Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%

Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%


Log-Analyse und Auswertung: Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 13.07.2012, 10:29   #1
Madonis
 
Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80% - Standard

Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%


Hallo, bei mir tauchen ständig eine "Find.exe", "csrss.exe" und eine "Bump.exe" im Tast-Manager auf. Alle 3 haben keine Beschreibung. Wenn ich auf der csrss.exe Rechtsklick und Eigenschaften mache passiert nichts. Zusätzlich ist meine CPU-Auslastung immer bei ca. 80%.

Habe mir dann eben gleich mal Malwarebytes runtergeladen, es läuft gerade in diesem Moment durch. Nach beendigung poste ich denn Bericht hier in einem Spoiler.

Nach ca. 6 Minuten jetzt sind aber schon 2 Funde da und dann ist mein billig Antivir von Avira aufgegangen das ich dann gleich deaktiviert habe. Als Fund stand dort "Trojan/Rogue" oder ähnliches. Habe denn Virus nicht entfernt sondern einfach auf das kleine "X" gedrückt damit dies von Malwarebytes erledigt wird.

So, jetzt hab ich denn Bericht. Zusätzlich fiel mir noch auf das "reg.exe" auch des öffteren auftaucht.

Code:
ATTFilter
 
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.13.02

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16443
Ragulir :: RAGULIRCOMPANY [Administrator]

13.07.2012 11:21:44
mbam-log-2012-07-13 (11-21-44).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 429844
Laufzeit: 1 Stunde(n), 47 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Biveudvypo (Spyware.Zbot.RR) -> Daten: C:\Users\Ragulir\AppData\Roaming\Ykbeno\elup.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Ragulir\AppData\Roaming\Ykbeno\elup.exe (Spyware.Zbot.RR) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Dokumente und Einstellungen\Madoonis.MADONIS\Lokale Einstellungen\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ragulir\AppData\Local\Temp\ptu4A63_tmp.exe (PUP.Casino) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Nach Löschung und neu Start sind die Prozesse aber trotzdem noch da.

Zusätzlich noch ein OTL Bericht:

Code:
ATTFilter
OTL logfile created on: 13.07.2012 13:51:28 - Run 1
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Ragulir\Desktop
 Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16443)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 51,42% Memory free
4,00 Gb Paging File | 2,75 Gb Available in Paging File | 68,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 14,48 Gb Free Space | 19,43% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 80,05 Gb Free Space | 53,71% Space Free | Partition Type: NTFS
Drive H: | 6,80 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: RAGULIRCOMPANY | User Name: Ragulir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (All) ==========
 
PRC - [2012.07.13 11:18:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Ragulir\Desktop\OTL.exe
PRC - [2012.07.13 11:07:35 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
PRC - [2012.06.22 21:17:56 | 003,075,936 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2012.06.21 23:24:27 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012.06.21 23:24:27 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
PRC - [2012.05.08 12:28:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 12:28:43 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.08 12:28:42 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 12:28:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.03 08:36:00 | 017,355,912 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2012.03.13 11:06:14 | 000,583,520 | ---- | M] (Neuber Software) -- C:\Program Files\Security Task Manager\taskman.exe
PRC - [2012.03.09 01:08:28 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2011.10.21 11:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011.07.16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.05.04 06:52:12 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.08.21 07:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010.02.11 07:28:32 | 000,733,184 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009.12.04 09:48:54 | 001,728,512 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009.07.14 03:14:42 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskmgr.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:41 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe  [comLaunch]
PRC - [2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe
PRC - [2009.07.14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe
PRC - [2009.07.14 03:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2009.07.14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2009.07.14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2009.07.14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2007.08.02 21:08:00 | 000,095,504 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2005.07.12 19:57:42 | 000,278,528 | ---- | M] () -- C:\Program Files\Philips\SPC 300NC PC Camera\TrayMin300.exe
PRC - [2004.06.09 15:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\Windows\VM_STI.EXE
Code:
ATTFilter
========== Modules (All) ==========
 
MOD - [2012.07.13 11:18:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Ragulir\Desktop\OTL.exe
MOD - [2012.07.13 11:07:35 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
MOD - [2012.06.23 01:26:26 | 000,034,816 | ---- | M] () -- C:\Program Files\CCleaner\lang\lang-1031.dll
MOD - [2012.06.22 21:17:56 | 003,075,936 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
MOD - [2012.06.21 23:24:38 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2012.06.21 23:24:38 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012.06.21 23:24:38 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012.06.21 23:24:38 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012.06.21 23:24:38 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012.06.21 23:24:38 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012.06.21 23:24:38 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.06.21 23:24:38 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012.06.21 23:24:38 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012.06.21 23:24:38 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012.06.21 23:24:38 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012.06.21 23:24:38 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012.06.21 23:24:38 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012.06.21 23:24:27 | 015,192,976 | ---- | M] (Opera Software) -- C:\Program Files\Opera\Opera.dll
MOD - [2012.06.21 23:24:27 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
MOD - [2012.06.21 23:24:27 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
MOD - [2012.05.08 12:28:48 | 000,382,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
MOD - [2012.05.08 12:28:48 | 000,220,880 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\gpipc.dll
MOD - [2012.05.08 12:28:47 | 000,686,288 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
MOD - [2012.05.08 12:28:47 | 000,471,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccwgrd.dll
MOD - [2012.05.08 12:28:47 | 000,279,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccupdate.dll
MOD - [2012.05.08 12:28:47 | 000,217,296 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll
MOD - [2012.05.08 12:28:47 | 000,031,440 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccupdrc.dll
MOD - [2012.05.08 12:28:46 | 000,230,096 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccmsg.dll
MOD - [2012.05.08 12:28:46 | 000,128,208 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\cclic.dll
MOD - [2012.05.08 12:28:46 | 000,016,592 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccmainrc.dll
MOD - [2012.05.08 12:28:46 | 000,012,496 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\cclicrc.dll
MOD - [2012.05.08 12:28:46 | 000,011,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccmsgrc.dll
MOD - [2012.05.08 12:28:45 | 000,405,200 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccguard.dll
MOD - [2012.05.08 12:28:45 | 000,235,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccgrdw.dll
MOD - [2012.05.08 12:28:45 | 000,031,952 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccgrdrc.dll
MOD - [2012.05.08 12:28:44 | 000,748,240 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccgen.dll
MOD - [2012.05.08 12:28:44 | 000,052,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\ccgenrc.dll
MOD - [2012.05.08 12:28:42 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
MOD - [2012.05.08 12:28:41 | 004,447,952 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
MOD - [2012.05.08 12:28:41 | 000,058,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files\avira\antivir desktop\cfglib.dll
MOD - [2012.05.08 12:28:40 | 000,067,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avipc.dll
MOD - [2012.05.03 08:36:00 | 017,355,912 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
MOD - [2012.04.18 18:03:19 | 001,740,800 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
MOD - [2012.04.18 18:03:19 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
MOD - [2012.04.18 18:03:19 | 000,092,672 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
MOD - [2012.04.18 18:03:19 | 000,092,672 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
MOD - [2012.04.18 18:03:19 | 000,086,016 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll
MOD - [2012.04.18 18:03:19 | 000,053,248 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
MOD - [2012.04.18 18:03:19 | 000,051,712 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
MOD - [2012.04.18 18:03:19 | 000,013,312 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
MOD - [2012.04.18 18:03:18 | 000,452,608 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
MOD - [2012.04.18 18:03:18 | 000,432,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
MOD - [2012.04.18 18:03:18 | 000,142,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
MOD - [2012.04.18 18:03:18 | 000,092,160 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
MOD - [2012.04.18 18:03:16 | 003,266,560 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\vclmi.dll
MOD - [2012.04.18 18:03:16 | 000,958,464 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\utlmi.dll
MOD - [2012.04.18 18:03:16 | 000,531,456 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\xcrmi.dll
MOD - [2012.04.18 18:03:16 | 000,094,208 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll
MOD - [2012.04.18 18:03:15 | 002,186,752 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\tkmi.dll
MOD - [2012.04.18 18:03:15 | 000,529,408 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\tlmi.dll
MOD - [2012.04.18 18:03:15 | 000,358,912 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll
MOD - [2012.04.18 18:03:15 | 000,257,024 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll
MOD - [2012.04.18 18:03:15 | 000,212,992 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\ucb1.dll
MOD - [2012.04.18 18:03:14 | 002,863,616 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\svtmi.dll
MOD - [2012.04.18 18:03:13 | 000,777,216 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\svlmi.dll
MOD - [2012.04.18 18:03:13 | 000,379,904 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll
MOD - [2012.04.18 18:03:13 | 000,256,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\sotmi.dll
MOD - [2012.04.18 18:03:12 | 003,234,816 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\sfxmi.dll
MOD - [2012.04.18 18:03:11 | 001,577,984 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\sbmi.dll
MOD - [2012.04.18 18:03:08 | 000,287,232 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll
MOD - [2012.04.18 18:03:08 | 000,083,968 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\oooimprovementmi.dll
MOD - [2012.04.18 18:03:07 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.04.18 18:03:07 | 000,832,000 | ---- | M] (Oracle) -- C:\Program Files\OpenOffice.org 3\program\libdb47.dll
MOD - [2012.04.18 18:03:07 | 000,024,064 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll
MOD - [2012.04.18 18:03:06 | 013,914,112 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\program\icudt40.dll
MOD - [2012.04.18 18:03:06 | 001,649,152 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\fwkmi.dll
MOD - [2012.04.18 18:03:06 | 001,317,376 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll
MOD - [2012.04.18 18:03:06 | 001,071,616 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\program\icuin40.dll
MOD - [2012.04.18 18:03:06 | 000,951,296 | ---- | M] (IBM Corporation and others) -- C:\Program Files\OpenOffice.org 3\program\icuuc40.dll
MOD - [2012.04.18 18:03:06 | 000,869,888 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\fwemi.dll
MOD - [2012.04.18 18:03:06 | 000,311,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\fwimi.dll
MOD - [2012.04.18 18:03:06 | 000,066,560 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll
MOD - [2012.04.18 18:03:06 | 000,029,184 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\i18npapermi.dll
MOD - [2012.04.18 18:03:06 | 000,026,112 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll
MOD - [2012.04.18 18:03:05 | 000,148,480 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\emsermi.dll
MOD - [2012.04.18 18:03:03 | 000,135,680 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\deploymentmiscmi.dll
MOD - [2012.04.18 18:03:02 | 001,033,728 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\comphelp4MSC.dll
MOD - [2012.04.18 18:03:02 | 000,396,800 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll
MOD - [2012.04.18 18:03:01 | 000,700,928 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\basegfxmi.dll
MOD - [2012.04.11 12:24:33 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2012.04.11 12:24:33 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2012.04.11 12:24:33 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2012.04.11 12:24:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2012.04.11 12:24:31 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2012.04.11 12:24:31 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
MOD - [2012.04.11 12:24:31 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
MOD - [2012.04.11 12:24:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll
MOD - [2012.04.11 12:24:30 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
MOD - [2012.04.11 12:24:30 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
MOD - [2012.04.11 12:24:30 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
MOD - [2012.04.11 12:24:30 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2012.04.09 18:58:50 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012.04.09 17:57:09 | 008,778,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\Flash32_11_2_202_228.ocx
MOD - [2012.03.13 11:06:14 | 000,583,520 | ---- | M] (Neuber Software) -- C:\Program Files\Security Task Manager\taskman.exe
MOD - [2012.03.01 07:49:05 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
MOD - [2012.03.01 07:45:05 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
MOD - [2012.02.10 07:41:38 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
MOD - [2012.02.10 07:41:20 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
MOD - [2012.02.10 07:41:20 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
MOD - [2012.02.10 07:41:20 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
MOD - [2012.02.10 07:41:19 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
MOD - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2012.01.04 11:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2012.01.04 11:03:07 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
MOD - [2012.01.03 07:44:24 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2011.12.16 09:59:17 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2011.11.17 07:41:38 | 001,288,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2011.11.17 07:39:28 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
MOD - [2011.11.17 07:39:24 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2011.11.17 07:39:21 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
MOD - [2011.11.17 07:39:21 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2011.10.26 06:28:26 | 001,328,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
MOD - [2011.10.21 11:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
MOD - [2011.10.21 11:09:22 | 000,310,160 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
MOD - [2011.08.27 06:43:07 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2011.08.27 06:43:06 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2011.07.16 06:34:28 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2011.07.16 06:34:28 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2011.07.16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
MOD - [2011.06.16 06:35:50 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2011.05.04 06:53:10 | 001,553,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
MOD - [2011.03.28 20:31:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2011.03.11 07:40:24 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
MOD - [2011.03.03 07:29:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
MOD - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
MOD - [2011.02.19 23:03:12 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100u.dll
MOD - [2011.02.19 23:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
MOD - [2011.02.19 23:03:12 | 000,064,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100deu.dll
MOD - [2011.02.19 00:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
MOD - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
MOD - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
MOD - [2010.12.21 07:38:24 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2010.12.21 07:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
MOD - [2010.12.21 07:38:16 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
MOD - [2010.12.21 07:36:17 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
MOD - [2010.12.21 07:36:16 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
MOD - [2010.12.21 07:34:12 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
MOD - [2010.11.19 12:42:42 | 000,083,456 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\saxmi.dll
MOD - [2010.11.10 09:00:20 | 000,049,528 | ---- | M] (Neuber Software - www.neuber.com) -- C:\Program Files\Security Task Manager\ascode.dll
MOD - [2010.11.02 06:40:36 | 000,496,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
MOD - [2010.10.16 06:34:37 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
MOD - [2010.08.21 07:33:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010.06.29 07:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010.06.26 07:14:29 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2010.06.19 08:23:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
MOD - [2010.05.05 08:46:55 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
MOD - [2010.02.11 07:17:14 | 003,839,488 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
MOD - [2010.02.11 07:00:38 | 004,946,432 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll
MOD - [2009.12.08 13:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009.12.04 09:48:54 | 001,728,512 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
MOD - [2009.11.03 05:11:50 | 047,628,288 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
MOD - [2009.08.29 08:57:31 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2009.08.23 19:58:06 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2009.07.14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll
MOD - [2009.07.14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009.07.14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll
MOD - [2009.07.14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll
MOD - [2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2009.07.14 03:16:20 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll
MOD - [2009.07.14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll
MOD - [2009.07.14 03:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2009.07.14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2009.07.14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2009.07.14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
MOD - [2009.07.14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009.07.14 03:16:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2009.07.14 03:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
MOD - [2009.07.14 03:16:19 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
MOD - [2009.07.14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2009.07.14 03:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
MOD - [2009.07.14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
MOD - [2009.07.14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2009.07.14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2009.07.14 03:16:18 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
MOD - [2009.07.14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2009.07.14 03:16:18 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
MOD - [2009.07.14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2009.07.14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
MOD - [2009.07.14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll
MOD - [2009.07.14 03:16:18 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2009.07.14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009.07.14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009.07.14 03:16:17 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2009.07.14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009.07.14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
MOD - [2009.07.14 03:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009.07.14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009.07.14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009.07.14 03:16:17 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
MOD - [2009.07.14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009.07.14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009.07.14 03:16:17 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
MOD - [2009.07.14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009.07.14 03:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
MOD - [2009.07.14 03:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
MOD - [2009.07.14 03:16:15 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2009.07.14 03:16:15 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppcext.dll
MOD - [2009.07.14 03:16:15 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2009.07.14 03:16:15 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppcommdlg.dll
MOD - [2009.07.14 03:16:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2009.07.14 03:16:15 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
MOD - [2009.07.14 03:16:15 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
MOD - [2009.07.14 03:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll
MOD - [2009.07.14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009.07.14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll
MOD - [2009.07.14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll
MOD - [2009.07.14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009.07.14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll
MOD - [2009.07.14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009.07.14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009.07.14 03:16:14 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2009.07.14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009.07.14 03:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
MOD - [2009.07.14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
MOD - [2009.07.14 03:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009.07.14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll
MOD - [2009.07.14 03:16:13 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll
MOD - [2009.07.14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll
MOD - [2009.07.14 03:16:12 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2009.07.14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009.07.14 03:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\opengl32.dll
MOD - [2009.07.14 03:16:12 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2009.07.14 03:16:12 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
MOD - [2009.07.14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
MOD - [2009.07.14 03:16:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll
MOD - [2009.07.14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2009.07.14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
MOD - [2009.07.14 03:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDist.dll
MOD - [2009.07.14 03:16:12 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
MOD - [2009.07.14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
MOD - [2009.07.14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009.07.14 03:16:12 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
MOD - [2009.07.14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2009.07.14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
MOD - [2009.07.14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll
MOD - [2009.07.14 03:16:12 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcwum.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll
MOD - [2009.07.14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009.07.14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009.07.14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll
MOD - [2009.07.14 03:16:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
MOD - [2009.07.14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2009.07.14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2009.07.14 03:16:04 | 002,255,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
MOD - [2009.07.14 03:16:03 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
MOD - [2009.07.14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll
MOD - [2009.07.14 03:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:16:02 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2009.07.14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2009.07.14 03:16:02 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009.07.14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
MOD - [2009.07.14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
MOD - [2009.07.14 03:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
MOD - [2009.07.14 03:15:49 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
MOD - [2009.07.14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009.07.14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2009.07.14 03:15:44 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
MOD - [2009.07.14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
MOD - [2009.07.14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll
MOD - [2009.07.14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2009.07.14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009.07.14 03:15:43 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2009.07.14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009.07.14 03:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2009.07.14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2009.07.14 03:15:41 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2009.07.14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009.07.14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
MOD - [2009.07.14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
MOD - [2009.07.14 03:15:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
MOD - [2009.07.14 03:15:36 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
MOD - [2009.07.14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009.07.14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
MOD - [2009.07.14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2009.07.14 03:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
MOD - [2009.07.14 03:15:32 | 000,392,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2009.07.14 03:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009.07.14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
MOD - [2009.07.14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2009.07.14 03:15:24 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
MOD - [2009.07.14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll
MOD - [2009.07.14 03:15:24 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2009.07.14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll
MOD - [2009.07.14 03:15:22 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
MOD - [2009.07.14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll
MOD - [2009.07.14 03:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009.07.14 03:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\glu32.dll
MOD - [2009.07.14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2009.07.14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll
MOD - [2009.07.14 03:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2009.07.14 03:15:21 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
MOD - [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2009.07.14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll
MOD - [2009.07.14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
MOD - [2009.07.14 03:15:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
MOD - [2009.07.14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll
MOD - [2009.07.14 03:15:13 | 001,370,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
MOD - [2009.07.14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll
MOD - [2009.07.14 03:15:13 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
MOD - [2009.07.14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2009.07.14 03:15:13 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
MOD - [2009.07.14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2009.07.14 03:15:13 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll
MOD - [2009.07.14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
MOD - [2009.07.14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll
MOD - [2009.07.14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2009.07.14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2009.07.14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2009.07.14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2009.07.14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddrawex.dll
MOD - [2009.07.14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2009.07.14 03:15:08 | 001,826,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2009.07.14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davhlpr.dll
MOD - [2009.07.14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2009.07.14 03:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2009.07.14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
MOD - [2009.07.14 03:15:07 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
MOD - [2009.07.14 03:15:07 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
MOD - [2009.07.14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009.07.14 03:15:07 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll
MOD - [2009.07.14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
MOD - [2009.07.14 03:15:07 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
MOD - [2009.07.14 03:15:07 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
MOD - [2009.07.14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll
MOD - [2009.07.14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2009.07.14 03:15:07 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
MOD - [2009.07.14 03:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
MOD - [2009.07.14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:15:00 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
MOD - [2009.07.14 03:15:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
MOD - [2009.07.14 03:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2009.07.14 03:14:58 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
MOD - [2009.07.14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2009.07.14 03:14:57 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2009.07.14 03:14:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2009.07.14 03:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009.07.14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009.07.14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009.07.14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2009.07.14 03:14:52 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
MOD - [2009.07.14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2009.07.14 03:14:51 | 000,559,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2009.07.14 03:14:51 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
MOD - [2009.07.14 03:14:42 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskmgr.exe
MOD - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
MOD - [2009.07.14 03:14:41 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
MOD - [2009.07.14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe
MOD - [2009.07.14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
MOD - [2009.07.14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
MOD - [2009.07.14 03:14:11 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
MOD - [2009.07.14 03:14:11 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009.07.14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
MOD - [2009.07.14 03:14:08 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2009.07.14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009.07.14 03:14:08 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
MOD - [2009.07.14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
MOD - [2009.07.14 03:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll
MOD - [2009.07.14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcint.dll
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll
MOD - [2009.07.14 03:08:30 | 012,038,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
MOD - [2009.07.14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll
MOD - [2009.07.14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009.06.10 23:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll
MOD - [2009.05.07 10:53:18 | 000,106,496 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2009.05.07 10:50:46 | 000,073,728 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2008.02.14 07:57:00 | 000,094,208 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2007.08.02 21:08:30 | 000,042,256 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor_Res.dll
MOD - [2007.08.02 21:08:02 | 000,103,696 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\u32Comm.dll
MOD - [2007.08.02 21:08:00 | 000,095,504 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
MOD - [2007.08.02 21:07:56 | 000,034,064 | ---- | M] () -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
MOD - [2006.08.01 10:40:26 | 000,262,254 | ---- | M] (Vimicro) -- C:\Windows\System32\VM31bPrp.Ax
MOD - [2005.07.12 19:57:42 | 000,278,528 | ---- | M] () -- C:\Program Files\Philips\SPC 300NC PC Camera\TrayMin300.exe
MOD - [2004.06.09 15:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\Windows\VM_STI.EXE

Alt 13.07.2012, 13:08   #2
Madonis
 
Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80% - Standard

Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%


Code:
ATTFilter
========== Win32 Services (All) ==========
 
SRV - [2012.07.09 21:56:41 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 12:28:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 12:28:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.09 18:58:50 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.09 01:08:28 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (VaultSvc)
SRV - [2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (EFS)
SRV - [2011.05.24 12:35:34 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2011.05.04 06:52:12 | 000,428,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.03 07:29:23 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2011.02.19 07:33:11 | 000,802,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010.12.21 07:38:24 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010.12.21 07:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.12.21 07:38:21 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2010.11.02 06:39:32 | 000,749,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010.09.14 08:07:14 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2010.08.27 07:46:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010.08.21 07:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010.08.04 08:15:16 | 000,556,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.11 07:28:32 | 000,733,184 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.07.14 10:56:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wlms\wlms.exe -- (WLMS)
SRV - [2009.07.14 03:16:21 | 001,912,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:21 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2009.07.14 03:16:20 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2009.07.14 03:16:20 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2009.07.14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2009.07.14 03:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009.07.14 03:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009.07.14 03:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009.07.14 03:16:18 | 001,086,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2009.07.14 03:16:18 | 000,462,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2009.07.14 03:16:18 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009.07.14 03:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2009.07.14 03:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2009.07.14 03:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2009.07.14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009.07.14 03:16:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2009.07.14 03:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2009.07.14 03:16:17 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\umrdp.dll -- (UmRdpService)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2009.07.14 03:16:16 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 001,169,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2009.07.14 03:16:15 | 000,543,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2009.07.14 03:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009.07.14 03:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009.07.14 03:16:15 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2009.07.14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2009.07.14 03:16:15 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2009.07.14 03:16:15 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009.07.14 03:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009.07.14 03:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009.07.14 03:16:13 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009.07.14 03:16:13 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2009.07.14 03:16:13 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009.07.14 03:16:13 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2009.07.14 03:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\Sens.dll -- (SENS)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009.07.14 03:16:12 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009.07.14 03:16:12 | 000,330,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2009.07.14 03:16:12 | 000,327,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2009.07.14 03:16:12 | 000,285,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,162,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009.07.14 03:16:12 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2009.07.14 03:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009.07.14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2009.07.14 03:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009.07.14 03:16:03 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009.07.14 03:15:43 | 000,308,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:41 | 000,565,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2009.07.14 03:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2009.07.14 03:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009.07.14 03:15:38 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:36 | 000,189,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2009.07.14 03:15:36 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2009.07.14 03:15:35 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2009.07.14 03:15:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2009.07.14 03:15:33 | 000,497,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2009.07.14 03:15:33 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2009.07.14 03:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009.07.14 03:15:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2009.07.14 03:15:31 | 000,667,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2009.07.14 03:15:24 | 000,591,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2009.07.14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009.07.14 03:15:20 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2009.07.14 03:15:20 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2009.07.14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009.07.14 03:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009.07.14 03:15:12 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009.07.14 03:15:12 | 000,143,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dps.dll -- (DPS)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:15:07 | 000,544,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cscsvc.dll -- (CscService)
SRV - [2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009.07.14 03:15:02 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2009.07.14 03:15:02 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2009.07.14 03:15:00 | 000,102,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2009.07.14 03:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\bthserv.dll -- (bthserv)
SRV - [2009.07.14 03:14:59 | 000,493,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV)
SRV - [2009.07.14 03:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009.07.14 03:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2009.07.14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2009.07.14 03:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2009.07.14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.14 03:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009.07.14 03:14:44 | 001,202,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbengine.exe -- (wbengine)
SRV - [2009.07.14 03:14:43 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009.07.14 03:14:43 | 000,452,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds)
SRV - [2009.07.14 03:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2009.07.14 03:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009.07.14 03:14:39 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.07.14 03:14:25 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2009.07.14 03:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009.07.14 03:14:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2009.07.14 03:14:20 | 000,522,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FXSSVC.exe -- (Fax)
SRV - [2009.07.14 03:14:19 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009.07.14 03:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2009.07.14 03:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 23:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009.06.10 23:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.06.10 23:14:02 | 000,878,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (All) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva398.sys -- (XDva398)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva394.sys -- (XDva394)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\vmci.sys -- (vmci)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a9rhu4zh)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a9kwaqpv)
DRV - [2012.05.23 00:07:57 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.05.22 16:52:57 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.05.08 12:28:49 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 12:28:49 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.06 20:15:10 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2012.03.01 07:53:27 | 000,019,312 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2012.02.15 06:22:43 | 000,177,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012.02.15 06:22:18 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2012.02.01 15:18:10 | 000,046,720 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys -- (AODDriver4.1)
DRV - [2011.11.17 07:48:29 | 000,134,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2011.11.17 07:48:24 | 000,067,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2011.11.17 07:42:48 | 000,369,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\cng.sys -- (CNG)
DRV - [2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (TCPIP6)
DRV - [2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.07.09 04:26:10 | 000,222,720 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011.05.04 04:43:48 | 000,096,256 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011.05.04 04:43:41 | 000,123,392 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011.04.29 04:57:34 | 000,311,296 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011.04.29 04:57:21 | 000,309,760 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011.04.29 04:57:13 | 000,114,176 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011.04.27 04:33:46 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011.04.25 04:35:40 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD)
DRV - [2011.03.25 05:06:46 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2011.03.25 05:06:23 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2011.03.25 05:06:12 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2011.03.25 05:06:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2011.03.25 05:06:10 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2011.03.11 07:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2011.03.11 07:43:46 | 000,080,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdsata.sys -- (amdsata)
DRV - [2011.03.11 07:43:46 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdxata.sys -- (amdxata)
DRV - [2011.03.11 06:08:24 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2011.02.23 07:05:25 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2010.11.02 06:46:34 | 000,728,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010.09.17 05:10:36 | 000,596,992 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010.02.18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2010.02.11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.11.25 15:02:46 | 001,108,480 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009.10.10 04:57:31 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.26 07:58:35 | 000,194,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fvevol.sys -- (fvevol)
DRV - [2009.08.22 20:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009.07.14 03:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009.07.14 03:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,274,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp)
DRV - [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440)
DRV - [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2009.07.14 03:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:45 | 000,153,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2009.07.14 03:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2009.07.14 03:20:44 | 000,186,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009.07.14 03:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009.07.14 03:20:44 | 000,130,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2009.07.14 03:20:44 | 000,115,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2009.07.14 03:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp)
DRV - [2009.07.14 03:20:44 | 000,078,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)
DRV - [2009.07.14 03:20:44 | 000,056,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009.07.14 03:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2009.07.14 03:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2009.07.14 03:20:44 | 000,027,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2009.07.14 03:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2009.07.14 03:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2009.07.14 03:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2009.07.14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (Disk)
DRV - [2009.07.14 03:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV - [2009.07.14 03:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2009.07.14 03:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009.07.14 03:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35)
DRV - [2009.07.14 03:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp)
DRV - [2009.07.14 03:19:10 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2009.07.14 03:19:10 | 000,051,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,085,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2009.07.14 03:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp)
DRV - [2009.07.14 03:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2009.07.14 02:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2009.07.14 02:02:58 | 000,133,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (RDPDR)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:51 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 02:01:40 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2009.07.14 02:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2009.07.14 02:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2009.07.14 01:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2009.07.14 01:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2009.07.14 01:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (WANARP)
DRV - [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009.07.14 01:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009.07.14 01:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2009.07.14 01:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2009.07.14 01:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2009.07.14 01:54:35 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009.07.14 01:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2009.07.14 01:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2009.07.14 01:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2009.07.14 01:54:27 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009.07.14 01:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2009.07.14 01:54:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009.07.14 01:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2009.07.14 01:54:03 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009.07.14 01:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (Psched)
DRV - [2009.07.14 01:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2009.07.14 01:53:51 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009.07.14 01:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2009.07.14 01:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2009.07.14 01:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2009.07.14 01:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 01:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:47 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2009.07.14 01:51:39 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2009.07.14 01:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2009.07.14 01:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV - [2009.07.14 01:51:18 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2009.07.14 01:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2009.07.14 01:51:04 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009.07.14 01:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2009.07.14 01:50:56 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009.07.14 01:50:45 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2009.07.14 01:50:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2009.07.14 01:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2009.07.14 01:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2009.07.14 01:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2009.07.14 01:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2009.07.14 01:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2009.07.14 01:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.14 01:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)
DRV - [2009.07.14 01:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:45:09 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009.07.14 01:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2009.07.14 01:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2009.07.14 01:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2009.07.14 01:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2009.07.14 01:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2009.07.14 01:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2009.07.14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:30:59 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 01:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2009.07.14 01:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2009.07.14 01:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbatt.sys -- (HidBatt)
DRV - [2009.07.14 01:19:19 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev)
DRV - [2009.07.14 01:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2009.07.14 01:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv)
DRV - [2009.07.14 01:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2009.07.14 01:15:13 | 000,387,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC)
DRV - [2009.07.14 01:14:29 | 000,241,664 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009.07.14 01:14:26 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009.07.14 01:14:09 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2009.07.14 01:14:03 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009.07.14 01:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2009.07.14 01:12:59 | 000,513,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2009.07.14 01:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT)
DRV - [2009.07.14 01:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2009.07.14 01:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2009.07.14 01:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009.07.14 01:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2009.07.14 01:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2009.07.14 01:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2009.07.14 01:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2009.07.14 01:11:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2009.07.14 01:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 01:11:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bxvbdx.sys -- (b06bdrv)
DRV - [2009.07.13 23:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2009.07.13 22:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2009.04.30 07:06:56 | 000,287,008 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2005.02.26 16:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EB DA 66 8C 8E 32 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.06 20:04:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.09 21:56:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.27 22:11:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.09 21:56:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.27 22:11:30 | 000,000,000 | ---D | M]
 
[2012.04.21 13:59:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ragulir\AppData\Roaming\mozilla\Extensions
[2012.07.10 12:53:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ragulir\AppData\Roaming\mozilla\Firefox\Profiles\owwsuqhw.default\extensions
[2012.07.10 12:53:41 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Ragulir\AppData\Roaming\mozilla\Firefox\Profiles\owwsuqhw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.05.31 16:45:18 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Ragulir\AppData\Roaming\mozilla\Firefox\Profiles\owwsuqhw.default\extensions\ich@maltegoetz.de
[2012.05.14 07:43:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.07.09 21:56:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.07.09 21:56:42 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.09 21:56:39 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.09 21:56:39 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.09 21:56:39 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.09 21:56:39 | 000,003,413 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012.07.09 21:56:39 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.09 21:56:39 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.09 21:56:39 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BigDogPath] C:\Windows\VM_STI.EXE %;USB\VID_0AC8&PID_0302.DeviceDesc% File not found
O4 - HKLM..\Run: [Chew7Hale] C:\Windows\System32\hale.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [VIAAUD] C:\Program Files\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [Biveudvypo] C:\Users\Ragulir\AppData\Roaming\Ykbeno\elup.exe File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - Startup: C:\Users\Ragulir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F4B6978-402A-4968-96AC-9A4EEADD3779}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.10.06 03:27:57 | 000,000,048 | R--- | M] () - H:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1f7b9ec0-a45b-11e1-859f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1f7b9ec0-a45b-11e1-859f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{976682f1-a3df-11e1-b9a6-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{976682f1-a3df-11e1-b9a6-005056c00008}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2007.10.08 05:47:17 | 020,735,336 | R--- | M] (Flagship Studios)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.13 13:52:11 | 000,000,000 | ---D | C] -- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZZ.Z..ZZZ..Z
[2012.07.13 13:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2012.07.13 13:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2012.07.13 13:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2012.07.13 13:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.07.13 13:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.13 13:14:02 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{D51744F0-700A-45AF-A2F8-2053C8BE3EC2}
[2012.07.13 11:18:29 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Ragulir\Desktop\OTL.exe
[2012.07.13 11:16:20 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Roaming\Malwarebytes
[2012.07.13 11:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.13 11:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.13 11:15:48 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.13 11:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.13 11:15:22 | 010,063,000 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Ragulir\Desktop\mbam-setup-1.61.0.1400.exe
[2012.07.13 11:10:15 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{E92BB03D-4767-482F-A961-F07C60EFCD7E}
[2012.07.13 10:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012.07.13 09:58:37 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{06B8A41A-2E3C-47FC-B7D6-707D2EAA8CCE}
[2012.07.13 08:51:04 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Roaming\Ykbeno
[2012.07.13 08:51:04 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Roaming\Obwyaw
[2012.07.13 08:51:04 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Roaming\Avvid
[2012.07.12 11:39:04 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\adaware
[2012.07.12 11:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012.07.12 11:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012.07.12 11:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012.07.12 11:36:50 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Roaming\Ad-Aware Antivirus
[2012.07.11 11:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropica Casino
[2012.07.11 11:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\TropicaCasino
[2012.07.11 07:28:48 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\Desktop\wildkatana-ta-combat-sim-pro-d8a6410
[2012.07.09 11:04:34 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\Documents\Need for Speed World
[2012.07.08 09:00:12 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{E931C705-7158-4564-A876-F93E065546A0}
[2012.07.07 10:32:44 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{D1D0D5D4-91DD-415D-9E95-0CA2F18F5DD2}
[2012.07.07 10:32:28 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{FA356A9D-A4F3-4050-A7E5-B19330E2B02E}
[2012.07.07 08:44:32 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{90D8CD8E-F638-4EDE-ADC9-FEF957906DBF}
[2012.07.07 08:44:17 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{79F09C34-02A1-44FC-996C-70711D65623B}
[2012.07.06 08:42:15 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{5FB52941-5CED-451C-9BB6-40C558B66F1C}
[2012.07.06 03:36:37 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{EBC6675B-9854-482C-917B-040697955FE4}
[2012.07.06 03:21:55 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{463C5B07-F043-4EEE-BCB5-1797EEC49245}
[2012.07.05 00:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vegas Palms Online Casino
[2012.07.03 21:16:25 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{3CEE948E-A767-4461-9E00-D2AEE3D511F8}
[2012.07.03 21:16:13 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{447611C0-BC8C-4BFF-839D-F29ABCAB3BA0}
[2012.07.02 09:15:31 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{CFBFD3EE-7E24-4BE1-BE24-BA0212E954B2}
[2012.07.01 16:55:29 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{F5FB8263-0321-4C0E-8ED0-88C2DA82ED78}
[2012.06.29 08:06:25 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{3F5445D8-2B5B-4C39-BDFA-27CDE0490F8F}
[2012.06.29 08:06:08 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{E1C74658-9FE2-4361-818E-16C0F4B7B175}
[2012.06.27 09:00:40 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{91A4AB16-7A27-4D76-B187-8FF5EE1DE213}
[2012.06.26 09:12:58 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{E04F03C7-BA61-4C3D-846B-B949D5D462DD}
[2012.06.24 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{B5756E1A-F208-486C-8B61-7032136EA5C7}
[2012.06.24 01:00:19 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{BD8D1AC7-F679-49B2-8BBB-D952C59E1F37}
[2012.06.22 21:54:16 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\Desktop\Anwedungen und games
[2012.06.22 21:53:52 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\Desktop\Bilder
[2012.06.22 21:53:13 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\Desktop\Text Dokumente
[2012.06.22 21:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mail.Ru Games
[2012.06.22 21:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mail.Ru Games
[2012.06.22 18:31:58 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{F6552D98-3923-436B-9236-6A7406591F46}
[2012.06.21 20:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Captain Cooks Casino
[2012.06.21 13:08:55 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\Desktop\Xray+Modloader
[2012.06.18 21:33:37 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\Documents\Command & Conquer 3 Tiberium Wars
[2012.06.18 21:31:50 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2012.06.17 15:03:16 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{2ED91836-9409-4BBA-AE3B-DABD16536A64}
[2012.06.17 03:00:53 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{1A2E9A7D-9108-49D5-9C01-5E89ADF0BC93}
[2012.06.16 13:08:27 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{45E7AB1C-70EF-496D-B287-EC6806B5A333}
[2012.06.15 10:44:05 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\{F359FB01-2573-43B2-94DD-456CE8CE09BE}
[2012.06.14 22:40:05 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\Documents\Remedy
[2012.06.14 22:40:04 | 000,000,000 | ---D | C] -- C:\Users\Ragulir\AppData\Local\SKIDROW
[2012.06.14 20:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012.06.14 20:51:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012.06.14 20:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.13 13:52:29 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.13 13:46:07 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.13 13:19:43 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.13 13:19:43 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.13 13:19:43 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.13 13:19:43 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.13 13:13:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.13 13:12:57 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.13 13:09:36 | 000,015,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.13 13:09:36 | 000,015,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.13 11:19:54 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.13 11:18:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Ragulir\Desktop\OTL.exe
[2012.07.13 11:15:28 | 010,063,000 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Ragulir\Desktop\mbam-setup-1.61.0.1400.exe
[2012.07.13 11:08:06 | 000,005,105 | ---- | M] () -- C:\Windows\System32\cwlog.dtl
[2012.07.13 11:07:35 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
[2012.07.11 11:57:11 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Tropica Casino.lnk
[2012.07.11 11:55:31 | 001,172,824 | ---- | M] () -- C:\Users\Ragulir\Desktop\Tropica-Setup_bt(369169).exe
[2012.07.11 07:43:42 | 000,032,997 | ---- | M] () -- C:\Users\Ragulir\Desktop\wildkatana-ta-combat-sim-pro-d8a6410.tar.gz
[2012.07.11 07:27:54 | 000,034,935 | ---- | M] () -- C:\Users\Ragulir\Desktop\wildkatana-ta-combat-sim-pro-d8a6410.zip
[2012.07.06 03:27:28 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012.07.05 00:30:04 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Palms Online Casino.lnk
[2012.07.05 00:28:11 | 000,766,528 | ---- | M] () -- C:\Users\Ragulir\Desktop\VegasPalms.exe
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.21 20:22:02 | 000,779,664 | ---- | M] () -- C:\Users\Ragulir\Desktop\captaincooks.exe
[2012.06.21 13:08:39 | 003,982,163 | ---- | M] () -- C:\Users\Ragulir\Desktop\minecraft.zip
[2012.06.21 13:08:11 | 003,332,123 | ---- | M] () -- C:\Users\Ragulir\Desktop\Xray+Modloader.rar
[2012.06.17 19:00:00 | 012,719,641 | ---- | M] () -- C:\Users\Ragulir\Desktop\16px+[mc1.2.5]+HD+MK+GronkhDE+April+Scherz+Edition.zip
 
========== Files Created - No Company Name ==========
 
[2012.07.13 13:46:07 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.13 11:15:49 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.13 11:08:02 | 000,005,105 | ---- | C] () -- C:\Windows\System32\cwlog.dtl
[2012.07.13 11:07:35 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe
[2012.07.11 11:57:11 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Tropica Casino.lnk
[2012.07.11 11:55:29 | 001,172,824 | ---- | C] () -- C:\Users\Ragulir\Desktop\Tropica-Setup_bt(369169).exe
[2012.07.11 07:44:07 | 000,032,997 | ---- | C] () -- C:\Users\Ragulir\Desktop\wildkatana-ta-combat-sim-pro-d8a6410.tar.gz
[2012.07.11 07:27:22 | 000,034,935 | ---- | C] () -- C:\Users\Ragulir\Desktop\wildkatana-ta-combat-sim-pro-d8a6410.zip
[2012.07.06 03:27:28 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012.07.05 00:29:24 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Palms Online Casino.lnk
[2012.07.05 00:28:08 | 000,766,528 | ---- | C] () -- C:\Users\Ragulir\Desktop\VegasPalms.exe
[2012.06.21 20:21:44 | 000,779,664 | ---- | C] () -- C:\Users\Ragulir\Desktop\captaincooks.exe
[2012.06.21 13:08:28 | 003,982,163 | ---- | C] () -- C:\Users\Ragulir\Desktop\minecraft.zip
[2012.06.21 13:08:02 | 003,332,123 | ---- | C] () -- C:\Users\Ragulir\Desktop\Xray+Modloader.rar
[2012.06.17 18:59:45 | 012,719,641 | ---- | C] () -- C:\Users\Ragulir\Desktop\16px+[mc1.2.5]+HD+MK+GronkhDE+April+Scherz+Edition.zip
[2012.05.01 11:08:17 | 000,000,249 | ---- | C] () -- C:\Users\Ragulir\SciTE.session
[2012.04.09 17:06:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.09 16:33:56 | 000,704,512 | R--- | C] () -- C:\Windows\System32\cohelper.dll
[2012.04.09 16:33:56 | 000,005,940 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012.03.09 01:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 448 bytes -> C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZZ.Z..ZZZ..Z:1

< End of report >
__________________
Alt 13.07.2012, 13:10   #3
Madonis
 
Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80% - Standard

Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%


Musste alles aufteilen weil es zulang ist. Hier ist noch ein Extralog von OTL

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 13.07.2012 13:51:28 - Run 1
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Ragulir\Desktop
 Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16443)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 51,42% Memory free
4,00 Gb Paging File | 2,75 Gb Available in Paging File | 68,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 14,48 Gb Free Space | 19,43% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 80,05 Gb Free Space | 53,71% Space Free | Partition Type: NTFS
Drive H: | 6,80 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: RAGULIRCOMPANY | User Name: Ragulir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0239A4E4-80D2-442C-BC02-7485CDE4B903}" = lport=58909 | protocol=17 | dir=in | name=pando media booster | 
"{058743C2-47FC-4C71-9DE0-76EAC7995A95}" = lport=58909 | protocol=6 | dir=in | name=pando media booster | 
"{69BBAC5F-7FFB-4E1D-A407-22F3DC2C2861}" = lport=58909 | protocol=17 | dir=in | name=pando media booster | 
"{AE39685D-821D-4BC9-B8D2-04F3E0FE8E5D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{C91DB864-5633-470F-A10A-B7B3FB50248A}" = lport=58909 | protocol=6 | dir=in | name=pando media booster | 
"{DB0A4104-BFE1-4391-9D1F-66BF74A5536C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B62B5C-D9BB-4307-8281-1CC7E60C0E3D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{050BA9FD-C7AD-4E06-87E0-C47FC08F1752}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe | 
"{064689AE-B560-4C1D-857D-487F4F7B5797}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe | 
"{06D0F945-4DCE-4BAA-A58B-00548E9EBF59}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{1241F9AF-D6A6-441B-B8E2-0A7D61F2F896}" = protocol=6 | dir=in | app=c:\program files\z8games\crossfire\cf_g4box.exe | 
"{1F4B5577-9671-4AE5-8763-ACBF1EAE8D8D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{225D0505-300E-468F-A29C-930C820ACBAD}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"{275F123B-0636-47F5-A015-B6F251349EEC}" = protocol=6 | dir=in | app=c:\users\ragulir\desktop\crossfire_downloader.exe | 
"{418A6E96-4166-431A-82E4-2E3E70F51589}" = protocol=17 | dir=in | app=c:\t3fun\hellgate\hgllauncher.exe | 
"{50C88F3E-7ED4-40AB-8E16-64F141592C5A}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{7419054C-9497-4858-828B-BA5A49E657A7}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{77B0FAF9-61AC-4827-B39D-C803FD25F5EB}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"{7B36A2CB-A38E-43D5-A0F7-3009F381DB70}" = protocol=6 | dir=in | app=c:\program files\youwave_android\vb\vboxsdl.exe | 
"{7FF2A22C-DB75-4D49-9F43-CFCE7D25184B}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe | 
"{8054A136-6FFA-494B-8DDE-A2C26E4ECA61}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe | 
"{84907EDA-2956-4C84-902F-6223C338E6CB}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{9C174B0A-2E51-43A5-98FC-765DEC2CE469}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{A21AD520-AF34-46FB-9F2B-CCA2A30F6AE3}" = protocol=17 | dir=in | app=c:\users\ragulir\desktop\crossfire_downloader.exe | 
"{A27ADED3-F9B5-4A62-91BD-AA3818CB5C91}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{A769A907-DBBE-43D6-9536-FD40EC881BD7}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{A952DB36-5F6D-4560-A900-18050938D6F4}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{B189D1AC-5B68-4146-A57D-5F02FAFA42BF}" = protocol=17 | dir=in | app=c:\program files\youwave_android\vb\vboxsdl.exe | 
"{DD6A415C-E367-422C-9C80-4BB2D5912C7A}" = protocol=6 | dir=in | app=c:\t3fun\hellgate\hgllauncher.exe | 
"{E5C42B83-F85B-449A-9628-EFF84A8B6AE8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{E5F3D9BF-BD9E-415B-9329-DAA181199280}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EF26B9AD-B14A-471F-AEBF-CCC8A5E98538}" = protocol=17 | dir=in | app=c:\program files\z8games\crossfire\cf_g4box.exe | 
"TCP Query User{286E6E1D-A9D5-4C90-9B4A-F22A6147A5A9}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe | 
"TCP Query User{B8DFA973-37A2-4E50-BF87-F6109474B94C}C:\program files\youwave_android\vb\vboxsdl.exe" = protocol=6 | dir=in | app=c:\program files\youwave_android\vb\vboxsdl.exe | 
"TCP Query User{BCD5EF4F-2D51-470B-825E-6F854F1B1C4F}F:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=f:\programdata\electronic arts\need for speed world\data\nfsw.exe | 
"TCP Query User{DE6F67CF-0DB7-4012-9774-876CA0635BFD}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{4EED95BA-1A8E-46F7-8EF1-A026030DFC52}C:\program files\youwave_android\vb\vboxsdl.exe" = protocol=17 | dir=in | app=c:\program files\youwave_android\vb\vboxsdl.exe | 
"UDP Query User{8EBD687A-19FE-45DA-A313-BBCE1539267E}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{A6F25A34-1B7E-49D4-8097-FEAC1581B8C5}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe | 
"UDP Query User{D4D56ACB-28C6-4825-889E-3134949C511D}F:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=f:\programdata\electronic arts\need for speed world\data\nfsw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A590981-75A9-B968-4A29-718E5A8E1416}" = CCC Help Dutch
"{0AC07A77-0511-4904-9FA1-616DC9BEF50D}" = Gunblade Saga
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E6B8EA7-4FDF-F730-8F28-05720874BE71}" = CCC Help Chinese Traditional
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{1003E625-BE5B-390B-7B60-D483D0B75A26}" = CCC Help Russian
"{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact X3
"{1690611F-D4EA-A00D-DAAD-91D216869679}" = CCC Help Polish
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{23E445D5-FD83-4C50-A211-EB26A2975317}" = Adobe Flash Professional CS5.5
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26EED5E6-EC40-35A9-602A-C3CF03A9C1E6}" = CCC Help Portuguese
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{2C33E65D-9187-8F2E-40D8-BD9E24E341FB}" = CCC Help Italian
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{36B6FF8B-38E3-E64C-F840-75F6AAEBE3EA}" = Catalyst Control Center Graphics Previews Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38F6C932-2274-4897-479D-03AA6BA5B567}" = CCC Help Turkish
"{3AB00888-CA03-0BFD-3F3C-C877767192B0}" = CCC Help Swedish
"{3ACA2563-E786-BDD4-C87B-09909BB3F61C}" = CCC Help Thai
"{3AF144F9-849D-DEDA-BA4F-2EBA94A3CF10}" = ccc-utility
"{3BC2C64B-0DA0-974B-6311-AED4F3711DCE}" = CCC Help Danish
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42F71230-AB79-C3CF-2958-1F3F91B75BA6}" = AMD Fuel
"{46EE2498-853A-FF8C-12E9-06E0FE279536}" = AMD Catalyst Install Manager
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"{5BAC4DE5-4062-EE34-3337-5F92FE5D5032}" = CCC Help Spanish
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65DF3688-6EF3-4C86-83DE-54AB46029F07}" = Hellgate
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{7ADCABE0-E651-6EA5-5128-26E203DAA5E1}" = CCC Help Korean
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F80DAA3-8A1D-09E9-57E6-DB0223CF2CE4}" = CCC Help French
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{AFC71277-DE19-6505-8CBC-71D29163F44A}" = CCC Help German
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B06DEEF2-9F64-4C04-84E7-D56CD9BF85BE}" = MAGIX Music Maker MX Download-Version
"{B3406262-5701-E9CC-D6B3-BA38C34125A9}" = CCC Help English
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5B6078F-5D37-A122-2E6E-EDC623E8C787}" = CCC Help Czech
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7068E1F-22C6-9408-7B24-584F32F66D70}" = CCC Help Finnish
"{C87B855D-DD8F-E419-C640-34936E813EA9}" = CCC Help Greek
"{CC2BAF9A-926F-791D-772C-F582CD8A47B0}" = Catalyst Control Center InstallProxy
"{CE1CA06F-0AD8-CA2A-3A3A-872E8191C198}" = CCC Help Norwegian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CECECCED-B7F3-B1A3-3241-0C5D775F8E70}" = CCC Help Chinese Standard
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D37A77C2-DA76-481E-9272-AB4994A92296}" = MAGIX Screenshare
"{D3CEF909-78DC-9D3D-37BD-52F5324C01DA}" = CCC Help Hungarian
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E12A328A-7F9C-48FB-9E98-F51549FEC2B6}" = Philips SPC 300NC PC Camera
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.079
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F1EA61A2-B88F-44AD-3143-419ECB6C7E9A}" = CCC Help Japanese
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{F6567C5A-C3EA-2E05-E89E-C8C52E33150D}" = Catalyst Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE54AF33-9364-7053-670F-A15AD658214C}" = Catalyst Control Center Localization All
"5513-1208-7298-9440" = JDownloader 0.9
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AutoItv3" = AutoIt v3.3.8.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"captaincooks" = Captain Cooks Casino
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Cross Fire_is1" = Cross Fire En
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileZilla Client" = FileZilla Client 3.2.7.1
"InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact X3
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"MAGIX_MSI_mm18" = MAGIX Music Maker MX Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.00.1467" = Opera 12.00
"platinumplay" = Platinum Play Online Casino
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Security Task Manager" = Security Task Manager 1.8d
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TropicaCasino" = Tropica Casino
"vegaspalms" = Vegas Palms Online Casino
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.07.2012 20:06:31 | Computer Name = RagulirCompany | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Z8Games\crossfire\Aegis64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 09.07.2012 20:07:56 | Computer Name = RagulirCompany | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Sony\sony
 pc companion\Drivers\DPInst64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 10.07.2012 10:21:20 | Computer Name = RagulirCompany | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nfsw.exe, Version: 1.0.0.991, Zeitstempel:
 0x4fea0bb4  Name des fehlerhaften Moduls: nfsw.exe, Version: 1.0.0.991, Zeitstempel:
 0x4fea0bb4  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00513f7b  ID des fehlerhaften Prozesses:
 0x754  Startzeit der fehlerhaften Anwendung: 0x01cd5ea6f7ee67e8  Pfad der fehlerhaften
 Anwendung: F:\ProgramData\Electronic Arts\Need For Speed World\Data\nfsw.exe  Pfad
 des fehlerhaften Moduls: F:\ProgramData\Electronic Arts\Need For Speed World\Data\nfsw.exe
Berichtskennung:
 8453bac8-ca9a-11e1-98b4-d444c5f7d013
 
Error - 10.07.2012 13:42:28 | Computer Name = RagulirCompany | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.9.0.115, Zeitstempel:
 0x4fa23462  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915, Zeitstempel:
 0x4ec49caf  Ausnahmecode: 0xc0000264  Fehleroffset: 0x0009fcc9  ID des fehlerhaften Prozesses:
 0x1608  Startzeit der fehlerhaften Anwendung: 0x01cd5e5205751f00  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Skype\Phone\Skype.exe  Pfad des fehlerhaften Moduls: 
C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 9d6553c9-cab6-11e1-98b4-d444c5f7d013
 
Error - 12.07.2012 21:18:29 | Computer Name = RagulirCompany | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Z8Games\crossfire\Aegis64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 12.07.2012 21:21:31 | Computer Name = RagulirCompany | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Sony\sony
 pc companion\Drivers\DPInst64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 13.07.2012 02:51:34 | Computer Name = RagulirCompany | Source = Software Protection Platform Service | ID = 1017
Description = Fehler bei der Installation des Kaufnachweises. 0xC004F015  Teil-Pkey=HYRR2
ACID=7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Genauer
 Fehler[?]  
 
Error - 13.07.2012 03:56:00 | Computer Name = RagulirCompany | Source = EventSystem | ID = 4621
Description = 
 
Error - 13.07.2012 04:38:03 | Computer Name = RagulirCompany | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary
 SbFw.  System Error: Das System kann die angegebene Datei nicht finden.  .
 
Error - 13.07.2012 04:57:49 | Computer Name = RagulirCompany | Source = EventSystem | ID = 4621
Description = 
 
[ System Events ]
Error - 23.06.2012 18:59:26 | Computer Name = RagulirCompany | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?24.?06.?2012 um 00:57:07 unerwartet heruntergefahren.
 
Error - 23.06.2012 18:59:26 | Computer Name = RAGULIRCOMPANY | Source = BugCheck | ID = 1001
Description = 
 
Error - 23.06.2012 21:17:15 | Computer Name = RagulirCompany | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 07.07.2012 04:30:27 | Computer Name = RagulirCompany | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?07.?2012 um 10:27:12 unerwartet heruntergefahren.
 
Error - 09.07.2012 20:21:37 | Computer Name = RagulirCompany | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 12.07.2012 21:26:04 | Computer Name = RagulirCompany | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 13.07.2012 04:59:22 | Computer Name = RagulirCompany | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 13.07.2012 05:09:36 | Computer Name = RagulirCompany | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 13.07.2012 07:08:05 | Computer Name = RagulirCompany | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.
 
Error - 13.07.2012 07:13:30 | Computer Name = RagulirCompany | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
 
< End of report >
--- --- ---


Nun ging wieder Avita auf und er hat "
Name: EXP/JAVA.Ternub.Gen" Gefunden. Habe das Teil in die Quarantäne verschoben und lasse gerade ESET weiterlaufen der jetzt bereits bei 25% bei 5 funden ist.

Bericht füge ich am Ende hinzu
__________________
Geändert von Madonis (13.07.2012 um 13:55 Uhr)

Antwort

Themen zu Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%
antivir, avira, bericht, cpu, cpu-auslastung, csrss.exe, deaktiviert, eigenschaften, einfach, entfernt, erledigt, funde, heuristiks/extra, heuristiks/shuriken, kleine, malwarebytes, minute, minuten, poste, pup.bundleinstaller.somoto, rechtsklick, runtergeladen, schaf, spyware.zbot.rr, task-manager, tauchen, troja, virus, wrapper, zusätzlich


« Infizierte Dateien nach MalwareScan- Trojaner auf PC?! | automatischer Versand von Emails durch gmx »


Ähnliche Themen: Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%


  1. Trojaner auf Windows XP tauchen immer wieder auf
    Log-Analyse und Auswertung - 04.04.2014 (16)
  2. Explorer stürzt ab -> cmd.exe, bump.exe und find.exe?
    Log-Analyse und Auswertung - 02.02.2014 (7)
  3. bump.exe + find.exe! CPU Auslastung zwischen 65 - 90 %
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (23)
  4. Youtube nicht erreichbar (csrss im Task-Manager)
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (5)
  5. find.exe, bump.exe, cmd.exe starten immer wieder und kann nichts auf eine SD Karte schreiben
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  6. Trojaner: TR/ATRAPS.Gen2 und TR/Siref.Ag.35 tauchen immer wieder auf
    Plagegeister aller Art und deren Bekämpfung - 26.06.2012 (13)
  7. BKA-Trojaner: Wie bekomme ich wieder Zugriff auf meinen Task-Manager?
    Log-Analyse und Auswertung - 27.03.2012 (1)
  8. Bump.exe Find.exe Cmd.exe und Co. 100% CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 21.01.2012 (3)
  9. tpnumlk.exe , csrss.exe , winlogon.exe ohne Benutzer und Beschreibung im Task-Manager (Win7)
    Plagegeister aller Art und deren Bekämpfung - 01.12.2011 (21)
  10. atiecixx.exe , csrss.exe , winlogon.exe ohne Benutzer und Beschreibung im Task-Manager (Win7)
    Plagegeister aller Art und deren Bekämpfung - 28.10.2011 (7)
  11. bump.exe , find.exe und verlangsamtest Internet
    Plagegeister aller Art und deren Bekämpfung - 08.02.2011 (3)
  12. CPU Auslastung durch bump.exe und find.exe
    Log-Analyse und Auswertung - 08.02.2011 (7)
  13. Dropper.Gen und Crypt.XPACK.Gen 3 tauchen immer wieder auf
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (3)
  14. Internet Explorer immer im Task Manager
    Log-Analyse und Auswertung - 03.10.2008 (2)
  15. iexplore.exe erscheint immer wieder im Task-Manager
    Log-Analyse und Auswertung - 10.08.2008 (3)
  16. Task-Manager funkt nimmer und windows will wieder aktiviert werden...
    Plagegeister aller Art und deren Bekämpfung - 20.02.2007 (3)
  17. Duobleklick.net und ähnliche tauchen immer wieder auf!
    Plagegeister aller Art und deren Bekämpfung - 01.11.2005 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80% - Hallo, bei mir tauchen ständig eine "Find.exe", "csrss.exe" und eine "Bump.exe" im Tast-Manager auf. Alle 3 haben keine Beschreibung. Wenn ich auf der csrss.exe Rechtsklick und Eigenschaften mache passiert nichts. - Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%...
Archiv
Du betrachtest: Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80% auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19