: 880c6f86cc3f551b8fea2c11141268c0
18:34:20.0530 3520 IpFilterDriver ( LockedFile.Multi.Generic ) - warning
18:34:20.0530 3520 IpFilterDriver - detected LockedFile.Multi.Generic (1)
18:34:20.0592 3520 iphlpsvc (ecc9ad72cfc4ab41cf6a9bcc11f9fef6) C:\Windows\System32\iphlpsvc.dll
18:34:20.0655 3520 iphlpsvc - ok
18:34:20.0670 3520 IpInIp - ok
18:34:20.0702 3520 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
18:34:20.0702 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ipmidrv.sys. md5: 40f34f8aba2a015d780e4b09138b6c17
18:34:20.0717 3520 IPMIDRV ( LockedFile.Multi.Generic ) - warning
18:34:20.0717 3520 IPMIDRV - detected LockedFile.Multi.Generic (1)
18:34:20.0733 3520 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
18:34:20.0733 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipnat.sys. md5: 10077c35845101548037df04fd1a420b
18:34:20.0733 3520 IPNAT ( LockedFile.Multi.Generic ) - warning
18:34:20.0733 3520 IPNAT - detected LockedFile.Multi.Generic (1)
18:34:20.0904 3520 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
18:34:20.0936 3520 iPod Service - ok
18:34:20.0982 3520 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
18:34:20.0982 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\irenum.sys. md5: a82f328f4792304184642d6d397bb1e3
18:34:20.0998 3520 IRENUM ( LockedFile.Multi.Generic ) - warning
18:34:20.0998 3520 IRENUM - detected LockedFile.Multi.Generic (1)
18:34:21.0045 3520 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
18:34:21.0045 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\isapnp.sys. md5: 350fca7e73cf65bcef43fae1e4e91293
18:34:21.0060 3520 isapnp ( LockedFile.Multi.Generic ) - warning
18:34:21.0060 3520 isapnp - detected LockedFile.Multi.Generic (1)
18:34:21.0092 3520 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
18:34:21.0092 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\msiscsi.sys. md5: 4dca456d4d5723f8fa9c6760d240b0df
18:34:21.0107 3520 iScsiPrt ( LockedFile.Multi.Generic ) - warning
18:34:21.0107 3520 iScsiPrt - detected LockedFile.Multi.Generic (1)
18:34:21.0123 3520 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:34:21.0123 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\iteatapi.sys. md5: bced60d16156e428f8df8cf27b0df150
18:34:21.0138 3520 iteatapi ( LockedFile.Multi.Generic ) - warning
18:34:21.0138 3520 iteatapi - detected LockedFile.Multi.Generic (1)
18:34:21.0154 3520 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:34:21.0154 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\iteraid.sys. md5: 06fa654504a498c30adca8bec4e87e7e
18:34:21.0154 3520 iteraid ( LockedFile.Multi.Generic ) - warning
18:34:21.0154 3520 iteraid - detected LockedFile.Multi.Generic (1)
18:34:21.0201 3520 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
18:34:21.0201 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdclass.sys. md5: b076b2ab806b3f696dab21375389101c
18:34:21.0232 3520 kbdclass ( LockedFile.Multi.Generic ) - warning
18:34:21.0232 3520 kbdclass - detected LockedFile.Multi.Generic (1)
18:34:21.0248 3520 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
18:34:21.0248 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\kbdhid.sys. md5: d2600cb17b7408b4a83f231dc9a11ac3
18:34:21.0248 3520 kbdhid ( LockedFile.Multi.Generic ) - warning
18:34:21.0248 3520 kbdhid - detected LockedFile.Multi.Generic (1)
18:34:21.0326 3520 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
18:34:21.0372 3520 KeyIso - ok
18:34:21.0450 3520 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
18:34:21.0450 3520 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecdd.sys. md5: 0a829977b078dea11641fc2af87ceade
18:34:21.0466 3520 KSecDD ( LockedFile.Multi.Generic ) - warning
18:34:21.0466 3520 KSecDD - detected LockedFile.Multi.Generic (1)
18:34:21.0544 3520 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
18:34:21.0606 3520 KtmRm - ok
18:34:21.0669 3520 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
18:34:21.0731 3520 LanmanServer - ok
18:34:21.0794 3520 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
18:34:21.0794 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lltdio.sys. md5: fd015b4f95daa2b712f0e372a116fbad
18:34:21.0825 3520 lltdio ( LockedFile.Multi.Generic ) - warning
18:34:21.0825 3520 lltdio - detected LockedFile.Multi.Generic (1)
18:34:21.0903 3520 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
18:34:21.0996 3520 lltdsvc - ok
18:34:22.0043 3520 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
18:34:22.0106 3520 lmhosts - ok
18:34:22.0184 3520 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
18:34:22.0199 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_fc.sys. md5: a2262fb9f28935e862b4db46438c80d2
18:34:22.0215 3520 LSI_FC ( LockedFile.Multi.Generic ) - warning
18:34:22.0215 3520 LSI_FC - detected LockedFile.Multi.Generic (1)
18:34:22.0246 3520 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
18:34:22.0246 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_sas.sys. md5: 30d73327d390f72a62f32c103daf1d6d
18:34:22.0262 3520 LSI_SAS ( LockedFile.Multi.Generic ) - warning
18:34:22.0262 3520 LSI_SAS - detected LockedFile.Multi.Generic (1)
18:34:22.0293 3520 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
18:34:22.0293 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_scsi.sys. md5: e1e36fefd45849a95f1ab81de0159fe3
18:34:22.0293 3520 LSI_SCSI ( LockedFile.Multi.Generic ) - warning
18:34:22.0293 3520 LSI_SCSI - detected LockedFile.Multi.Generic (1)
18:34:22.0340 3520 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
18:34:22.0340 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\luafv.sys. md5: 42885bb44b6e065b8575a8dd6c430c52
18:34:22.0340 3520 luafv ( LockedFile.Multi.Generic ) - warning
18:34:22.0340 3520 luafv - detected LockedFile.Multi.Generic (1)
18:34:22.0402 3520 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
18:34:22.0402 3520 MBAMProtector - ok
18:34:22.0527 3520 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:34:22.0558 3520 MBAMService - ok
18:34:22.0605 3520 Mcx2Svc (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
18:34:22.0636 3520 Mcx2Svc - ok
18:34:22.0683 3520 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
18:34:22.0683 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\megasas.sys. md5: d153b14fc6598eae8422a2037553adce
18:34:22.0714 3520 megasas ( LockedFile.Multi.Generic ) - warning
18:34:22.0714 3520 megasas - detected LockedFile.Multi.Generic (1)
18:34:22.0870 3520 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:34:22.0886 3520 Microsoft Office Groove Audit Service - ok
18:34:22.0932 3520 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
18:34:23.0010 3520 MMCSS - ok
18:34:23.0042 3520 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
18:34:23.0042 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\modem.sys. md5: 21755967298a46fb6adfec9db6012211
18:34:23.0073 3520 Modem ( LockedFile.Multi.Generic ) - warning
18:34:23.0073 3520 Modem - detected LockedFile.Multi.Generic (1)
18:34:23.0135 3520 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
18:34:23.0135 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: 7446e104a5fe5987ca9e4983fbac4f97
18:34:23.0135 3520 monitor ( LockedFile.Multi.Generic ) - warning
18:34:23.0135 3520 monitor - detected LockedFile.Multi.Generic (1)
18:34:23.0198 3520 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
18:34:23.0198 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouclass.sys. md5: 5fba13c1a1841b0885d316ed3589489d
18:34:23.0198 3520 mouclass ( LockedFile.Multi.Generic ) - warning
18:34:23.0198 3520 mouclass - detected LockedFile.Multi.Generic (1)
18:34:23.0229 3520 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
18:34:23.0229 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\mouhid.sys. md5: a3a6dff7e9e757db3df51a833bc28885
18:34:23.0244 3520 mouhid ( LockedFile.Multi.Generic ) - warning
18:34:23.0244 3520 mouhid - detected LockedFile.Multi.Generic (1)
18:34:23.0291 3520 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
18:34:23.0291 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\mountmgr.sys. md5: 01f1e5a3e4877c931cbb31613fec16a6
18:34:23.0291 3520 MountMgr ( LockedFile.Multi.Generic ) - warning
18:34:23.0291 3520 MountMgr - detected LockedFile.Multi.Generic (1)
18:34:23.0322 3520 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
18:34:23.0322 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpio.sys. md5: 583a41f26278d9e0ea548163d6139397
18:34:23.0322 3520 mpio ( LockedFile.Multi.Generic ) - warning
18:34:23.0322 3520 mpio - detected LockedFile.Multi.Generic (1)
18:34:23.0369 3520 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
18:34:23.0369 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpsdrv.sys. md5: 6e7a7f0c1193ee5648443fe2d4b789ec
18:34:23.0369 3520 mpsdrv ( LockedFile.Multi.Generic ) - warning
18:34:23.0369 3520 mpsdrv - detected LockedFile.Multi.Generic (1)
18:34:23.0447 3520 MpsSvc (563ed845885c6a7c09a7715d8bd0585c) C:\Windows\system32\mpssvc.dll
18:34:23.0525 3520 MpsSvc - ok
18:34:23.0556 3520 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:34:23.0556 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\mraid35x.sys. md5: 4fbbb70d30fd20ec51f80061703b001e
18:34:23.0572 3520 Mraid35x ( LockedFile.Multi.Generic ) - warning
18:34:23.0572 3520 Mraid35x - detected LockedFile.Multi.Generic (1)
18:34:23.0603 3520 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
18:34:23.0603 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\mrxdav.sys. md5: 1d8828b98ee309d65e006f0829e280e5
18:34:23.0619 3520 MRxDAV ( LockedFile.Multi.Generic ) - warning
18:34:23.0619 3520 MRxDAV - detected LockedFile.Multi.Generic (1)
18:34:23.0681 3520 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:34:23.0697 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb.sys. md5: 8af705ce1bb907932157fab821170f27
18:34:23.0697 3520 mrxsmb ( LockedFile.Multi.Generic ) - warning
18:34:23.0697 3520 mrxsmb - detected LockedFile.Multi.Generic (1)
18:34:23.0728 3520 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:34:23.0728 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb10.sys. md5: 47e13ab23371be3279eef22bbfa2c1be
18:34:23.0744 3520 mrxsmb10 ( LockedFile.Multi.Generic ) - warning
18:34:23.0744 3520 mrxsmb10 - detected LockedFile.Multi.Generic (1)
18:34:23.0806 3520 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:34:23.0806 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb20.sys. md5: 90b3fc7bd6b3d7ee7635debba2187f66
18:34:23.0806 3520 mrxsmb20 ( LockedFile.Multi.Generic ) - warning
18:34:23.0806 3520 mrxsmb20 - detected LockedFile.Multi.Generic (1)
18:34:23.0837 3520 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
18:34:23.0837 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\msahci.sys. md5: 742aed7939e734c36b7e8d6228ce26b7
18:34:23.0837 3520 msahci ( LockedFile.Multi.Generic ) - warning
18:34:23.0837 3520 msahci - detected LockedFile.Multi.Generic (1)
18:34:23.0868 3520 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
18:34:23.0868 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\msdsm.sys. md5: 3fc82a2ae4cc149165a94699183d3028
18:34:23.0884 3520 msdsm ( LockedFile.Multi.Generic ) - warning
18:34:23.0884 3520 msdsm - detected LockedFile.Multi.Generic (1)
18:34:23.0931 3520 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
18:34:23.0946 3520 MSDTC - ok
18:34:23.0978 3520 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
18:34:23.0978 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\Msfs.sys. md5: 729eafefd4e7417165f353a18dbe947d
18:34:23.0978 3520 Msfs ( LockedFile.Multi.Generic ) - warning
18:34:23.0978 3520 Msfs - detected LockedFile.Multi.Generic (1)
18:34:24.0040 3520 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
18:34:24.0040 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\msisadrv.sys. md5: 5f454a16a5146cd91a176d70f0cfa3ec
18:34:24.0040 3520 msisadrv ( LockedFile.Multi.Generic ) - warning
18:34:24.0040 3520 msisadrv - detected LockedFile.Multi.Generic (1)
18:34:24.0102 3520 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
18:34:24.0149 3520 MSiSCSI - ok
18:34:24.0180 3520 msiserver - ok
18:34:24.0227 3520 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
18:34:24.0227 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSKSSRV.sys. md5: 892cedefa7e0ffe7be8da651b651d047
18:34:24.0227 3520 MSKSSRV ( LockedFile.Multi.Generic ) - warning
18:34:24.0227 3520 MSKSSRV - detected LockedFile.Multi.Generic (1)
18:34:24.0243 3520 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
18:34:24.0243 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPCLOCK.sys. md5: ae2cb1da69b2676b4cee2a501af5871c
18:34:24.0258 3520 MSPCLOCK ( LockedFile.Multi.Generic ) - warning
18:34:24.0258 3520 MSPCLOCK - detected LockedFile.Multi.Generic (1)
18:34:24.0274 3520 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
18:34:24.0274 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPQM.sys. md5: f910da84fa90c44a3addb7cd874463fd
18:34:24.0274 3520 MSPQM ( LockedFile.Multi.Generic ) - warning
18:34:24.0274 3520 MSPQM - detected LockedFile.Multi.Generic (1)
18:34:24.0305 3520 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
18:34:24.0305 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\MsRPC.sys. md5: 84571c0ae07647ba38d493f5f0015df7
18:34:24.0321 3520 MsRPC ( LockedFile.Multi.Generic ) - warning
18:34:24.0321 3520 MsRPC - detected LockedFile.Multi.Generic (1)
18:34:24.0336 3520 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
18:34:24.0336 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mssmbios.sys. md5: 4385c80ede885e25492d408cad91bd6f
18:34:24.0352 3520 mssmbios ( LockedFile.Multi.Generic ) - warning
18:34:24.0352 3520 mssmbios - detected LockedFile.Multi.Generic (1)
18:34:24.0368 3520 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
18:34:24.0368 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSTEE.sys. md5: c826dd1373f38afd9ca46ec3c436a14e
18:34:24.0368 3520 MSTEE ( LockedFile.Multi.Generic ) - warning
18:34:24.0368 3520 MSTEE - detected LockedFile.Multi.Generic (1)
18:34:24.0399 3520 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
18:34:24.0399 3520 Suspicious file (NoAccess): C:\Windows\system32\Drivers\mup.sys. md5: fa7aa70050cf5e2d15de00941e5665e5
18:34:24.0414 3520 Mup ( LockedFile.Multi.Generic ) - warning
18:34:24.0414 3520 Mup - detected LockedFile.Multi.Generic (1)
18:34:24.0477 3520 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
18:34:24.0570 3520 napagent - ok
18:34:24.0648 3520 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
18:34:24.0648 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 6da4a0fc7c0e83df0cb3cfd0a514c3bc
18:34:24.0664 3520 NativeWifiP ( LockedFile.Multi.Generic ) - warning
18:34:24.0664 3520 NativeWifiP - detected LockedFile.Multi.Generic (1)
18:34:24.0758 3520 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
18:34:24.0758 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ndis.sys. md5: 227c11e1e7cf6ef8afb2a238d209760c
18:34:24.0773 3520 NDIS ( LockedFile.Multi.Generic ) - warning
18:34:24.0773 3520 NDIS - detected LockedFile.Multi.Generic (1)
18:34:24.0804 3520 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
18:34:24.0804 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: 81659cdcbd0f9a9e07e6878ad8c78d3f
18:34:24.0820 3520 NdisTapi ( LockedFile.Multi.Generic ) - warning
18:34:24.0820 3520 NdisTapi - detected LockedFile.Multi.Generic (1)
18:34:24.0836 3520 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
18:34:24.0836 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: 5de5ee546bf40838ebe0e01cb629df64
18:34:24.0851 3520 Ndisuio ( LockedFile.Multi.Generic ) - warning
18:34:24.0851 3520 Ndisuio - detected LockedFile.Multi.Generic (1)
18:34:24.0882 3520 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
18:34:24.0882 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: 397402adcbb8946223a1950101f6cd94
18:34:24.0882 3520 NdisWan ( LockedFile.Multi.Generic ) - warning
18:34:24.0882 3520 NdisWan - detected LockedFile.Multi.Generic (1)
18:34:24.0914 3520 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
18:34:24.0914 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\NDProxy.sys. md5: 1b24fa907af283199a81b3bb37e5e526
18:34:24.0914 3520 NDProxy ( LockedFile.Multi.Generic ) - warning
18:34:24.0914 3520 NDProxy - detected LockedFile.Multi.Generic (1)
18:34:25.0007 3520 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
18:34:25.0038 3520 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:34:25.0038 3520 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:34:25.0116 3520 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\Windows\system32\DRIVERS\netaapl.sys
18:34:25.0116 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netaapl.sys. md5: 7afd0e39ab15cb355487b7cc19f4e2c5
18:34:25.0116 3520 Netaapl ( LockedFile.Multi.Generic ) - warning
18:34:25.0116 3520 Netaapl - detected LockedFile.Multi.Generic (1)
18:34:25.0163 3520 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
18:34:25.0163 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbios.sys. md5: 356dbb9f98e8dc1028dd3092fceeb877
18:34:25.0163 3520 NetBIOS ( LockedFile.Multi.Generic ) - warning
18:34:25.0163 3520 NetBIOS - detected LockedFile.Multi.Generic (1)
18:34:25.0226 3520 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
18:34:25.0226 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbt.sys. md5: e3a168912e7eefc3bd3b814720d68b41
18:34:25.0257 3520 netbt ( LockedFile.Multi.Generic ) - warning
18:34:25.0257 3520 netbt - detected LockedFile.Multi.Generic (1)
18:34:25.0335 3520 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
18:34:25.0350 3520 Netlogon - ok
18:34:25.0397 3520 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
18:34:25.0491 3520 Netman - ok
18:34:25.0553 3520 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
18:34:25.0631 3520 netprofm - ok
18:34:25.0725 3520 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:34:25.0725 3520 NetTcpPortSharing - ok
18:34:25.0787 3520 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:34:25.0787 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\nfrd960.sys. md5: 2e7fb731d4790a1bc6270accefacb36e
18:34:25.0818 3520 nfrd960 ( LockedFile.Multi.Generic ) - warning
18:34:25.0818 3520 nfrd960 - detected LockedFile.Multi.Generic (1)
18:34:25.0850 3520 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
18:34:25.0928 3520 NlaSvc - ok
18:34:26.0052 3520 NMIndexingService (7b273501c59d52978b761f82bebadb06) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:34:26.0084 3520 NMIndexingService - ok
18:34:26.0115 3520 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
18:34:26.0115 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\Npfs.sys. md5: 4f9832beb9fafd8ceb0e541f1323b26e
18:34:26.0130 3520 Npfs ( LockedFile.Multi.Generic ) - warning
18:34:26.0130 3520 Npfs - detected LockedFile.Multi.Generic (1)
18:34:26.0177 3520 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
18:34:26.0255 3520 nsi - ok
18:34:26.0302 3520 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
18:34:26.0302 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\nsiproxy.sys. md5: b488dfec274de1fc9d653870ef2587be
18:34:26.0318 3520 nsiproxy ( LockedFile.Multi.Generic ) - warning
18:34:26.0318 3520 nsiproxy - detected LockedFile.Multi.Generic (1)
18:34:26.0427 3520 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
18:34:26.0427 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\Ntfs.sys. md5: 37430aa7a66d7a63407adc2c0d05e9f6
18:34:26.0442 3520 Ntfs ( LockedFile.Multi.Generic ) - warning
18:34:26.0442 3520 Ntfs - detected LockedFile.Multi.Generic (1)
18:34:26.0458 3520 ntqfmifz - ok
18:34:26.0505 3520 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:34:26.0505 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ntrigdigi.sys. md5: e875c093aec0c978a90f30c9e0dfbb72
18:34:26.0505 3520 ntrigdigi ( LockedFile.Multi.Generic ) - warning
18:34:26.0505 3520 ntrigdigi - detected LockedFile.Multi.Generic (1)
18:34:26.0536 3520 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
18:34:26.0536 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\Null.sys. md5: ec5efb3c60f1b624648344a328bce596
18:34:26.0536 3520 Null ( LockedFile.Multi.Generic ) - warning
18:34:26.0536 3520 Null - detected LockedFile.Multi.Generic (1)
18:34:26.0567 3520 nvatabus (7d960340be5b0e008bb94e4c3b991339) C:\Windows\system32\drivers\nvatabus.sys
18:34:26.0567 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvatabus.sys. md5: 7d960340be5b0e008bb94e4c3b991339
18:34:26.0583 3520 nvatabus ( LockedFile.Multi.Generic ) - warning
18:34:26.0583 3520 nvatabus - detected LockedFile.Multi.Generic (1)
18:34:26.0598 3520 nvraid (52f54c59a0ec7920c23638313e99e43c) C:\Windows\system32\drivers\nvraid.sys
18:34:26.0598 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvraid.sys. md5: 52f54c59a0ec7920c23638313e99e43c
18:34:26.0614 3520 nvraid ( LockedFile.Multi.Generic ) - warning
18:34:26.0614 3520 nvraid - detected LockedFile.Multi.Generic (1)
18:34:26.0630 3520 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
18:34:26.0630 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvstor.sys. md5: 9e0ba19a28c498a6d323d065db76dffc
18:34:26.0630 3520 nvstor ( LockedFile.Multi.Generic ) - warning
18:34:26.0630 3520 nvstor - detected LockedFile.Multi.Generic (1)
18:34:26.0676 3520 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
18:34:26.0676 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\nv_agp.sys. md5: 07c186427eb8fcc3d8d7927187f260f7
18:34:26.0692 3520 nv_agp ( LockedFile.Multi.Generic ) - warning
18:34:26.0692 3520 nv_agp - detected LockedFile.Multi.Generic (1)
18:34:26.0692 3520 NwlnkFlt - ok
18:34:26.0723 3520 NwlnkFwd - ok
18:34:26.0910 3520 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:34:26.0942 3520 odserv - ok
18:34:26.0973 3520 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
18:34:26.0973 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ohci1394.sys. md5: be32da025a0be1878f0ee8d6d9386cd5
18:34:26.0988 3520 ohci1394 ( LockedFile.Multi.Generic ) - warning
18:34:26.0988 3520 ohci1394 - detected LockedFile.Multi.Generic (1)
18:34:27.0051 3520 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:34:27.0066 3520 ose - ok
18:34:27.0144 3520 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
18:34:27.0238 3520 p2pimsvc - ok
18:34:27.0269 3520 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
18:34:27.0300 3520 p2psvc - ok
18:34:27.0363 3520 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:34:27.0363 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\parport.sys. md5: 0fa9b5055484649d63c303fe404e5f4d
18:34:27.0363 3520 Parport ( LockedFile.Multi.Generic ) - warning
18:34:27.0363 3520 Parport - detected LockedFile.Multi.Generic (1)
18:34:27.0410 3520 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
18:34:27.0410 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\partmgr.sys. md5: 555a5b2c8022983bc7467bc925b222ee
18:34:27.0410 3520 partmgr ( LockedFile.Multi.Generic ) - warning
18:34:27.0410 3520 partmgr - detected LockedFile.Multi.Generic (1)
18:34:27.0425 3520 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:34:27.0425 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\parvdm.sys. md5: 4f9a6a8a31413180d0fcb279ad5d8112
18:34:27.0441 3520 Parvdm ( LockedFile.Multi.Generic ) - warning
18:34:27.0441 3520 Parvdm - detected LockedFile.Multi.Generic (1)
18:34:27.0472 3520 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
18:34:27.0503 3520 PcaSvc - ok
18:34:27.0550 3520 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
18:34:27.0550 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\pci.sys. md5: 1085d75657807e0e8b32f9e19a1647c3
18:34:27.0566 3520 pci ( LockedFile.Multi.Generic ) - warning
18:34:27.0566 3520 pci - detected LockedFile.Multi.Generic (1)
18:34:27.0612 3520 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
18:34:27.0612 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: caba65e9c41cd2900d4c92d4f825c5f8
18:34:27.0612 3520 pciide ( LockedFile.Multi.Generic ) - warning
18:34:27.0612 3520 pciide - detected LockedFile.Multi.Generic (1)
18:34:27.0659 3520 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:34:27.0659 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\pcmcia.sys. md5: e6f3fb1b86aa519e7698ad05e58b04e5
18:34:27.0659 3520 pcmcia ( LockedFile.Multi.Generic ) - warning
18:34:27.0659 3520 pcmcia - detected LockedFile.Multi.Generic (1)
18:34:27.0753 3520 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:34:27.0753 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\peauth.sys. md5: 6349f6ed9c623b44b52ea3c63c831a92
18:34:27.0768 3520 PEAUTH ( LockedFile.Multi.Generic ) - warning
18:34:27.0768 3520 PEAUTH - detected LockedFile.Multi.Generic (1)
18:34:27.0940 3520 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
18:34:28.0174 3520 pla - ok
18:34:28.0392 3520 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
18:34:28.0408 3520 PlugPlay - ok
18:34:28.0486 3520 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
18:34:28.0486 3520 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:34:28.0486 3520 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:34:28.0595 3520 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
18:34:28.0626 3520 PNRPAutoReg - ok
18:34:28.0658 3520 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
18:34:28.0673 3520 PNRPsvc - ok
18:34:28.0767 3520 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
18:34:28.0860 3520 PolicyAgent - ok
18:34:28.0938 3520 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
18:34:28.0938 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspptp.sys. md5: c04dec5ace67c5247b150c4223970bb7
18:34:28.0954 3520 PptpMiniport ( LockedFile.Multi.Generic ) - warning
18:34:28.0954 3520 PptpMiniport - detected LockedFile.Multi.Generic (1)
18:34:29.0001 3520 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
18:34:29.0001 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\processr.sys. md5: 0e3cef5d28b40cf273281d620c50700a
18:34:29.0016 3520 Processor ( LockedFile.Multi.Generic ) - warning
18:34:29.0016 3520 Processor - detected LockedFile.Multi.Generic (1)
18:34:29.0048 3520 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
18:34:29.0110 3520 ProfSvc - ok
18:34:29.0188 3520 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
18:34:29.0204 3520 ProtectedStorage - ok
18:34:29.0250 3520 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
18:34:29.0250 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pacer.sys. md5: 2c8bae55247c4e09352e870292e4d1ab
18:34:29.0266 3520 PSched ( LockedFile.Multi.Generic ) - warning
18:34:29.0266 3520 PSched - detected LockedFile.Multi.Generic (1)
18:34:29.0282 3520 PxHelp20 (183ef96bcc2ec3d5294cb2c2c0ecbcd1) C:\Windows\system32\Drivers\PxHelp20.sys
18:34:29.0282 3520 Suspicious file (NoAccess): C:\Windows\system32\Drivers\PxHelp20.sys. md5: 183ef96bcc2ec3d5294cb2c2c0ecbcd1
18:34:29.0282 3520 PxHelp20 ( LockedFile.Multi.Generic ) - warning
18:34:29.0282 3520 PxHelp20 - detected LockedFile.Multi.Generic (1)
18:34:29.0391 3520 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
18:34:29.0391 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql2300.sys. md5: ccdac889326317792480c0a67156a1ec
18:34:29.0391 3520 ql2300 ( LockedFile.Multi.Generic ) - warning
18:34:29.0391 3520 ql2300 - detected LockedFile.Multi.Generic (1)
18:34:29.0422 3520 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:34:29.0422 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql40xx.sys. md5: 81a7e5c076e59995d54bc1ed3a16e60b
18:34:29.0422 3520 ql40xx ( LockedFile.Multi.Generic ) - warning
18:34:29.0422 3520 ql40xx - detected LockedFile.Multi.Generic (1)
18:34:29.0500 3520 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
18:34:29.0547 3520 QWAVE - ok
18:34:29.0578 3520 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
18:34:29.0578 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\qwavedrv.sys. md5: d2b3e2b7426dc23e185fbc73c8936c12
18:34:29.0578 3520 QWAVEdrv ( LockedFile.Multi.Generic ) - warning
18:34:29.0578 3520 QWAVEdrv - detected LockedFile.Multi.Generic (1)
18:34:29.0796 3520 R300 (252826c4bc88b01e945c2d3c6603f3b0) C:\Windows\system32\DRIVERS\atikmdag.sys
18:34:29.0796 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\atikmdag.sys. md5: 252826c4bc88b01e945c2d3c6603f3b0
18:34:29.0890 3520 R300 ( LockedFile.Multi.Generic ) - warning
18:34:29.0890 3520 R300 - detected LockedFile.Multi.Generic (1)
18:34:30.0030 3520 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
18:34:30.0030 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasacd.sys. md5: bd7b30f55b3649506dd8b3d38f571d2a
18:34:30.0062 3520 RasAcd ( LockedFile.Multi.Generic ) - warning
18:34:30.0062 3520 RasAcd - detected LockedFile.Multi.Generic (1)
18:34:30.0108 3520 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
18:34:30.0186 3520 RasAuto - ok
18:34:30.0218 3520 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:34:30.0218 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasl2tp.sys. md5: 68b0019fee429ec49d29017af937e482
18:34:30.0233 3520 Rasl2tp ( LockedFile.Multi.Generic ) - warning
18:34:30.0233 3520 Rasl2tp - detected LockedFile.Multi.Generic (1)
18:34:30.0280 3520 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
18:34:30.0358 3520 RasMan - ok
18:34:30.0405 3520 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:30.0405 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspppoe.sys. md5: ccf4e9c6cbbac81437f88cb2ae0b6c96
18:34:30.0405 3520 RasPppoe ( LockedFile.Multi.Generic ) - warning
18:34:30.0405 3520 RasPppoe - detected LockedFile.Multi.Generic (1)
18:34:30.0483 3520 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
18:34:30.0483 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdbss.sys. md5: 54129c5d9581bbec8bd1ebd3ba813f47
18:34:30.0483 3520 rdbss ( LockedFile.Multi.Generic ) - warning
18:34:30.0483 3520 rdbss - detected LockedFile.Multi.Generic (1)
18:34:30.0530 3520 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:34:30.0530 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RDPCDD.sys. md5: 794585276b5d7fca9f3fc15543f9f0b9
18:34:30.0545 3520 RDPCDD ( LockedFile.Multi.Generic ) - warning
18:34:30.0545 3520 RDPCDD - detected LockedFile.Multi.Generic (1)
18:34:30.0608 3520 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
18:34:30.0608 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpdr.sys. md5: e8bd98d46f2ed77132ba927fccb47d8b
18:34:30.0608 3520 rdpdr ( LockedFile.Multi.Generic ) - warning
18:34:30.0608 3520 rdpdr - detected LockedFile.Multi.Generic (1)
18:34:30.0623 3520 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
18:34:30.0623 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpencdd.sys. md5: 980b56e2e273e19d3a9d72d5c420f008
18:34:30.0639 3520 RDPENCDD ( LockedFile.Multi.Generic ) - warning
18:34:30.0639 3520 RDPENCDD - detected LockedFile.Multi.Generic (1)
18:34:30.0670 3520 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
18:34:30.0670 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\RDPWD.sys. md5: 8830e790a74a96605faba74f9665bb3c
18:34:30.0670 3520 RDPWD ( LockedFile.Multi.Generic ) - warning
18:34:30.0670 3520 RDPWD - detected LockedFile.Multi.Generic (1)
18:34:30.0717 3520 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
18:34:30.0795 3520 RemoteAccess - ok
18:34:30.0857 3520 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
18:34:30.0935 3520 RemoteRegistry - ok
18:34:30.0966 3520 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
18:34:30.0998 3520 RpcLocator - ok
18:34:31.0091 3520 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
18:34:31.0122 3520 RpcSs - ok
18:34:31.0200 3520 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
18:34:31.0200 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rspndr.sys. md5: 97e939d2128fec5d5a3e6e79b290a2f4
18:34:31.0232 3520 rspndr ( LockedFile.Multi.Generic ) - warning
18:34:31.0232 3520 rspndr - detected LockedFile.Multi.Generic (1)
18:34:31.0325 3520 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
18:34:31.0325 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Rtlh86.sys. md5: 2d19a7469ea19993d0c12e627f4530bc
18:34:31.0325 3520 RTL8169 ( LockedFile.Multi.Generic ) - warning
18:34:31.0325 3520 RTL8169 - detected LockedFile.Multi.Generic (1)
18:34:31.0388 3520 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
18:34:31.0403 3520 SamSs - ok
18:34:31.0434 3520 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:34:31.0434 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sbp2port.sys. md5: 3ce8f073a557e172b330109436984e30
18:34:31.0450 3520 sbp2port ( LockedFile.Multi.Generic ) - warning
18:34:31.0450 3520 sbp2port - detected LockedFile.Multi.Generic (1)
18:34:31.0512 3520 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\Windows\system32\drivers\SBREdrv.sys
18:34:31.0512 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\SBREdrv.sys. md5: 1fd538c4feb36b793d2121f20bbdc16f
18:34:31.0512 3520 SBRE ( LockedFile.Multi.Generic ) - warning
18:34:31.0512 3520 SBRE - detected LockedFile.Multi.Generic (1)
18:34:31.0575 3520 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
18:34:31.0622 3520 SCardSvr - ok
18:34:31.0715 3520 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
18:34:31.0793 3520 Schedule - ok
18:34:31.0871 3520 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
18:34:31.0918 3520 SCPolicySvc - ok
18:34:31.0965 3520 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
18:34:31.0980 3520 SDRSVC - ok
18:34:32.0027 3520 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:34:32.0027 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\secdrv.sys. md5: 90a3935d05b494a5a39d37e71f09a677
18:34:32.0043 3520 secdrv ( LockedFile.Multi.Generic ) - warning
18:34:32.0043 3520 secdrv - detected LockedFile.Multi.Generic (1)
18:34:32.0074 3520 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
18:34:32.0152 3520 seclogon - ok
18:34:32.0199 3520 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
18:34:32.0261 3520 SENS - ok
18:34:32.0324 3520 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:34:32.0324 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\serenum.sys. md5: 68e44e331d46f0fb38f0863a84cd1a31
18:34:32.0324 3520 Serenum ( LockedFile.Multi.Generic ) - warning
18:34:32.0324 3520 Serenum - detected LockedFile.Multi.Generic (1)
18:34:32.0386 3520 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:34:32.0386 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\serial.sys. md5: c70d69a918b178d3c3b06339b40c2e1b
18:34:32.0386 3520 Serial ( LockedFile.Multi.Generic ) - warning
18:34:32.0386 3520 Serial - detected LockedFile.Multi.Generic (1)
18:34:32.0464 3520 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
18:34:32.0464 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sermouse.sys. md5: 450accd77ec5cea720c1cdb9e26b953b
18:34:32.0464 3520 sermouse ( LockedFile.Multi.Generic ) - warning
18:34:32.0464 3520 sermouse - detected LockedFile.Multi.Generic (1)
18:34:32.0526 3520 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
18:34:32.0604 3520 SessionEnv - ok
18:34:32.0636 3520 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
18:34:32.0636 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffdisk.sys. md5: 103b79418da647736ee95645f305f68a
18:34:32.0636 3520 sffdisk ( LockedFile.Multi.Generic ) - warning
18:34:32.0636 3520 sffdisk - detected LockedFile.Multi.Generic (1)
18:34:32.0651 3520 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
18:34:32.0651 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_mmc.sys. md5: 8fd08a310645fe872eeec6e08c6bf3ee
18:34:32.0667 3520 sffp_mmc ( LockedFile.Multi.Generic ) - warning
18:34:32.0667 3520 sffp_mmc - detected LockedFile.Multi.Generic (1)
18:34:32.0682 3520 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
18:34:32.0682 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_sd.sys. md5: 9cfa05fcfcb7124e69cfc812b72f9614
18:34:32.0698 3520 sffp_sd ( LockedFile.Multi.Generic ) - warning
18:34:32.0698 3520 sffp_sd - detected LockedFile.Multi.Generic (1)
18:34:32.0714 3520 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:34:32.0714 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sfloppy.sys. md5: 46ed8e91793b2e6f848015445a0ac188
18:34:32.0714 3520 sfloppy ( LockedFile.Multi.Generic ) - warning
18:34:32.0714 3520 sfloppy - detected LockedFile.Multi.Generic (1)
18:34:32.0792 3520 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
18:34:32.0823 3520 SharedAccess - ok
18:34:32.0901 3520 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
18:34:32.0916 3520 ShellHWDetection - ok
18:34:32.0948 3520 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
18:34:32.0948 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisagp.sys. md5: d2a595d6eebeeaf4334f8e50efbc9931
18:34:32.0963 3520 sisagp ( LockedFile.Multi.Generic ) - warning
18:34:32.0963 3520 sisagp - detected LockedFile.Multi.Generic (1)
18:34:32.0979 3520 SiSRaid2 (b8a2f8dcdc75f19962d975727f393920) C:\Windows\system32\drivers\sisraid2.sys
18:34:32.0979 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid2.sys. md5: b8a2f8dcdc75f19962d975727f393920
18:34:32.0979 3520 SiSRaid2 ( LockedFile.Multi.Generic ) - warning
18:34:32.0979 3520 SiSRaid2 - detected LockedFile.Multi.Generic (1)
18:34:33.0010 3520 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
18:34:33.0010 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid4.sys. md5: df843c528c4f69d12ce41ce462e973a7
18:34:33.0026 3520 SiSRaid4 ( LockedFile.Multi.Generic ) - warning
18:34:33.0026 3520 SiSRaid4 - detected LockedFile.Multi.Generic (1)
18:34:33.0275 3520 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
18:34:33.0603 3520 slsvc - ok
18:34:33.0806 3520 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
18:34:33.0821 3520 SLUINotify - ok
18:34:33.0884 3520 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
18:34:33.0884 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smb.sys. md5: ac0d90738adb51a6fd12ff00874a2162
18:34:33.0915 3520 Smb ( LockedFile.Multi.Generic ) - warning
18:34:33.0915 3520 Smb - detected LockedFile.Multi.Generic (1)
18:34:34.0024 3520 smserial (d9bfd2298f5cf116d8eaae3b02dcee2e) C:\Windows\system32\DRIVERS\smserial.sys
18:34:34.0024 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smserial.sys. md5: d9bfd2298f5cf116d8eaae3b02dcee2e
18:34:34.0040 3520 smserial ( LockedFile.Multi.Generic ) - warning
18:34:34.0040 3520 smserial - detected LockedFile.Multi.Generic (1)
18:34:34.0086 3520 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
18:34:34.0102 3520 SNMPTRAP - ok
18:34:34.0164 3520 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
18:34:34.0164 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\spldr.sys. md5: 426f9b029aa9162ceccf65369457d046
18:34:34.0196 3520 spldr ( LockedFile.Multi.Generic ) - warning
18:34:34.0196 3520 spldr - detected LockedFile.Multi.Generic (1)
18:34:34.0242 3520 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
18:34:34.0258 3520 Spooler - ok
18:34:34.0320 3520 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
18:34:34.0320 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv.sys. md5: 038579c35f7cad4a4bbf735dbf83277d
18:34:34.0320 3520 srv ( LockedFile.Multi.Generic ) - warning
18:34:34.0320 3520 srv - detected LockedFile.Multi.Generic (1)
18:34:34.0414 3520 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
18:34:34.0414 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv2.sys. md5: 6971a757af8cb5e2cbcbb76cc530db6c
18:34:34.0414 3520 srv2 ( LockedFile.Multi.Generic ) - warning
18:34:34.0414 3520 srv2 - detected LockedFile.Multi.Generic (1)
18:34:34.0476 3520 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
18:34:34.0476 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srvnet.sys. md5: 9e1a4603b874eebce0298113951abefb
18:34:34.0476 3520 srvnet ( LockedFile.Multi.Generic ) - warning
18:34:34.0476 3520 srvnet - detected LockedFile.Multi.Generic (1)
18:34:34.0508 3520 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
18:34:34.0570 3520 SSDPSRV - ok
18:34:34.0617 3520 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:34:34.0632 3520 ssmdrv - ok
18:34:34.0695 3520 StillCam (7a95b5deb594616f1693486b8161411e) C:\Windows\system32\DRIVERS\serscan.sys
18:34:34.0695 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serscan.sys. md5: 7a95b5deb594616f1693486b8161411e
18:34:34.0695 3520 StillCam ( LockedFile.Multi.Generic ) - warning
18:34:34.0710 3520 StillCam - detected LockedFile.Multi.Generic (1)
18:34:34.0773 3520 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
18:34:34.0804 3520 stisvc - ok
18:34:34.0866 3520 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
18:34:34.0866 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\swenum.sys. md5: 1379bdb336f8158c176a465e30759f57
18:34:34.0866 3520 swenum ( LockedFile.Multi.Generic ) - warning
18:34:34.0866 3520 swenum - detected LockedFile.Multi.Generic (1)
18:34:34.0929 3520 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
18:34:35.0022 3520 swprv - ok
18:34:35.0069 3520 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:34:35.0085 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\symc8xx.sys. md5: 192aa3ac01df071b541094f251deed10
18:34:35.0085 3520 Symc8xx ( LockedFile.Multi.Generic ) - warning
18:34:35.0085 3520 Symc8xx - detected LockedFile.Multi.Generic (1)
18:34:35.0116 3520 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:34:35.0116 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sym_hi.sys. md5: 8c8eb8c76736ebaf3b13b633b2e64125
18:34:35.0132 3520 Sym_hi ( LockedFile.Multi.Generic ) - warning
18:34:35.0132 3520 Sym_hi - detected LockedFile.Multi.Generic (1)
18:34:35.0147 3520 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:34:35.0147 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\sym_u3.sys. md5: 8072af52b5fd103bbba387a1e49f62cb
18:34:35.0163 3520 Sym_u3 ( LockedFile.Multi.Generic ) - warning
18:34:35.0163 3520 Sym_u3 - detected LockedFile.Multi.Generic (1)
18:34:35.0241 3520 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
18:34:35.0303 3520 SysMain - ok
18:34:35.0350 3520 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
18:34:35.0381 3520 TabletInputService - ok
18:34:35.0428 3520 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
18:34:35.0490 3520 TapiSrv - ok
18:34:35.0537 3520 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
18:34:35.0615 3520 TBS - ok
18:34:35.0756 3520 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
18:34:35.0756 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpip.sys. md5: 4a82fa8f0df67aa354580c3faaf8bde3
18:34:35.0787 3520 Tcpip ( LockedFile.Multi.Generic ) - warning
18:34:35.0787 3520 Tcpip - detected LockedFile.Multi.Generic (1)
18:34:35.0802 3520 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
18:34:35.0802 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tcpip.sys. md5: 4a82fa8f0df67aa354580c3faaf8bde3
18:34:35.0818 3520 Tcpip6 ( LockedFile.Multi.Generic ) - warning
18:34:35.0818 3520 Tcpip6 - detected LockedFile.Multi.Generic (1)
18:34:35.0880 3520 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
18:34:35.0880 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpipreg.sys. md5: 5ce0c4a7b12d0067dad527d72b68c726
18:34:35.0880 3520 tcpipreg ( LockedFile.Multi.Generic ) - warning
18:34:35.0880 3520 tcpipreg - detected LockedFile.Multi.Generic (1)
18:34:35.0927 3520 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
18:34:35.0927 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdpipe.sys. md5: 964248aef49c31fa6a93201a73ffaf50
18:34:35.0927 3520 TDPIPE ( LockedFile.Multi.Generic ) - warning
18:34:35.0927 3520 TDPIPE - detected LockedFile.Multi.Generic (1)
18:34:35.0958 3520 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
18:34:35.0958 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdtcp.sys. md5: 7d2c1ae1648a60fce4aa0f7982e419d3
18:34:35.0958 3520 TDTCP ( LockedFile.Multi.Generic ) - warning
18:34:35.0958 3520 TDTCP - detected LockedFile.Multi.Generic (1)
18:34:35.0974 3520 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
18:34:35.0974 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tdx.sys. md5: ab4fde8af4a0270a46a001c08cbce1c2
18:34:35.0990 3520 tdx ( LockedFile.Multi.Generic ) - warning
18:34:35.0990 3520 tdx - detected LockedFile.Multi.Generic (1)
18:34:36.0036 3520 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
18:34:36.0036 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\termdd.sys. md5: 2c549bd9dd091fbfaa0a2a48e82ec2fb
18:34:36.0036 3520 TermDD ( LockedFile.Multi.Generic ) - warning
18:34:36.0036 3520 TermDD - detected LockedFile.Multi.Generic (1)
18:34:36.0114 3520 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
18:34:36.0255 3520 TermService - ok
18:34:36.0348 3520 TestHandler (8c80a73a5d77b2208ca91e4fa269981d) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
18:34:36.0380 3520 TestHandler ( UnsignedFile.Multi.Generic ) - warning
18:34:36.0380 3520 TestHandler - detected UnsignedFile.Multi.Generic (1)
18:34:36.0442 3520 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
18:34:36.0458 3520 Themes - ok
18:34:36.0504 3520 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
18:34:36.0551 3520 THREADORDER - ok
18:34:36.0614 3520 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
18:34:36.0692 3520 TrkWks - ok
18:34:36.0785 3520 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
18:34:36.0801 3520 TrustedInstaller - ok
18:34:36.0832 3520 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:36.0832 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tssecsrv.sys. md5: 29f0eca726f0d51f7e048bdb0b372f29
18:34:36.0863 3520 tssecsrv ( LockedFile.Multi.Generic ) - warning
18:34:36.0863 3520 tssecsrv - detected LockedFile.Multi.Generic (1)
18:34:36.0910 3520 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
18:34:36.0910 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunmp.sys. md5: 65e953bc0084d44498b51f59784d2a82
18:34:36.0926 3520 tunmp ( LockedFile.Multi.Generic ) - warning
18:34:36.0926 3520 tunmp - detected LockedFile.Multi.Generic (1)
18:34:36.0957 3520 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
18:34:36.0957 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunnel.sys. md5: 4a39bda5e0fd30bdf4884f9d33ae6105
18:34:36.0957 3520 tunnel ( LockedFile.Multi.Generic ) - warning
18:34:36.0957 3520 tunnel - detected LockedFile.Multi.Generic (1)
18:34:37.0019 3520 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
18:34:37.0019 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\uagp35.sys. md5: c3ade15414120033a36c0f293d4a4121
18:34:37.0035 3520 uagp35 ( LockedFile.Multi.Generic ) - warning
18:34:37.0035 3520 uagp35 - detected LockedFile.Multi.Generic (1)
18:34:37.0066 3520 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
18:34:37.0082 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\udfs.sys. md5: 6348da98707ceda8a0dfb05820e17732
18:34:37.0082 3520 udfs ( LockedFile.Multi.Generic ) - warning
18:34:37.0082 3520 udfs - detected LockedFile.Multi.Generic (1)
18:34:37.0144 3520 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
18:34:37.0160 3520 UI0Detect - ok
18:34:37.0191 3520 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
18:34:37.0191 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliagpkx.sys. md5: 75e6890ebfce0841d3291b02e7a8bdb0
18:34:37.0191 3520 uliagpkx ( LockedFile.Multi.Generic ) - warning
18:34:37.0191 3520 uliagpkx - detected LockedFile.Multi.Generic (1)
18:34:37.0238 3520 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
18:34:37.0238 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliahci.sys. md5: 3cd4ea35a6221b85dcc25daa46313f8d
18:34:37.0238 3520 uliahci ( LockedFile.Multi.Generic ) - warning
18:34:37.0238 3520 uliahci - detected LockedFile.Multi.Generic (1)
18:34:37.0269 3520 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:34:37.0269 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ulsata.sys. md5: 8514d0e5cd0534467c5fc61be94a569f
18:34:37.0269 3520 UlSata ( LockedFile.Multi.Generic ) - warning
18:34:37.0269 3520 UlSata - detected LockedFile.Multi.Generic (1)
18:34:37.0316 3520 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:34:37.0316 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ulsata2.sys. md5: 38c3c6e62b157a6bc46594fada45c62b
18:34:37.0316 3520 ulsata2 ( LockedFile.Multi.Generic ) - warning
18:34:37.0316 3520 ulsata2 - detected LockedFile.Multi.Generic (1)
18:34:37.0347 3520 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
18:34:37.0347 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umbus.sys. md5: 3fb78f1d1dd86d87bececd9dffa24dd9
18:34:37.0347 3520 umbus ( LockedFile.Multi.Generic ) - warning
18:34:37.0347 3520 umbus - detected LockedFile.Multi.Generic (1)
18:34:37.0394 3520 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
18:34:37.0472 3520 upnphost - ok
18:34:37.0550 3520 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
18:34:37.0550 3520 Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbaapl.sys. md5: 83cafcb53201bbac04d822f32438e244
18:34:37.0565 3520 USBAAPL ( LockedFile.Multi.Generic ) - warning
18:34:37.0565 3520 USBAAPL - detected LockedFile.Multi.Generic (1)
18:34:37.0690 3520 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
18:34:37.0690 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbaudio.sys. md5: f6bf998ae33e3fb6c7d27f0560f1173f
18:34:37.0706 3520 usbaudio ( LockedFile.Multi.Generic ) - warning
18:34:37.0706 3520 usbaudio - detected LockedFile.Multi.Generic (1)
18:34:37.0799 3520 usbccgp (03b01e8dbd2da2b49157b7e51912aaf2) C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:37.0799 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbccgp.sys. md5: 03b01e8dbd2da2b49157b7e51912aaf2
18:34:37.0799 3520 usbccgp ( LockedFile.Multi.Generic ) - warning
18:34:37.0799 3520 usbccgp - detected LockedFile.Multi.Generic (1)
18:34:37.0846 3520 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:34:37.0846 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbcir.sys. md5: e9476e6c486e76bc4898074768fb7131
18:34:37.0846 3520 usbcir ( LockedFile.Multi.Generic ) - warning
18:34:37.0846 3520 usbcir - detected LockedFile.Multi.Generic (1)
18:34:37.0893 3520 usbehci (2f83363f98484f8edaf49f9b41520d14) C:\Windows\system32\DRIVERS\usbehci.sys
18:34:37.0908 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbehci.sys. md5: 2f83363f98484f8edaf49f9b41520d14
18:34:37.0908 3520 usbehci ( LockedFile.Multi.Generic ) - warning
18:34:37.0908 3520 usbehci - detected LockedFile.Multi.Generic (1)
18:34:37.0940 3520 usbhub (14d2a4dcd92c0b3368667aed6893463d) C:\Windows\system32\DRIVERS\usbhub.sys
18:34:37.0940 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbhub.sys. md5: 14d2a4dcd92c0b3368667aed6893463d
18:34:37.0955 3520 usbhub ( LockedFile.Multi.Generic ) - warning
18:34:37.0955 3520 usbhub - detected LockedFile.Multi.Generic (1)
18:34:37.0986 3520 usbohci (51dc36722172d45f2f935ce5cc18a812) C:\Windows\system32\DRIVERS\usbohci.sys
18:34:37.0986 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbohci.sys. md5: 51dc36722172d45f2f935ce5cc18a812
18:34:37.0986 3520 usbohci ( LockedFile.Multi.Generic ) - warning
18:34:37.0986 3520 usbohci - detected LockedFile.Multi.Generic (1)
18:34:38.0018 3520 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
18:34:38.0018 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbprint.sys. md5: b51e52acf758be00ef3a58ea452fe360
18:34:38.0018 3520 usbprint ( LockedFile.Multi.Generic ) - warning
18:34:38.0018 3520 usbprint - detected LockedFile.Multi.Generic (1)
18:34:38.0080 3520 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
18:34:38.0080 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbscan.sys. md5: b1f95285c08ddfe00c0b955462637ec7
18:34:38.0080 3520 usbscan ( LockedFile.Multi.Generic ) - warning
18:34:38.0080 3520 usbscan - detected LockedFile.Multi.Generic (1)
18:34:38.0142 3520 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:34:38.0142 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\USBSTOR.SYS. md5: 7887ce56934e7f104e98c975f47353c5
18:34:38.0142 3520 USBSTOR ( LockedFile.Multi.Generic ) - warning
18:34:38.0142 3520 USBSTOR - detected LockedFile.Multi.Generic (1)
18:34:38.0174 3520 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
18:34:38.0174 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbuhci.sys. md5: 325dbbacb8a36af9988ccf40eac228cc
18:34:38.0174 3520 usbuhci ( LockedFile.Multi.Generic ) - warning
18:34:38.0174 3520 usbuhci - detected LockedFile.Multi.Generic (1)
18:34:38.0236 3520 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
18:34:38.0314 3520 UxSms - ok
18:34:38.0392 3520 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
18:34:38.0454 3520 vds - ok
18:34:38.0486 3520 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:38.0486 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: 7d92be0028ecdedec74617009084b5ef
18:34:38.0517 3520 vga ( LockedFile.Multi.Generic ) - warning
18:34:38.0517 3520 vga - detected LockedFile.Multi.Generic (1)
18:34:38.0548 3520 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
18:34:38.0548 3520 Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: 17a8f877314e4067f8c8172cc6d9101c
18:34:38.0564 3520 VgaSave ( LockedFile.Multi.Generic ) - warning
18:34:38.0564 3520 VgaSave - detected LockedFile.Multi.Generic (1)
18:34:38.0610 3520 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
18:34:38.0610 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaagp.sys. md5: 045d9961e591cf0674a920b6ba3ba5cb
18:34:38.0610 3520 viaagp ( LockedFile.Multi.Generic ) - warning
18:34:38.0610 3520 viaagp - detected LockedFile.Multi.Generic (1)
18:34:38.0626 3520 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
18:34:38.0626 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\viac7.sys. md5: 56a4de5f02f2e88182b0981119b4dd98
18:34:38.0642 3520 ViaC7 ( LockedFile.Multi.Generic ) - warning
18:34:38.0642 3520 ViaC7 - detected LockedFile.Multi.Generic (1)
18:34:38.0673 3520 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
18:34:38.0673 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaide.sys. md5: fd2e3175fcada350c7ab4521dca187ec
18:34:38.0673 3520 viaide ( LockedFile.Multi.Generic ) - warning
18:34:38.0673 3520 viaide - detected LockedFile.Multi.Generic (1)
18:34:38.0720 3520 viamraid (9f3f276c7300ed211129757a411b605f) C:\Windows\system32\drivers\viamraid.sys
18:34:38.0720 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\viamraid.sys. md5: 9f3f276c7300ed211129757a411b605f
18:34:38.0735 3520 viamraid ( LockedFile.Multi.Generic ) - warning
18:34:38.0735 3520 viamraid - detected LockedFile.Multi.Generic (1)
18:34:38.0766 3520 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
18:34:38.0766 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgr.sys. md5: 103e84c95832d0ed93507997cc7b54e8
18:34:38.0766 3520 volmgr ( LockedFile.Multi.Generic ) - warning
18:34:38.0766 3520 volmgr - detected LockedFile.Multi.Generic (1)
18:34:38.0813 3520 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
18:34:38.0813 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: 294da8d3f965f6a8db934a83c7b461ff
18:34:38.0813 3520 volmgrx ( LockedFile.Multi.Generic ) - warning
18:34:38.0813 3520 volmgrx - detected LockedFile.Multi.Generic (1)
18:34:38.0860 3520 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
18:34:38.0860 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\volsnap.sys. md5: 80dc0c9bcb579ed9815001a4d37cbfd5
18:34:38.0860 3520 volsnap ( LockedFile.Multi.Generic ) - warning
18:34:38.0860 3520 volsnap - detected LockedFile.Multi.Generic (1)
18:34:38.0922 3520 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
18:34:38.0922 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\vsmraid.sys. md5: d984439746d42b30fc65a4c3546c6829
18:34:38.0938 3520 vsmraid ( LockedFile.Multi.Generic ) - warning
18:34:38.0938 3520 vsmraid - detected LockedFile.Multi.Generic (1)
18:34:39.0047 3520 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
18:34:39.0141 3520 VSS - ok
18:34:39.0203 3520 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
18:34:39.0266 3520 W32Time - ok
18:34:39.0359 3520 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:34:39.0359 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\wacompen.sys. md5: 48dfee8f1af7c8235d4e626f0c4fe031
18:34:39.0390 3520 WacomPen ( LockedFile.Multi.Generic ) - warning
18:34:39.0390 3520 WacomPen - detected LockedFile.Multi.Generic (1)
18:34:39.0453 3520 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
18:34:39.0453 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 6798c1209a53b5a0ded8d437c45145ff
18:34:39.0453 3520 Wanarp ( LockedFile.Multi.Generic ) - warning
18:34:39.0453 3520 Wanarp - detected LockedFile.Multi.Generic (1)
18:34:39.0468 3520 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
18:34:39.0468 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 6798c1209a53b5a0ded8d437c45145ff
18:34:39.0484 3520 Wanarpv6 ( LockedFile.Multi.Generic ) - warning
18:34:39.0484 3520 Wanarpv6 - detected LockedFile.Multi.Generic (1)
18:34:39.0531 3520 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
18:34:39.0578 3520 wcncsvc - ok
18:34:39.0624 3520 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
18:34:39.0671 3520 WcsPlugInService - ok
18:34:39.0718 3520 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
18:34:39.0718 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\wd.sys. md5: afc5ad65b991c1e205cf25cfdbf7a6f4
18:34:39.0734 3520 Wd ( LockedFile.Multi.Generic ) - warning
18:34:39.0734 3520 Wd - detected LockedFile.Multi.Generic (1)
18:34:39.0827 3520 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:34:39.0827 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: 9950e3d0f08141c7e89e64456ae7dc73
18:34:39.0827 3520 Wdf01000 ( LockedFile.Multi.Generic ) - warning
18:34:39.0827 3520 Wdf01000 - detected LockedFile.Multi.Generic (1)
18:34:39.0874 3520 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
18:34:39.0921 3520 WdiServiceHost - ok
18:34:39.0936 3520 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
18:34:39.0952 3520 WdiSystemHost - ok
18:34:40.0030 3520 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
18:34:40.0092 3520 WebClient - ok
18:34:40.0124 3520 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
18:34:40.0186 3520 Wecsvc - ok
18:34:40.0264 3520 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
18:34:40.0342 3520 wercplsupport - ok
18:34:40.0404 3520 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
18:34:40.0482 3520 WerSvc - ok
18:34:40.0654 3520 WinDefend (0d5ad0e71ff5ddac5dd2f443b499abd0) C:\Program Files\Windows Defender\mpsvc.dll
18:34:40.0670 3520 WinDefend - ok
18:34:40.0685 3520 WinHttpAutoProxySvc - ok
18:34:40.0794 3520 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
18:34:40.0872 3520 Winmgmt - ok
18:34:40.0935 3520 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
18:34:41.0060 3520 WinRM - ok
18:34:41.0184 3520 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
18:34:41.0216 3520 Wlansvc - ok
18:34:41.0278 3520 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
18:34:41.0278 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\wmiacpi.sys. md5: 701a9f884a294327e9141d73746ee279
18:34:41.0309 3520 WmiAcpi ( LockedFile.Multi.Generic ) - warning
18:34:41.0309 3520 WmiAcpi - detected LockedFile.Multi.Generic (1)
18:34:41.0356 3520 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
18:34:41.0387 3520 wmiApSrv - ok
18:34:41.0559 3520 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:34:41.0652 3520 WMPNetworkSvc - ok
18:34:41.0715 3520 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
18:34:41.0762 3520 WPCSvc - ok
18:34:41.0793 3520 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
18:34:41.0855 3520 WPDBusEnum - ok
18:34:41.0933 3520 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
18:34:41.0933 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wpdusb.sys. md5: 2d27171b16a577ef14c1273668753485
18:34:41.0964 3520 WpdUsb ( LockedFile.Multi.Generic ) - warning
18:34:41.0964 3520 WpdUsb - detected LockedFile.Multi.Generic (1)
18:34:42.0011 3520 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
18:34:42.0011 3520 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 84620aecdcfd2a7a14e6263927d8c0ed
18:34:42.0011 3520 ws2ifsl ( LockedFile.Multi.Generic ) - warning
18:34:42.0011 3520 ws2ifsl - detected LockedFile.Multi.Generic (1)
18:34:42.0058 3520 wscsvc (f97cbb919af6d0a6643d1a59c15014d1) C:\Windows\System32\wscsvc.dll
18:34:42.0074 3520 wscsvc - ok
18:34:42.0089 3520 WSearch - ok
18:34:42.0323 3520 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
18:34:42.0510 3520 wuauserv - ok
18:34:42.0682 3520 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:34:42.0682 3520 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: a2aafcc8a204736296d937c7c545b53f
18:34:42.0713 3520 WUDFRd ( LockedFile.Multi.Generic ) - warning
18:34:42.0713 3520 WUDFRd - detected LockedFile.Multi.Generic (1)
18:34:42.0776 3520 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
18:34:42.0854 3520 wudfsvc - ok
18:34:42.0932 3520 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:34:43.0337 3520 \Device\Harddisk0\DR0 - ok
18:34:43.0337 3520 Boot (0x1200) (2ffefae0ec357db9312cfd5af137b45c) \Device\Harddisk0\DR0\Partition0
18:34:43.0337 3520 \Device\Harddisk0\DR0\Partition0 - ok
18:34:43.0368 3520 Boot (0x1200) (de03981176d833c797633efa63eea601) \Device\Harddisk0\DR0\Partition1
18:34:43.0368 3520 \Device\Harddisk0\DR0\Partition1 - ok
18:34:43.0368 3520 ============================================================
18:34:43.0368 3520 Scan finished
18:34:43.0368 3520 ============================================================
18:34:43.0384 2560 Detected object count: 172
18:34:43.0384 2560 Actual detected object count: 172
18:37:16.0047 2560 3b54d32e95b5a867 ( LockedService.Multi.Generic ) - skipped by user
18:37:16.0047 2560 3b54d32e95b5a867 ( LockedService.Multi.Generic ) - User select action: Skip
18:37:16.0062 2560 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
18:37:16.0062 2560 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:37:16.0062 2560 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:37:16.0062 2560 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:37:16.0062 2560 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
18:37:16.0062 2560 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:37:16.0062 2560 HTTP ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0062 2560 HTTP ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0078 2560 i2omp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0078 2560 i2omp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0078 2560 i8042prt ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0078 2560 i8042prt ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0078 2560 iaStor ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0078 2560 iaStor ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0078 2560 iaStorV ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0078 2560 iaStorV ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0078 2560 iirsp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0078 2560 iirsp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0093 2560 IntcAzAudAddService ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0093 2560 IntcAzAudAddService ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0093 2560 intelide ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0093 2560 intelide ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0093 2560 intelppm ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0093 2560 intelppm ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0093 2560 IpFilterDriver ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0093 2560 IpFilterDriver ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0109 2560 IPMIDRV ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0109 2560 IPMIDRV ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0109 2560 IPNAT ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0109 2560 IPNAT ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0109 2560 IRENUM ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0109 2560 IRENUM ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0109 2560 isapnp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0109 2560 isapnp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0109 2560 iScsiPrt ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0109 2560 iScsiPrt ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0125 2560 iteatapi ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0125 2560 iteatapi ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0125 2560 iteraid ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0125 2560 iteraid ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0125 2560 kbdclass ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0125 2560 kbdclass ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0125 2560 kbdhid ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0125 2560 kbdhid ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0125 2560 KSecDD ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0125 2560 KSecDD ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0140 2560 lltdio ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0140 2560 lltdio ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0140 2560 LSI_FC ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0140 2560 LSI_FC ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0140 2560 LSI_SAS ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0140 2560 LSI_SAS ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0140 2560 LSI_SCSI ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0140 2560 LSI_SCSI ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0156 2560 luafv ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0156 2560 luafv ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0156 2560 megasas ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0156 2560 megasas ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0156 2560 Modem ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0156 2560 Modem ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0156 2560 monitor ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0156 2560 monitor ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0156 2560 mouclass ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0156 2560 mouclass ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0171 2560 mouhid ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0171 2560 mouhid ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0171 2560 MountMgr ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0171 2560 MountMgr ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0171 2560 mpio ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0171 2560 mpio ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0171 2560 mpsdrv ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0171 2560 mpsdrv ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0187 2560 Mraid35x ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0187 2560 Mraid35x ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0187 2560 MRxDAV ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0187 2560 MRxDAV ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0187 2560 mrxsmb ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0187 2560 mrxsmb ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0187 2560 mrxsmb10 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0187 2560 mrxsmb10 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0187 2560 mrxsmb20 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0187 2560 mrxsmb20 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0203 2560 msahci ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0203 2560 msahci ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0203 2560 msdsm ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0203 2560 msdsm ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0203 2560 Msfs ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0203 2560 Msfs ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0203 2560 msisadrv ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0203 2560 msisadrv ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0218 2560 MSKSSRV ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0218 2560 MSKSSRV ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0218 2560 MSPCLOCK ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0218 2560 MSPCLOCK ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0218 2560 MSPQM ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0218 2560 MSPQM ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0218 2560 MsRPC ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0218 2560 MsRPC ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0234 2560 mssmbios ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0234 2560 mssmbios ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0234 2560 MSTEE ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0234 2560 MSTEE ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0234 2560 Mup ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0234 2560 Mup ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0234 2560 NativeWifiP ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0234 2560 NativeWifiP ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0234 2560 NDIS ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0234 2560 NDIS ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0249 2560 NdisTapi ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0249 2560 NdisTapi ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0249 2560 Ndisuio ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0249 2560 Ndisuio ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0249 2560 NdisWan ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0249 2560 NdisWan ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0249 2560 NDProxy ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0249 2560 NDProxy ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0249 2560 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:37:16.0249 2560 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:37:16.0265 2560 Netaapl ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0265 2560 Netaapl ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0265 2560 NetBIOS ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0265 2560 NetBIOS ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0265 2560 netbt ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0265 2560 netbt ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0265 2560 nfrd960 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0265 2560 nfrd960 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0265 2560 Npfs ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0265 2560 Npfs ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0281 2560 nsiproxy ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0281 2560 nsiproxy ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0281 2560 Ntfs ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0281 2560 Ntfs ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0281 2560 ntrigdigi ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0281 2560 ntrigdigi ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0281 2560 Null ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0281 2560 Null ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0296 2560 nvatabus ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0296 2560 nvatabus ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0296 2560 nvraid ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0296 2560 nvraid ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0296 2560 nvstor ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0296 2560 nvstor ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0296 2560 nv_agp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0296 2560 nv_agp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0296 2560 ohci1394 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0296 2560 ohci1394 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0312 2560 Parport ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0312 2560 Parport ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0312 2560 partmgr ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0312 2560 partmgr ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0312 2560 Parvdm ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0312 2560 Parvdm ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0312 2560 pci ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0312 2560 pci ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0312 2560 pciide ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0312 2560 pciide ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0327 2560 pcmcia ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0327 2560 pcmcia ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0327 2560 PEAUTH ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0327 2560 PEAUTH ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0327 2560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:37:16.0327 2560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:37:16.0327 2560 PptpMiniport ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0327 2560 PptpMiniport ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0327 2560 Processor ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0327 2560 Processor ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0343 2560 PSched ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0343 2560 PSched ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0343 2560 PxHelp20 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0343 2560 PxHelp20 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0343 2560 ql2300 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0343 2560 ql2300 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0343 2560 ql40xx ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0343 2560 ql40xx ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0359 2560 QWAVEdrv ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0359 2560 QWAVEdrv ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0359 2560 R300 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0359 2560 R300 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0359 2560 RasAcd ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0359 2560 RasAcd ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0359 2560 Rasl2tp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0359 2560 Rasl2tp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0359 2560 RasPppoe ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0359 2560 RasPppoe ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0374 2560 rdbss ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0374 2560 rdbss ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0374 2560 RDPCDD ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0374 2560 RDPCDD ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0374 2560 rdpdr ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0374 2560 rdpdr ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0374 2560 RDPENCDD ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0374 2560 RDPENCDD ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0390 2560 RDPWD ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0390 2560 RDPWD ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0390 2560 rspndr ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0390 2560 rspndr ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0390 2560 RTL8169 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0390 2560 RTL8169 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0390 2560 sbp2port ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0390 2560 sbp2port ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0390 2560 SBRE ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0390 2560 SBRE ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0390 2560 secdrv ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0390 2560 secdrv ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0405 2560 Serenum ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0405 2560 Serenum ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0405 2560 Serial ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0405 2560 Serial ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0405 2560 sermouse ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0405 2560 sermouse ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0405 2560 sffdisk ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0405 2560 sffdisk ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0421 2560 sffp_mmc ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0421 2560 sffp_mmc ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0421 2560 sffp_sd ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0421 2560 sffp_sd ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0421 2560 sfloppy ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0421 2560 sfloppy ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0421 2560 sisagp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0421 2560 sisagp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0437 2560 SiSRaid2 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0437 2560 SiSRaid2 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0437 2560 SiSRaid4 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0437 2560 SiSRaid4 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0437 2560 Smb ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0437 2560 Smb ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0437 2560 smserial ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0437 2560 smserial ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0437 2560 spldr ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0437 2560 spldr ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0452 2560 srv ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0452 2560 srv ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0452 2560 srv2 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0452 2560 srv2 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0452 2560 srvnet ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0452 2560 srvnet ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0452 2560 StillCam ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0452 2560 StillCam ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0452 2560 swenum ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0452 2560 swenum ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0468 2560 Symc8xx ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0468 2560 Symc8xx ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0468 2560 Sym_hi ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0468 2560 Sym_hi ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0468 2560 Sym_u3 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0468 2560 Sym_u3 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0468 2560 Tcpip ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0468 2560 Tcpip ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0468 2560 Tcpip6 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0468 2560 Tcpip6 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0483 2560 tcpipreg ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0483 2560 tcpipreg ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0483 2560 TDPIPE ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0483 2560 TDPIPE ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0483 2560 TDTCP ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0483 2560 TDTCP ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0483 2560 tdx ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0483 2560 tdx ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0499 2560 TermDD ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0499 2560 TermDD ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0499 2560 TestHandler ( UnsignedFile.Multi.Generic ) - skipped by user
18:37:16.0499 2560 TestHandler ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:37:16.0499 2560 tssecsrv ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0499 2560 tssecsrv ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0499 2560 tunmp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0499 2560 tunmp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0499 2560 tunnel ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0499 2560 tunnel ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0515 2560 uagp35 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0515 2560 uagp35 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0515 2560 udfs ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0515 2560 udfs ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0515 2560 uliagpkx ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0515 2560 uliagpkx ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0515 2560 uliahci ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0515 2560 uliahci ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0515 2560 UlSata ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0515 2560 UlSata ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0530 2560 ulsata2 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0530 2560 ulsata2 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0530 2560 umbus ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0530 2560 umbus ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0530 2560 USBAAPL ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0530 2560 USBAAPL ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0530 2560 usbaudio ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0530 2560 usbaudio ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0530 2560 usbccgp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0530 2560 usbccgp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0546 2560 usbcir ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0546 2560 usbcir ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0546 2560 usbehci ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0546 2560 usbehci ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0546 2560 usbhub ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0546 2560 usbhub ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0546 2560 usbohci ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0546 2560 usbohci ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0561 2560 usbprint ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0561 2560 usbprint ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0561 2560 usbscan ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0561 2560 usbscan ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0561 2560 USBSTOR ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0561 2560 USBSTOR ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0561 2560 usbuhci ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0561 2560 usbuhci ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0561 2560 vga ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0561 2560 vga ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0577 2560 VgaSave ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0577 2560 VgaSave ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0577 2560 viaagp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0577 2560 viaagp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0577 2560 ViaC7 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0577 2560 ViaC7 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0577 2560 viaide ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0577 2560 viaide ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0577 2560 viamraid ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0577 2560 viamraid ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0593 2560 volmgr ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0593 2560 volmgr ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0593 2560 volmgrx ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0593 2560 volmgrx ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0593 2560 volsnap ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0593 2560 volsnap ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0593 2560 vsmraid ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0593 2560 vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0593 2560 WacomPen ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0593 2560 WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0608 2560 Wanarp ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0608 2560 Wanarp ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0608 2560 Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0608 2560 Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0608 2560 Wd ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0608 2560 Wd ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0608 2560 Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0608 2560 Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0608 2560 WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0608 2560 WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0608 2560 WpdUsb ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0608 2560 WpdUsb ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0624 2560 ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0624 2560 ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip
18:37:16.0624 2560 WUDFRd ( LockedFile.Multi.Generic ) - skipped by user
18:37:16.0624 2560 WUDFRd ( LockedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu TR/ATRAPS.GEN, damit hat es angefangen |
| 32 bit, ad-aware, antivir, antivirus, bho, bonjour, branding, converter, entfernen, error, firefox, flash player, google, helper, install.exe, logfile, microsoft office word, mp3, object, picasa, plug-in, problem, realtek, registry, scan, searchscopes, security, senden, software, super, symantec, system, version=1.0, vista |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
