| |
| |||||||
Log-Analyse und Auswertung: Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim SurfenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
30.05.2011, 10:19
| #1 |
 |  Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Hallo, ich habe mir gestern dummerweise Windows Vista Recovery eingefangen, konnte es aber dank eurer Anleitung entfernen. Ich führte einen Scan mit Malwarebytes Anti-Malware durch, die 8 gefunden infizierten Objekte entfernte. Bei meinen Daten, die infolgedessen versteckt waren, hab ich den Haken bei "versteckt" rausgenommen, sodass dabei wieder alles beim Alten zu sein scheint. Dafür schonmal ein großes Dankeschön an euch. Allerdings tritt beim Surfen über kurz oder lang immer wieder ein Problem auf, und zwar dass ich keine Seite mehr erreichen kann. Die Fehlermeldung sieht dann meist so (oder so ähnlich) aus: "Invalid URL The requested URL "/", is invalid. Reference #9.36447b5c.1306745311.23c5495b" oder "domain suspended" oder "404 Not Found". Nach einem Neustart des Computers funktioniert das Ganze wieder für ein paar Minuten/Seiten. Ich habe erfolgreich einen Scan mit OTL durchgeführt und wollte auch einen mit GMER machen. Dabei erschien aber kurze Zeit nach dem Starten des Scans die Meldung, dass das Programm nicht mehr funktioniert. OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 30.05.2011 09:57:00 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Benni\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,73% Memory free
4,22 Gb Paging File | 3,29 Gb Available in Paging File | 77,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 45,68 Gb Free Space | 21,11% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 53,33 Gb Free Space | 49,74% Space Free | Partition Type: NTFS
Computer Name: BENNI-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20656_none_463680b8218be5a3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AVKProxy) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG)
SRV - (AVKService) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG)
SRV - (AVKWCtl) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ==========
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G DATA Software AG)
DRV - (GDTdiInterceptor) -- C:\Windows\System32\drivers\GDTdiIcpt.sys ()
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G DATA Software AG)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ViPrt) -- C:\Windows\system32\DRIVERS\ViPrt.sys (VIA Technologies, Inc.)
DRV - (ViBus) -- C:\Windows\system32\DRIVERS\ViBus.sys (VIA Technologies, Inc.)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.30 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 10:38:49 | 000,000,000 | ---D | M]
[2008.08.28 06:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions
[2011.05.30 09:12:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions
[2011.03.04 18:26:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.26 19:15:00 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.06 15:13:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.04 21:30:55 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.14 06:39:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.01.09 11:29:03 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.05.06 15:13:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\engine@conduit.com
[2009.11.15 19:14:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\moveplayer@movenetworks.com
[2009.12.15 08:07:32 | 000,000,881 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\conduit.xml
[2011.05.30 09:13:22 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-1.xml
[2009.07.23 12:55:55 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-2.xml
[2009.08.04 12:30:33 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-3.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin.xml
[2008.04.11 18:47:21 | 000,000,273 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\search.xml
[2011.05.30 09:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2009.06.07 12:48:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.21 09:44:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.01.05 09:22:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O4 - HKLM..\Run: [AVKTray] C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
O4 - HKLM..\Run: [recinfo294] c:\RecInfo\RecInfo.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [mmplayer.exe] C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Öffnen mit WordPerfect - c:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Benni\Pictures\schweiz.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benni\Pictures\schweiz.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.05.30 09:36:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe
[2011.05.30 09:24:58 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr
[2011.05.29 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Malwarebytes
[2011.05.29 18:37:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.29 18:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.29 18:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.29 18:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.05.29 17:40:41 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011.05.26 19:14:34 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\ICQ
[4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.05.30 09:49:45 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.05.30 09:47:38 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.30 09:47:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.30 09:47:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.30 09:47:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.30 09:47:20 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.30 09:36:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe
[2011.05.30 09:24:57 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr
[2011.05.30 09:15:49 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.30 08:47:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.29 19:16:17 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011.05.29 18:37:05 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.29 17:50:12 | 000,000,384 | ---- | M] () -- C:\ProgramData\21815056
[2011.05.29 17:47:36 | 000,000,136 | ---- | M] () -- C:\ProgramData\~21815056r
[2011.05.29 17:47:36 | 000,000,128 | ---- | M] () -- C:\ProgramData\~21815056
[2011.05.29 09:27:42 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
[2011.05.26 23:09:58 | 000,000,012 | ---- | M] () -- C:\Users\Benni\Desktop\prefs.dat
[2011.05.26 18:09:28 | 000,204,800 | ---- | M] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.08 20:48:34 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.08 20:48:34 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.08 20:48:34 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.08 20:48:34 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.01 20:23:35 | 000,000,852 | ---- | M] () -- C:\Users\Benni\.recently-used.xbel
[4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.05.30 09:15:49 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.05.30 09:15:49 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.29 19:16:16 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.05.29 18:37:05 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.29 17:40:54 | 000,000,136 | ---- | C] () -- C:\ProgramData\~21815056r
[2011.05.29 17:40:54 | 000,000,128 | ---- | C] () -- C:\ProgramData\~21815056
[2011.05.29 17:40:11 | 000,000,384 | ---- | C] () -- C:\ProgramData\21815056
[2011.05.01 20:23:35 | 000,000,852 | ---- | C] () -- C:\Users\Benni\.recently-used.xbel
[2010.04.26 10:32:22 | 000,000,680 | ---- | C] () -- C:\Users\Benni\AppData\Local\d3d9caps.dat
[2010.01.06 01:05:46 | 000,004,096 | ---- | C] () -- C:\Users\Benni\AppData\Local\keyfile3.drm
[2009.11.13 18:00:47 | 000,005,732 | ---- | C] () -- C:\Windows\unins000.dat
[2008.09.22 20:48:40 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.09.05 14:39:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.03.15 13:18:57 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2008.02.20 19:27:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.01.07 19:29:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.01.04 23:58:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.12.30 14:26:56 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007.12.26 10:55:31 | 000,204,800 | ---- | C] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.16 04:23:40 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.11.16 04:23:39 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.11.16 04:19:21 | 000,039,120 | ---- | C] () -- C:\Windows\System32\drivers\GDTdiIcpt.sys
[2007.11.16 04:17:26 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2006.11.02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 17:33:31 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,382,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.08.11 10:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== LOP Check ==========
[2011.01.15 13:57:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Any Video Converter
[2011.04.05 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ChessBase
[2011.04.19 09:33:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.01 06:35:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\foobar2000
[2010.09.10 01:02:50 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\FreeFLVConverter
[2011.05.26 19:15:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ
[2008.01.03 17:16:18 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ Toolbar
[2009.11.17 21:08:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\JBF Software
[2009.10.27 17:28:54 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Leadertech
[2008.01.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\MAGIX
[2008.04.10 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Qlikworld
[2010.06.06 16:51:00 | 000,000,364 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2011.05.30 09:46:24 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.05.29 09:27:42 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2009.01.06 22:49:34 | 000,024,064 | ---- | M] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc
[2009.01.06 22:49:33 | 000,024,064 | ---- | C] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc
< End of report >
Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 30.05.2011 09:57:00 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Benni\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,73% Memory free
4,22 Gb Paging File | 3,29 Gb Available in Paging File | 77,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 45,68 Gb Free Space | 21,11% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 53,33 Gb Free Space | 49,74% Space Free | Partition Type: NTFS
Computer Name: BENNI-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B3D0503-A807-4ADF-8CD5-F2EE7ABE00FF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{623AFFD2-26F3-42E0-ADDB-B6F7B75D1259}" = lport=0 | protocol=6 | dir=in | name=magix upnp media server |
"{6315AACB-EBD5-483D-BCBC-F6428A40D850}" = lport=1900 | protocol=17 | dir=in | name=microsoft upnp-port (udp) |
"{9875426E-394D-4786-88F1-06A0C11DDF5A}" = lport=2869 | protocol=6 | dir=in | name=microsoft upnp-port (tcp) |
"{F466CB2B-C01A-4D8F-B501-89ACB55C39DF}" = lport=9000 | protocol=6 | dir=in | name=magix upnp media server |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16F692D4-6FC2-4FC9-B968-A50664CFF9B2}" = protocol=6 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{23D099FD-D69F-447C-A472-9859AB60CA6D}" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"{450CCA17-0E24-410C-BE56-298104A6702E}" = protocol=17 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{EFDD1B3C-855B-4224-8FFE-C00FF1A9C048}" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{09F83561-971C-48E3-AD5B-6ED6EECA2FC8}C:\bluebyte\siedler3\s3.exe" = protocol=6 | dir=in | app=c:\bluebyte\siedler3\s3.exe |
"TCP Query User{1A9A90E3-2A83-4B15-B5F9-FAD2284A2F04}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{280DF8E3-64B1-44F1-B8B1-BC7807F09EE8}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{2EE6A014-F488-494B-BCEE-0FB31AA55C00}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{4D44949E-74F9-4825-B34C-4D4AFF9959F1}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"TCP Query User{6C679089-D391-4A0C-BF58-45ABED1FDDAF}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{6FC509E2-7E2F-4393-8269-881494EF5929}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{7FEADA26-6CBE-4FFF-98EF-D06B853E55D2}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{7FF4F91D-4651-48C7-A522-4BB0C92545F9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{B1D7A58A-F625-4F75-BFCF-B32554D12910}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{B26D4A4B-AD32-4785-A395-631C478B76F7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{BEFE1D79-8B8F-4C1C-BDBC-6C86926776AF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C260BB8B-BFCD-4B2E-A2ED-1A2A811D76CB}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{C3FB0E17-DF17-4623-8310-AFE533A8E37B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{DCF30CB2-E64C-46E1-BA1C-920E835D4647}C:\program files\sopcast\sopvod.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopvod.exe |
"TCP Query User{DE34F050-A652-41CB-A991-38453F7C7182}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0A8AEAB7-C370-4A46-AA83-C8C7A37986AE}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{23D22D3D-B8C1-4DF2-8128-E53C564BD128}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{241A3218-9EAC-4DA1-8B4A-A95F2FC539B2}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{2CA08231-E2AA-43AE-A177-808CCEBA71BF}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{31D007D8-C561-40C2-8EE8-BC74F56FA5CB}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{56E88A37-4B22-4AFE-B9F9-3F45DAFD8C7F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{57CEBCC4-0CD2-48EA-8055-64FA1D5C2452}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{978FA28F-CED2-4A4B-8F99-FA8FCB5783B9}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{97FFEF9A-CFEB-419A-B514-FC578E86E571}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{B7860D3C-2C90-4CDC-AE8F-1B173151350E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{B8CD15AA-A8C4-4D7B-A542-7F7834DEA11A}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{BA205C2B-58DF-4664-9175-2C1CAA0F6802}C:\program files\sopcast\sopvod.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopvod.exe |
"UDP Query User{BE06FD49-C71A-4AC9-94B7-D4592FCB7ABF}C:\bluebyte\siedler3\s3.exe" = protocol=17 | dir=in | app=c:\bluebyte\siedler3\s3.exe |
"UDP Query User{D85EA8A0-AA22-4601-A6FE-EC6909197042}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DDB5A942-1E69-480B-8BAB-008D990D89B1}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{DE3B5D5A-64D3-413A-942F-CF8D306BD603}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06238444-BD04-417E-859A-C2543A784272}" = Fritz7 Demo
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1A637513-CC46-4C3B-8114-1E4F1D71CF42}" = Fritz11 WM Edition
"{1AD2EC5E-9A73-452B-8C87-43D2E32C3831}" = Fritz11 WM Edition
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 23
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D0FEAB4-5D81-4461-A9CA-766B530FC6EA}" = G DATA AntiVirenKit
"{4DECFC9F-2310-4C02-009A-B6758306EF00}" = FIFA 06
"{52537172-CBB0-44C4-BBB4-CC992BAF81F4}" = Playchess
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{552C5B4A-595F-4FA6-B2AD-2F1B2A333CE5}" = Fritz7
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6803A6E6-48FF-48AB-B558-7B651BBE1031}" = Nero 8 Essentials
"{70D9854A-CEF5-4BCF-B37A-0AA1AB0A83CF}" = Playchess
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{84F7CAD9-2316-4701-B5CA-E90FD60029E9}" = ANNO 1602
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D794373D-4197-4F77-AB73-5404A005E043}" = Mathematik interaktiv
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Any Video Converter_is1" = Any Video Converter 2.7.2
"Arena 2.0.1_is1" = Arena 2.0.1
"Big Fish Games Center" = Big Fish Games Center (remove only)
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"BitComet FLV Converter" = BitComet FLV Converter 1.0
"Blue Byte Game Channel" = Blue Byte Game Channel
"bowili-Schach" = bowili-Schach
"Cradle of Rome" = Cradle of Rome (remove only)
"ÐÂÀËÖ±²¥" = ÐÂÀËÖ±²¥
"DivX Setup.divx.com" = DivX-Setup
"FarmingSimulator2009DemoDE_is1" = Landwirtschafts-Simulator 2009 Demo
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"foobar2000" = foobar2000 v1.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Converter_is1" = Free Audio Converter version 2.0
"Free FLV Converter_is1" = Free FLV Converter V 6.92.0
"Free YouTube Download_is1" = Free YouTube Download version 2.10.30
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Indeo® software" = Indeo® software
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 4.2.0.79 (D)
"MAGIX Media Suite D" = MAGIX Media Suite 1.12.0.89 (D)
"MAGIX Music Manager 2007 D" = MAGIX Music Manager 2007 8.2.0.144 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX Ringtone Maker SE D" = MAGIX Ringtone Maker SE 3.1.0.4 (D)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"phase5" = phase5
"Poker Superstars II" = Poker Superstars II (remove only)
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"S2TNG" = Die Siedler II - Die nächste Generation
"S3" = Die Siedler III Gold Edition
"S4Uninst" = Die Siedler IV
"Sea3D_is1" = Sea3D 1.2.0a
"Sevilla" = Sevilla
"SopCast" = SopCast 2.0.4
"Trillian" = Trillian
"TVUPlayer" = TVUPlayer 2.3.4.1
"Uninstall_is1" = Uninstall 1.0.0.1
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"WinGimp-2.0_is1" = GIMP 2.6.3
"WinRAR archiver" = WinRAR
"Worms Armageddon" = Worms Armageddon
"Zattoo" = Zattoo 3.2.4 Beta
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"Kellogg's Clip Studio" = Kellogg's Clip Studio
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.01.2010 08:39:28 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 12.01.2010 12:29:47 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 12.01.2010 15:48:31 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.01.2010 13:26:34 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 13.01.2010 13:27:14 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.01.2010 14:34:08 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.01.2010 15:29:45 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 14.01.2010 07:11:45 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 14.01.2010 09:53:32 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.01.2010 10:49:18 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 14.05.2011 01:07:29 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 19.05.2011 00:29:51 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 19.05.2011 15:19:21 | Computer Name = Benni-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 19.05.2011 um 19:43:44 unerwartet heruntergefahren.
Error - 19.05.2011 15:24:33 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 26.05.2011 00:30:18 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 26.05.2011 13:15:15 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 29.05.2011 11:44:57 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 29.05.2011 11:52:04 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 29.05.2011 12:02:49 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 29.05.2011 12:34:38 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
|
|
30.05.2011, 15:31
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim SurfenZitat:
__________________ |
|
01.06.2011, 17:32
| #3 |
| | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Also, das Problem, dass ich nach einiger Zeit keine Seite mehr erreichen kann, besteht nicht mehr (was ich in keinerlei logischen Zusammenhang bringen kann).
__________________Allerdings gibt es immer noch einige Dinge, die so vorher nicht waren: Browser sind allgemein ziemlich langsam (z.B. Zoomen bei Google Maps dauert gefühlt ne halbe Ewigkeit); die Fehlermeldung "COM Surrogate funktioniert nicht mehr" erscheint; vereinzelt treten Programmabstürze auf; einige Symbole im Infobereich in der Taskleiste funktionieren nicht oder Ähnliches. Die Malware-Logs: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6716 Windows 6.0.6000 Internet Explorer 7.0.6000.17037 29.05.2011 18:52:20 mbam-log-2011-05-29 (18-52-20).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 154394 Laufzeit: 12 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 11 Infizierte Registrierungswerte: 4 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 2 Infizierte Dateien: 10 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DAED9266-8C28-4C1C-8B58-5C66EFF1D302} (Search.Hijacker) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E596DF5F-4239-4D40-8367-EBADF0165917} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\videoPl.chl (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UtYUtxpPbB (Trojan.FakeMS) -> Value: UtYUtxpPbB -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Value: *.securewebinfo.com -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Value: *.safetyincludes.com -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Value: *.securemanaging.com -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\program files\winspykiller (Rogue.WinSpyKiller) -> Quarantined and deleted successfully. c:\Windows\System32\215651 (Trojan.BHO) -> Quarantined and deleted successfully. Infizierte Dateien: c:\programdata\utyutxppbb.exe (Trojan.FakeMS) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\tmp950B.tmp (Trojan.FakeMS) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\tmpB37F.tmp (Trojan.FakeMS) -> Quarantined and deleted successfully. c:\Users\Benni\favorites\online security test.url (Rogue.Link) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\d.exe (Trojan.Dropper) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\zfe1.exe (Trojan.Zlob) -> Quarantined and deleted successfully. c:\programdata\21815056.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\program files\winspykiller\uninstall.exe (Rogue.WinSpyKiller) -> Quarantined and deleted successfully. c:\program files\winspykiller\winspykiller.lic (Rogue.WinSpyKiller) -> Quarantined and deleted successfully. c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> Delete on reboot. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6716 Windows 6.0.6000 Internet Explorer 7.0.6000.17037 29.05.2011 21:03:15 mbam-log-2011-05-29 (21-03-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 353661 Laufzeit: 1 Stunde(n), 43 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
01.06.2011, 20:50
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim SurfenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.06.2011, 20:06
| #5 |
| | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6770 Windows 6.0.6000 Internet Explorer 7.0.6000.17037 04.06.2011 20:57:43 mbam-log-2011-06-04 (20-57-43).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 389760 Laufzeit: 3 Stunde(n), 14 Minute(n), 27 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 1 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 26 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: c:\Users\Benni\jload6D.dll (Heuristics.Shuriken) -> Delete on reboot. Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvCplDaemonTool (Heuristics.Shuriken) -> Value: NvCplDaemonTool -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Users\Benni\jload6D.dll (Heuristics.Shuriken) -> Delete on reboot. c:\Users\Benni\lploadc30.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\mloadAD.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\nyload3A.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.2934952303762567.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.3094727627273879.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.458513860754307.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.7053708425996243.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.7229964146657314.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.7291026526857309.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.8045349063284447.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.8778943844370323.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\0.9866139895409552.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\14B7.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\1DFE.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\2A04.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\32FD.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\93D0.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\A8EE.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\AEC5.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Local\Temp\C3A5.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanndiskur98.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanpdiskb82.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanudiskh68.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanxdiskbk86.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scandisk.lnk (Trojan.Downloader) -> Quarantined and deleted successfully. |
|
05.06.2011, 12:59
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Bitte ein frisches OTL-Log erstellen: CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ --> Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen |
|
05.06.2011, 17:32
| #7 |
| | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.06.2011 18:11:22 - Run 2 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Benni\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 62,02% Memory free 4,22 Gb Paging File | 3,21 Gb Available in Paging File | 76,01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 216,41 Gb Total Space | 43,98 Gb Free Space | 20,32% Space Free | Partition Type: NTFS Drive D: | 107,22 Gb Total Space | 53,33 Gb Free Space | 49,74% Space Free | Partition Type: NTFS Drive E: | 65,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: BENNI-PC | User Name: Benni | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Benni\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG) PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG) PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG) PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG) PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers) PRC - C:\Windows\System32\PSIService.exe () PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Benni\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20656_none_463680b8218be5a3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (AVKProxy) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG) SRV - (AVKService) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG) SRV - (AVKWCtl) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG) SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers) SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G DATA Software AG) DRV - (GDTdiInterceptor) -- C:\Windows\System32\drivers\GDTdiIcpt.sys () DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G DATA Software AG) DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation) DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation) DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (ViPrt) -- C:\Windows\system32\DRIVERS\ViPrt.sys (VIA Technologies, Inc.) DRV - (ViBus) -- C:\Windows\system32\DRIVERS\ViBus.sys (VIA Technologies, Inc.) DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.30 09:15:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 10:38:49 | 000,000,000 | ---D | M] [2008.08.28 06:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions [2011.06.02 12:14:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions [2011.03.04 18:26:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.05.26 19:15:00 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.05.06 15:13:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.04 21:30:55 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.14 06:39:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.01.09 11:29:03 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2011.05.06 15:13:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\engine@conduit.com [2009.11.15 19:14:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\moveplayer@movenetworks.com [2009.12.15 08:07:32 | 000,000,881 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\conduit.xml [2011.06.02 08:20:28 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-1.xml [2009.07.23 12:55:55 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-2.xml [2009.08.04 12:30:33 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-3.xml [2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin.xml [2008.04.11 18:47:21 | 000,000,273 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\search.xml [2011.05.30 09:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2009.06.07 12:48:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.04.21 09:44:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.01.05 09:22:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI () (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH) O4 - HKLM..\Run: [AVKTray] C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation) O4 - HKLM..\Run: [recinfo294] c:\RecInfo\RecInfo.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKCU..\Run: [EA Core] File not found O4 - HKCU..\Run: [mmplayer.exe] C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe () O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Öffnen mit WordPerfect - c:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta () O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Benni\Pictures\schweiz.jpg O24 - Desktop BackupWallPaper: C:\Users\Benni\Pictures\schweiz.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009.08.24 03:46:54 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LGInstaller.exe -- [2009.08.24 06:53:34 | 000,307,200 | R--- | M] () O33 - MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\Shell - "" = AutoRun O33 - MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\Shell\AutoRun\command - "" = L:\LGAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation) Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation) Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.yvu9 - C:\Windows\System32\Iyvu9_32.dll () CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.05.30 19:43:00 | 000,000,000 | ---D | C] -- C:\Users\Benni\Documents\LG PC Suite IV [2011.05.30 19:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite IV [2011.05.30 19:43:00 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Local\LG Electronics [2011.05.30 19:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\LG Electronics [2011.05.30 19:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics [2011.05.30 11:56:46 | 000,000,000 | ---D | C] -- C:\Users\Benni\Desktop\Microsoft Word [2011.05.30 09:36:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe [2011.05.30 09:24:58 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr [2011.05.29 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Malwarebytes [2011.05.29 18:37:04 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.29 18:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.05.29 18:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.05.29 18:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.05.29 18:35:24 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Benni\Desktop\mbam-setup.exe [2011.05.29 17:40:41 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery [2011.05.26 19:14:34 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\ICQ [4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.05 17:34:42 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.05 17:34:42 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.05 17:24:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.05 16:09:22 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job [2011.06.05 15:23:20 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.06.05 12:01:19 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.05 12:01:19 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.05 12:01:19 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.05 12:01:19 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.05 08:34:54 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.05 08:34:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.05 08:34:36 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys [2011.06.01 15:50:34 | 000,210,432 | ---- | M] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.30 19:43:00 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\LG PC Suite IV.lnk [2011.05.30 10:08:29 | 000,302,592 | ---- | M] () -- C:\Users\Benni\Desktop\glg10gfb.exe [2011.05.30 09:36:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe [2011.05.30 09:24:57 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr [2011.05.30 09:15:49 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.05.29 19:16:17 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE [2011.05.29 18:37:05 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.05.29 18:35:33 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Benni\Desktop\mbam-setup.exe [2011.05.29 17:50:12 | 000,000,384 | ---- | M] () -- C:\ProgramData\21815056 [2011.05.29 17:47:36 | 000,000,136 | ---- | M] () -- C:\ProgramData\~21815056r [2011.05.29 17:47:36 | 000,000,128 | ---- | M] () -- C:\ProgramData\~21815056 [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.26 23:09:58 | 000,000,012 | ---- | M] () -- C:\Users\Benni\Desktop\prefs.dat [4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.05.30 19:43:00 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\LG PC Suite IV.lnk [2011.05.30 10:08:30 | 000,302,592 | ---- | C] () -- C:\Users\Benni\Desktop\glg10gfb.exe [2011.05.30 09:15:49 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.05.30 09:15:49 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.05.29 19:16:16 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2011.05.29 18:37:05 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.05.29 17:40:54 | 000,000,136 | ---- | C] () -- C:\ProgramData\~21815056r [2011.05.29 17:40:54 | 000,000,128 | ---- | C] () -- C:\ProgramData\~21815056 [2011.05.29 17:40:11 | 000,000,384 | ---- | C] () -- C:\ProgramData\21815056 [2010.04.26 10:32:22 | 000,000,680 | ---- | C] () -- C:\Users\Benni\AppData\Local\d3d9caps.dat [2010.01.06 01:05:46 | 000,004,096 | ---- | C] () -- C:\Users\Benni\AppData\Local\keyfile3.drm [2009.11.13 18:00:47 | 000,005,732 | ---- | C] () -- C:\Windows\unins000.dat [2009.08.19 09:26:48 | 000,005,632 | ---- | C] () -- C:\Windows\System32\StarOpen.sys [2008.09.22 20:48:40 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008.09.05 14:39:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2008.03.15 13:18:57 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll [2008.02.20 19:27:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2008.01.07 19:29:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2008.01.04 23:58:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2007.12.30 14:26:56 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2007.12.26 10:55:31 | 000,210,432 | ---- | C] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.11.16 04:23:40 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2007.11.16 04:23:39 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.11.16 04:19:21 | 000,039,120 | ---- | C] () -- C:\Windows\System32\drivers\GDTdiIcpt.sys [2007.11.16 04:17:26 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll [2006.11.02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe [2006.11.02 17:33:31 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,382,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2006.08.11 10:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll [2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI ========== LOP Check ========== [2011.01.15 13:57:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Any Video Converter [2011.04.05 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ChessBase [2011.04.19 09:33:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers [2011.04.01 06:35:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\foobar2000 [2010.09.10 01:02:50 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\FreeFLVConverter [2011.05.26 19:15:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ [2008.01.03 17:16:18 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ Toolbar [2009.11.17 21:08:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\JBF Software [2009.10.27 17:28:54 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Leadertech [2008.01.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\MAGIX [2008.04.10 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Qlikworld [2010.06.06 16:51:00 | 000,000,364 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job [2011.06.05 02:24:11 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.06.05 16:09:22 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2009.08.23 13:53:27 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Adobe [2011.01.15 13:57:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Any Video Converter [2008.06.20 21:56:11 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Apple Computer [2011.04.05 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ChessBase [2008.10.26 19:34:41 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\COREL [2010.09.30 15:03:24 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DivX [2011.06.01 15:55:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\dvdcss [2011.04.19 09:33:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers [2011.04.01 06:35:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\foobar2000 [2010.09.10 01:02:50 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\FreeFLVConverter [2008.10.08 22:56:38 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Google [2011.05.26 19:15:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ [2008.01.03 17:16:18 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ Toolbar [2007.12.24 19:05:09 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Identities [2007.12.25 15:48:36 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\InstallShield [2008.02.26 17:41:21 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\InstallShield Installation Information [2009.11.17 21:08:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\JBF Software [2009.10.27 17:28:54 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Leadertech [2007.12.25 15:44:39 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Macromedia [2008.01.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\MAGIX [2011.05.29 18:37:17 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Malwarebytes [2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Media Center Programs [2010.01.16 03:44:19 | 000,000,000 | --SD | M] -- C:\Users\Benni\AppData\Roaming\Microsoft [2009.05.07 16:13:17 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\mIRC [2008.08.28 06:59:02 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Mozilla [2008.01.24 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Nero [2008.04.10 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Qlikworld [2008.09.11 16:51:47 | 000,000,000 | R--D | M] -- C:\Users\Benni\AppData\Roaming\SecuROM [2008.01.07 16:22:21 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\TVU Networks [2008.11.11 15:36:24 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\vlc [2007.12.28 11:41:22 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2009.08.23 13:53:27 | 000,032,768 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe [2006.06.21 16:10:16 | 000,107,512 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Benni\AppData\Roaming\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\setup.exe [2011.04.30 10:36:39 | 000,188,152 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\FlashGot.exe [2008.08.22 20:19:47 | 005,244,440 | ---- | M] (TVU networks) -- C:\Users\Benni\AppData\Roaming\TVU Networks\TVU AutoUpgrade\TVUPlayer2.3.7.1.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2007.11.03 01:26:51 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\drivers\AGP440.sys [2007.11.03 01:26:51 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_cb7c81c7\AGP440.sys [2007.11.03 01:26:51 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20598_none_b85cfa98dae9b436\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2007.11.03 01:53:24 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\System32\drivers\atapi.sys [2007.11.03 01:53:24 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_44b6b0d0\atapi.sys [2007.11.03 01:53:24 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20694_none_db7e36353dc64123\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2007.07.12 16:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\drivers\iaStor.sys [2007.07.12 16:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_ec8a8d1b\iaStor.sys < MD5 for: IASTORV.SYS > [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll [2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys < MD5 for: NVSTOR32.SYS > [2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=703E3A7093B0FAC0EEBADBB8E931ECAF -- C:\Windows\System32\drivers\nvstor32.sys [2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=703E3A7093B0FAC0EEBADBB8E931ECAF -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_bbf77119\nvstor32.sys < MD5 for: SCECLI.DLL > [2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll [2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll < MD5 for: USER32.DLL > [2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll [2007.11.03 01:17:10 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2007.11.03 01:17:10 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20587_none_cb8c4940898e24a6\user32.dll < MD5 for: USERINIT.EXE > [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: VIAMRAID.SYS > [2006.11.08 15:23:52 | 000,102,912 | ---- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Windows\System32\drivers\viamraid.sys [2006.11.08 15:23:52 | 000,102,912 | ---- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Windows\System32\DriverStore\FileRepository\viamraid.inf_74a36694\viamraid.sys < MD5 for: VIPRT.SYS > [2007.03.26 15:26:00 | 000,052,224 | -H-- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\DRIVER\SATA\VIA\ViPrt.sys [2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\Windows\System32\drivers\ViPrt.sys [2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\Windows\System32\DriverStore\FileRepository\viprt.inf_86543378\ViPrt.sys < MD5 for: WININIT.EXE > [2007.11.03 01:17:50 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=39D959CD9F3BC44F78DB3C6588AAC3FE -- C:\Windows\System32\wininit.exe [2007.11.03 01:17:50 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=39D959CD9F3BC44F78DB3C6588AAC3FE -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.20593_none_2f37c4ba208e02ab\wininit.exe [2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe < MD5 for: WINLOGON.EXE > [2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2007.11.03 01:17:50 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\System32\winlogon.exe [2007.11.03 01:17:50 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.20593_none_6e080d01f12ed7fe\winlogon.exe < MD5 for: WS2IFSL.SYS > [2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys [2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2007.11.16 13:05:03 | 008,011,776 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2007.11.16 13:05:00 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2007.11.16 13:05:03 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2007.11.16 13:05:12 | 016,478,208 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2007.11.16 13:05:14 | 006,029,312 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > ========== Files - Unicode (All) ========== [2009.01.06 22:49:34 | 000,024,064 | ---- | M] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc [2009.01.06 22:49:33 | 000,024,064 | ---- | C] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc < End of report > |
|
05.06.2011, 18:18
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [mmplayer.exe] C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.08.24 03:46:54 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LGInstaller.exe -- [2009.08.24 06:53:34 | 000,307,200 | R--- | M] ()
O33 - MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\Shell - "" = AutoRun
O33 - MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\Shell\AutoRun\command - "" = L:\LGAutoRun.exe
[2011.05.29 17:50:12 | 000,000,384 | ---- | M] () -- C:\ProgramData\21815056
[2011.05.29 17:47:36 | 000,000,136 | ---- | M] () -- C:\ProgramData\~21815056r
[2011.05.29 17:47:36 | 000,000,128 | ---- | M] () -- C:\ProgramData\~21815056
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.06.2011, 23:04
| #9 |
| | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Also, die von mir o.g. Probleme treten nicht mehr auf. Was mir noch häufiger passiert ist, dass, wenn ich etwas google und einen Treffer anklicke, nicht bei der entsprechenden Adresse lande, sondern zu einer anderen Seite weitergeleitet (lt. Chronik über clickbattery.org) werde, z.B. gomeo.de mit der entsprechenden Suchanfrage. - Nur zur Info; ob sich noch schadhafte Dateien aufm Rechner befinden vermag ich natürlich nicht zu beurteilen. Ich bitte zu entschuldigen, dass meine Antworten z.T. etwas länger dauern, habe nicht immer Zeit. Der OTL-Log: ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mmplayer.exe deleted successfully. C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe moved successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. File move failed. E:\autorun.inf scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\ not found. File move failed. E:\LGInstaller.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\ not found. File L:\LGAutoRun.exe not found. C:\ProgramData\21815056 moved successfully. C:\ProgramData\~21815056r moved successfully. C:\ProgramData\~21815056 moved successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.23.0 log created on 06102011_233601 Files\Folders moved on Reboot... File move failed. E:\autorun.inf scheduled to be moved on reboot. File move failed. E:\LGInstaller.exe scheduled to be moved on reboot. Registry entries deleted on Reboot... |
|
10.06.2011, 23:09
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.06.2011, 07:42
| #11 |
| | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Der tdsskiller startet leider nicht (öffnen, "Ausführen", "Zulassen" -> es passiert aber nichts; egal ob als Administrator ausgeführt oder nicht). Unhide.exe habe ich durchgeführt. |
|
15.06.2011, 09:25
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Dann erstmal CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.06.2011, 10:51
| #13 |
| | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen log.txt: Combofix Logfile: Code:
ATTFilter ComboFix 11-06-14.03 - Benni 15.06.2011 11:26:46.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.49.1031.18.2046.1380 [GMT 2:00]
ausgeführt von:: c:\users\Benni\Desktop\cofi.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\firststeps\FirstSteps.exe
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Uninstall Windows Vista Recovery.lnk
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Windows Vista Recovery.lnk
c:\vlcportable\VLCPortable.exe
c:\windows\IsUn0407.exe
.
Infizierte Kopie von c:\windows\system32\drivers\volsnap.sys wurde gefunden und desinfiziert
Kopie von - Kitty had a snack :p wurde wiederhergestellt
.
((((((((((((((((((((((( Dateien erstellt von 2011-05-15 bis 2011-06-15 ))))))))))))))))))))))))))))))
.
.
2011-06-15 09:39 . 2011-06-15 09:39 -------- d-----w- c:\users\Benni\AppData\Local\temp
2011-06-14 08:13 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{334B8D97-A823-4200-87FD-2D3A6DDCC38B}\mpengine.dll
2011-06-10 21:36 . 2011-06-10 21:36 -------- d-----w- C:\_OTL
2011-06-07 20:19 . 2011-06-07 20:19 -------- d-----w- c:\program files\ICQ7.5
2011-06-06 06:18 . 2011-06-06 06:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-30 17:43 . 2011-05-30 17:43 -------- d-----w- c:\users\Benni\AppData\Local\LG Electronics
2011-05-30 17:42 . 2011-05-30 17:42 -------- d-----w- c:\programdata\LG Electronics
2011-05-30 17:36 . 2011-05-30 17:42 -------- d-----w- c:\program files\LG Electronics
2011-05-29 17:16 . 2011-05-29 17:16 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2011-05-29 16:37 . 2011-05-29 16:37 -------- d-----w- c:\users\Benni\AppData\Roaming\Malwarebytes
2011-05-29 16:37 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 16:37 . 2011-05-29 16:37 -------- d-----w- c:\programdata\Malwarebytes
2011-05-29 16:36 . 2011-06-04 15:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-26 17:14 . 2011-06-13 22:01 -------- d-----w- c:\users\Benni\AppData\Roaming\ICQ
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-14 16:40 . 2011-05-30 07:15 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-09 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-06-01 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-01 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-01 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"AVKTray"="c:\programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe" [2007-04-02 1042256]
"QuickFinder Scheduler"="c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-02 83568]
"recinfo294"="c:\recinfo\RecInfo.exe" [2007-10-23 2764800]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R2 gupdate1ca232a51e4fcef;Google Update Service (gupdate1ca232a51e4fcef);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 133104]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 133104]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S0 ViBus;ViBus;c:\windows\system32\DRIVERS\ViBus.sys [2007-03-26 16896]
S0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\DRIVERS\ViPrt.sys [2007-03-26 52224]
S2 AVKProxy;AVKProxy;c:\program files\Common Files\G DATA\AVKProxy\AVKProxy.exe [2007-05-03 649040]
S2 AVKService;AVK Service;c:\programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe [2007-04-02 407376]
S2 AVKWCtl;AVK Wächter;c:\programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe [2007-04-02 1103696]
S2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [2007-11-16 39120]
S3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2007-11-16 47312]
S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2007-11-16 32464]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2011-06-15 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-25 07:02]
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 13:12]
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 13:12]
.
2011-06-14 c:\windows\Tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Free YouTube Download - c:\users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Öffnen mit WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Arena 2.0.1_is1 - c:\program files\Arena\unins000.exe
AddRemove-Free Audio CD Burner_is1 - c:\program files\DVDVideoSoft\Free Audio CD Burner\unins000.exe
AddRemove-Free Audio Converter_is1 - c:\program files\DVDVideoSoft\Free Audio Converter\unins000.exe
AddRemove-Free YouTube Download_is1 - c:\program files\DVDVideoSoft\Free YouTube Download\unins000.exe
AddRemove-Free YouTube to MP3 Converter_is1 - c:\program files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe
AddRemove-Indeo® software - c:\windows\IsUn0407.exe
AddRemove-S3 - c:\windows\IsUn0407.exe
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
AddRemove-Worms Armageddon - c:\windows\IsUn0407.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - c:\program files\DivX\DivXConverterUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-06-15 11:39
Windows 6.0.6000 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2633572158-1646373292-2735752979-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:50,0a,50,08,29,5d,c2,b1,b5,bd,c7,dd,57,b5,02,78,db,84,3d,89,71,6b,27,
48,a2,dc,08,0c,80,4e,7b,8f,7d,33,f6,a3,6f,1b,d3,91,05,f6,a7,81,41,c2,e4,ee,\
"??"=hex:5c,28,08,0f,b3,90,cc,0d,18,7c,f1,23,8f,38,a5,94
.
[HKEY_USERS\S-1-5-21-2633572158-1646373292-2735752979-1000\Software\SecuROM\License information*]
"datasecu"=hex:3e,c6,97,b4,3e,41,8c,50,ae,62,bd,7c,72,b2,ff,d3,03,52,98,6a,b2,
22,f6,94,8d,6c,a0,1d,cc,cf,40,ac,65,6c,1d,5f,04,b4,1c,e5,86,b9,c7,ff,f5,01,\
"rkeysecu"=hex:1f,6b,1f,a7,d3,fa,b6,5b,8f,80,32,f9,c0,08,88,70
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-06-15 11:45:00
ComboFix-quarantined-files.txt 2011-06-15 09:44
.
Vor Suchlauf: 22 Verzeichnis(se), 46.015.336.448 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 51.804.418.048 Bytes frei
.
- - End Of File - - A6B24A6323DB42BA67D41AF7B32D3D92
|
|
15.06.2011, 12:07
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Ok. Dann probier jetzt nochmal den TDSS-Killer, der sollte jetzt laufen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.06.2011, 16:01
| #15 |
| | Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen In der Tat. 2011/06/15 16:57:45.0738 5780 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48 2011/06/15 16:57:45.0957 5780 ================================================================================ 2011/06/15 16:57:45.0957 5780 SystemInfo: 2011/06/15 16:57:45.0957 5780 2011/06/15 16:57:45.0957 5780 OS Version: 6.0.6000 ServicePack: 0.0 2011/06/15 16:57:45.0957 5780 Product type: Workstation 2011/06/15 16:57:45.0957 5780 ComputerName: BENNI-PC 2011/06/15 16:57:45.0973 5780 UserName: Benni 2011/06/15 16:57:45.0973 5780 Windows directory: C:\Windows 2011/06/15 16:57:45.0973 5780 System windows directory: C:\Windows 2011/06/15 16:57:45.0973 5780 Processor architecture: Intel x86 2011/06/15 16:57:45.0973 5780 Number of processors: 2 2011/06/15 16:57:45.0973 5780 Page size: 0x1000 2011/06/15 16:57:45.0973 5780 Boot type: Normal boot 2011/06/15 16:57:45.0973 5780 ================================================================================ 2011/06/15 16:57:51.0285 5780 !crdlk 2011/06/15 16:57:51.0691 5780 Initialize success 2011/06/15 16:57:56.0160 5576 ================================================================================ 2011/06/15 16:57:56.0160 5576 Scan started 2011/06/15 16:57:56.0160 5576 Mode: Manual; 2011/06/15 16:57:56.0160 5576 ================================================================================ 2011/06/15 16:57:57.0191 5576 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys 2011/06/15 16:57:57.0285 5576 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2011/06/15 16:57:57.0379 5576 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2011/06/15 16:57:57.0535 5576 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2011/06/15 16:57:57.0582 5576 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2011/06/15 16:57:57.0754 5576 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys 2011/06/15 16:57:57.0832 5576 agp440 (198636e76971ebc96404547ec0fd5e75) C:\Windows\system32\drivers\agp440.sys 2011/06/15 16:57:57.0926 5576 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/06/15 16:57:58.0113 5576 aliide (0b3b337a68d9a75cc8d787dc98b53d79) C:\Windows\system32\drivers\aliide.sys 2011/06/15 16:57:58.0176 5576 amdagp (2363abc8989a14fd7247ca6f4e89d397) C:\Windows\system32\drivers\amdagp.sys 2011/06/15 16:57:58.0301 5576 amdide (468a204966d09f327a662c35f4b15dd3) C:\Windows\system32\drivers\amdide.sys 2011/06/15 16:57:58.0379 5576 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2011/06/15 16:57:58.0426 5576 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2011/06/15 16:57:58.0582 5576 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2011/06/15 16:57:58.0645 5576 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2011/06/15 16:57:58.0738 5576 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/06/15 16:57:58.0801 5576 atapi (0b77f93ab73798f97e8e0a0aa4ccbeef) C:\Windows\system32\drivers\atapi.sys 2011/06/15 16:57:59.0004 5576 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys 2011/06/15 16:57:59.0098 5576 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys 2011/06/15 16:57:59.0145 5576 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/06/15 16:57:59.0223 5576 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/06/15 16:57:59.0285 5576 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/06/15 16:57:59.0395 5576 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/06/15 16:57:59.0441 5576 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/06/15 16:57:59.0535 5576 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/06/15 16:57:59.0582 5576 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/06/15 16:57:59.0832 5576 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys 2011/06/15 16:57:59.0879 5576 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys 2011/06/15 16:58:00.0004 5576 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2011/06/15 16:58:00.0051 5576 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys 2011/06/15 16:58:00.0207 5576 cmdide (2ac0c92b29ec21838f4cb46adb26bcc0) C:\Windows\system32\drivers\cmdide.sys 2011/06/15 16:58:00.0301 5576 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys 2011/06/15 16:58:00.0363 5576 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2011/06/15 16:58:00.0426 5576 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2011/06/15 16:58:00.0629 5576 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys 2011/06/15 16:58:00.0785 5576 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys 2011/06/15 16:58:00.0863 5576 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys 2011/06/15 16:58:00.0926 5576 DXGKrnl (2d13d9e98caf6321f219b28921af214c) C:\Windows\System32\drivers\dxgkrnl.sys 2011/06/15 16:58:01.0004 5576 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/06/15 16:58:01.0176 5576 Ecache (38573398f734b71b06cd2411494f234a) C:\Windows\system32\drivers\ecache.sys 2011/06/15 16:58:01.0379 5576 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2011/06/15 16:58:01.0551 5576 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys 2011/06/15 16:58:01.0598 5576 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2011/06/15 16:58:01.0738 5576 FET5X86V (8787449f8ef116db0e8e06c3555746a7) C:\Windows\system32\DRIVERS\fetnd5bv.sys 2011/06/15 16:58:01.0832 5576 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys 2011/06/15 16:58:01.0895 5576 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys 2011/06/15 16:58:01.0941 5576 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys 2011/06/15 16:58:02.0004 5576 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/06/15 16:58:02.0051 5576 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys 2011/06/15 16:58:02.0145 5576 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys 2011/06/15 16:58:02.0191 5576 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2011/06/15 16:58:02.0238 5576 GDMnIcpt (e07bb6d958dc2a000065c9e696050fae) C:\Windows\system32\drivers\MiniIcpt.sys 2011/06/15 16:58:02.0270 5576 GDTdiInterceptor (11ac049160d70280aa6e3f77c07f8909) C:\Windows\system32\drivers\GDTdiIcpt.sys 2011/06/15 16:58:02.0457 5576 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/06/15 16:58:02.0520 5576 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/06/15 16:58:02.0676 5576 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/06/15 16:58:02.0723 5576 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/06/15 16:58:02.0801 5576 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys 2011/06/15 16:58:02.0848 5576 HookCentre (4d7b09a5dbd7d711d82b3c7385405229) C:\Windows\system32\drivers\HookCentre.sys 2011/06/15 16:58:02.0973 5576 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2011/06/15 16:58:03.0066 5576 HTTP (481b86e8939289f77fbcea1b24cec687) C:\Windows\system32\drivers\HTTP.sys 2011/06/15 16:58:03.0191 5576 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2011/06/15 16:58:03.0270 5576 i8042prt (bea9838cd25d36beba3f94386a761d60) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/06/15 16:58:03.0348 5576 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\drivers\iastor.sys 2011/06/15 16:58:03.0520 5576 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2011/06/15 16:58:03.0598 5576 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/06/15 16:58:03.0707 5576 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys 2011/06/15 16:58:04.0020 5576 intelide (4a6b4c4fab7716c869fa9d19ac8ca5a5) C:\Windows\system32\drivers\intelide.sys 2011/06/15 16:58:04.0082 5576 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys 2011/06/15 16:58:04.0270 5576 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2011/06/15 16:58:04.0301 5576 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys 2011/06/15 16:58:04.0426 5576 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys 2011/06/15 16:58:04.0473 5576 isapnp (ce2997a0c3b0049a3188c4f0c7a04bc9) C:\Windows\system32\drivers\isapnp.sys 2011/06/15 16:58:04.0535 5576 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/06/15 16:58:04.0629 5576 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/06/15 16:58:04.0691 5576 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/06/15 16:58:04.0754 5576 JRAID (c1632fe31d1824a43dea29725312e3fa) C:\Windows\system32\drivers\jraid.sys 2011/06/15 16:58:04.0832 5576 kbdclass (c9b0cf786d5f151a43c7be8e243f2819) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/06/15 16:58:04.0895 5576 kbdhid (97ab2fb84e8e77d93cee85550f4cf7f9) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/06/15 16:58:04.0957 5576 KSecDD (b6fac1ff7d4a05c06da9e53dbf5e9e7a) C:\Windows\system32\Drivers\ksecdd.sys 2011/06/15 16:58:05.0160 5576 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys 2011/06/15 16:58:05.0223 5576 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2011/06/15 16:58:05.0363 5576 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2011/06/15 16:58:05.0441 5576 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2011/06/15 16:58:05.0488 5576 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys 2011/06/15 16:58:05.0598 5576 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2011/06/15 16:58:05.0660 5576 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys 2011/06/15 16:58:05.0801 5576 monitor (ee05f7a5e2cefb275b08f3e3fcc2a8eb) C:\Windows\system32\DRIVERS\monitor.sys 2011/06/15 16:58:05.0863 5576 mouclass (4a00b3cf90ad075193ca5aeece71154c) C:\Windows\system32\DRIVERS\mouclass.sys 2011/06/15 16:58:05.0910 5576 mouhid (8d9b701d716843c39e93b3432cb721fc) C:\Windows\system32\DRIVERS\mouhid.sys 2011/06/15 16:58:05.0957 5576 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys 2011/06/15 16:58:06.0004 5576 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2011/06/15 16:58:06.0066 5576 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys 2011/06/15 16:58:06.0129 5576 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/06/15 16:58:06.0191 5576 MRxDAV (08f0c494a69cf3106ee7ffc48d8e5ac7) C:\Windows\system32\drivers\mrxdav.sys 2011/06/15 16:58:06.0270 5576 mrxsmb (bbb0d31b477cff3b4f737ed0367f635f) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/06/15 16:58:06.0410 5576 mrxsmb10 (a6130566ac4178473b5dac8f8f74407d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/06/15 16:58:06.0473 5576 mrxsmb20 (3d475e770d3ab2d0c5e3e1386871f9da) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/06/15 16:58:06.0535 5576 msahci (13fa01d10c95762e3e191bb023dfa8cc) C:\Windows\system32\drivers\msahci.sys 2011/06/15 16:58:06.0613 5576 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2011/06/15 16:58:06.0770 5576 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys 2011/06/15 16:58:06.0816 5576 msisadrv (0a64168b63535520adfd6b959695404a) C:\Windows\system32\drivers\msisadrv.sys 2011/06/15 16:58:06.0926 5576 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys 2011/06/15 16:58:07.0051 5576 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/06/15 16:58:07.0113 5576 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys 2011/06/15 16:58:07.0160 5576 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys 2011/06/15 16:58:07.0348 5576 mssmbios (e09cedb1bca303b7f6ae22f512e56969) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/06/15 16:58:07.0410 5576 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys 2011/06/15 16:58:07.0457 5576 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys 2011/06/15 16:58:07.0598 5576 NativeWifiP (be8c26e61be5c5a49a6babd17aeed1b7) C:\Windows\system32\DRIVERS\nwifi.sys 2011/06/15 16:58:07.0707 5576 NDIS (6e8dfface597629cef5df7d69217628f) C:\Windows\system32\drivers\ndis.sys 2011/06/15 16:58:07.0785 5576 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/06/15 16:58:07.0910 5576 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/06/15 16:58:07.0973 5576 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/06/15 16:58:08.0098 5576 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys 2011/06/15 16:58:08.0254 5576 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys 2011/06/15 16:58:08.0316 5576 netbt (231f6ccfdb7a604221f18fb0852c8560) C:\Windows\system32\DRIVERS\netbt.sys 2011/06/15 16:58:08.0473 5576 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/06/15 16:58:08.0551 5576 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys 2011/06/15 16:58:08.0645 5576 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys 2011/06/15 16:58:08.0801 5576 Ntfs (f08824715ca6076f5e73e005ab83b9c8) C:\Windows\system32\drivers\Ntfs.sys 2011/06/15 16:58:09.0035 5576 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/06/15 16:58:09.0082 5576 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys 2011/06/15 16:58:09.0285 5576 nvlddmkm (0ad2e0a3933aac2a392f0c6a68e2d2f8) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/06/15 16:58:09.0691 5576 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2011/06/15 16:58:09.0801 5576 nvrd32 (ed399014a8029de02ba5ae01da8cc9ee) C:\Windows\system32\drivers\nvrd32.sys 2011/06/15 16:58:09.0879 5576 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2011/06/15 16:58:09.0941 5576 nvstor32 (703e3a7093b0fac0eebadbb8e931ecaf) C:\Windows\system32\drivers\nvstor32.sys 2011/06/15 16:58:10.0113 5576 nv_agp (925eb9e53eca4473a2d156a02b7418e3) C:\Windows\system32\drivers\nv_agp.sys 2011/06/15 16:58:10.0254 5576 ohci1394 (8994cbfc215a9ef4495e6ae7992954fc) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/06/15 16:58:10.0441 5576 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/06/15 16:58:10.0488 5576 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys 2011/06/15 16:58:10.0629 5576 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/06/15 16:58:10.0676 5576 pci (a48c4d0acc933f7a37e52ab0761811ad) C:\Windows\system32\drivers\pci.sys 2011/06/15 16:58:10.0816 5576 pciide (353968946bcb766f6c5c01717686b382) C:\Windows\system32\drivers\pciide.sys 2011/06/15 16:58:10.0895 5576 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/06/15 16:58:11.0035 5576 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/06/15 16:58:11.0223 5576 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys 2011/06/15 16:58:11.0285 5576 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2011/06/15 16:58:11.0441 5576 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys 2011/06/15 16:58:11.0535 5576 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2011/06/15 16:58:11.0723 5576 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/06/15 16:58:11.0785 5576 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys 2011/06/15 16:58:11.0957 5576 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys 2011/06/15 16:58:12.0004 5576 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/06/15 16:58:12.0160 5576 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/06/15 16:58:12.0207 5576 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys 2011/06/15 16:58:12.0348 5576 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/06/15 16:58:12.0441 5576 rdpdr (87ee019fe9fbff071d76ccf9ec794646) C:\Windows\system32\drivers\rdpdr.sys 2011/06/15 16:58:12.0598 5576 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys 2011/06/15 16:58:12.0660 5576 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys 2011/06/15 16:58:12.0832 5576 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys 2011/06/15 16:58:12.0879 5576 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/06/15 16:58:13.0004 5576 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/06/15 16:58:13.0051 5576 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys 2011/06/15 16:58:13.0176 5576 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys 2011/06/15 16:58:13.0270 5576 sermouse (2baf2abc0da0d50ebe8289c720977052) C:\Windows\system32\drivers\sermouse.sys 2011/06/15 16:58:13.0441 5576 sffdisk (55b145d4248012d306da8e92fa9fdc20) C:\Windows\system32\drivers\sffdisk.sys 2011/06/15 16:58:13.0473 5576 sffp_mmc (b86dfcd55294a0495571a27b861e6ef3) C:\Windows\system32\drivers\sffp_mmc.sys 2011/06/15 16:58:13.0566 5576 sffp_sd (5b327b59fae2b01c34690d91ed03786e) C:\Windows\system32\drivers\sffp_sd.sys 2011/06/15 16:58:13.0660 5576 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/06/15 16:58:13.0754 5576 sisagp (e5773c4cff310d00a59db01ef4074135) C:\Windows\system32\drivers\sisagp.sys 2011/06/15 16:58:13.0910 5576 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2011/06/15 16:58:13.0941 5576 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2011/06/15 16:58:14.0113 5576 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys 2011/06/15 16:58:14.0191 5576 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys 2011/06/15 16:58:14.0254 5576 srv (081be0d7a95af38d2aa238afcfc103aa) C:\Windows\system32\DRIVERS\srv.sys 2011/06/15 16:58:14.0332 5576 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys 2011/06/15 16:58:14.0395 5576 srvnet (3d2ca9f958fb6e28447da61f65b9deba) C:\Windows\system32\DRIVERS\srvnet.sys 2011/06/15 16:58:14.0535 5576 swenum (9c539aaffb0b6d7bce984c74317ff29f) C:\Windows\system32\DRIVERS\swenum.sys 2011/06/15 16:58:14.0598 5576 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/06/15 16:58:14.0707 5576 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/06/15 16:58:14.0754 5576 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/06/15 16:58:14.0941 5576 Tcpip (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\drivers\tcpip.sys 2011/06/15 16:58:15.0160 5576 Tcpip6 (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\DRIVERS\tcpip.sys 2011/06/15 16:58:15.0191 5576 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys 2011/06/15 16:58:15.0332 5576 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys 2011/06/15 16:58:15.0379 5576 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys 2011/06/15 16:58:15.0441 5576 tdx (7973f7239486800cd79e4fdbab6a07df) C:\Windows\system32\DRIVERS\tdx.sys 2011/06/15 16:58:15.0488 5576 TermDD (cfe870506361bac80a549749116ad870) C:\Windows\system32\DRIVERS\termdd.sys 2011/06/15 16:58:15.0707 5576 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/06/15 16:58:15.0785 5576 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys 2011/06/15 16:58:15.0832 5576 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys 2011/06/15 16:58:15.0879 5576 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2011/06/15 16:58:15.0941 5576 udfs (deea398a92952ccc421ba5b39662cabe) C:\Windows\system32\DRIVERS\udfs.sys 2011/06/15 16:58:16.0051 5576 uliagpkx (5895ef4d0f1424392ee6439250e25677) C:\Windows\system32\drivers\uliagpkx.sys 2011/06/15 16:58:16.0113 5576 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2011/06/15 16:58:16.0301 5576 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/06/15 16:58:16.0348 5576 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/06/15 16:58:16.0473 5576 umbus (dc8828971d997de009647fce59e0ce8f) C:\Windows\system32\DRIVERS\umbus.sys 2011/06/15 16:58:16.0660 5576 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys 2011/06/15 16:58:16.0707 5576 usbccgp (3f795d59734259a00d385fbd65191bf4) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/06/15 16:58:16.0754 5576 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/06/15 16:58:16.0895 5576 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys 2011/06/15 16:58:16.0973 5576 usbehci (5555f6df13a1a1c327d67e9da7b99aee) C:\Windows\system32\DRIVERS\usbehci.sys 2011/06/15 16:58:17.0004 5576 usbhub (8dabb8cb47e0736930cf6492aed361a6) C:\Windows\system32\DRIVERS\usbhub.sys 2011/06/15 16:58:17.0160 5576 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys 2011/06/15 16:58:17.0223 5576 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/06/15 16:58:17.0332 5576 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys 2011/06/15 16:58:17.0395 5576 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/06/15 16:58:17.0473 5576 usbuhci (718fdf0b0f16e1d3b992f95eadf1af75) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/06/15 16:58:17.0645 5576 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/06/15 16:58:17.0691 5576 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys 2011/06/15 16:58:17.0738 5576 viaagp (66e64d5cbeb047c90e65f0962483a5b2) C:\Windows\system32\drivers\viaagp.sys 2011/06/15 16:58:17.0863 5576 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2011/06/15 16:58:17.0926 5576 viaide (7100b56688c5d6d7695d18fd001f0cd6) C:\Windows\system32\drivers\viaide.sys 2011/06/15 16:58:17.0973 5576 viamraid (7dc3e1dc6e4f8be381c31bfea578412a) C:\Windows\system32\drivers\viamraid.sys 2011/06/15 16:58:18.0082 5576 ViBus (aa3e6722843540b9c8ec5257e3d4b675) C:\Windows\system32\DRIVERS\ViBus.sys 2011/06/15 16:58:18.0129 5576 ViPrt (a1b7cffe5f09b825fba506c4de9fdac7) C:\Windows\system32\DRIVERS\ViPrt.sys 2011/06/15 16:58:18.0176 5576 volmgr (cc8a64a532fd2844ee68f4061ed8a7fd) C:\Windows\system32\drivers\volmgr.sys 2011/06/15 16:58:18.0332 5576 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys 2011/06/15 16:58:18.0457 5576 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys 2011/06/15 16:58:18.0613 5576 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2011/06/15 16:58:18.0801 5576 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/06/15 16:58:18.0863 5576 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/15 16:58:18.0910 5576 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/15 16:58:19.0051 5576 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2011/06/15 16:58:19.0113 5576 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys 2011/06/15 16:58:19.0410 5576 winusb (086d2e78eecd6195667282adc6ca109f) C:\Windows\system32\DRIVERS\winusb.sys 2011/06/15 16:58:19.0457 5576 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys 2011/06/15 16:58:19.0660 5576 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/06/15 16:58:19.0707 5576 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys 2011/06/15 16:58:19.0879 5576 WUDFRd (ee0974d4042da9cf4c569ac4eca8c9c0) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/06/15 16:58:19.0941 5576 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 2011/06/15 16:58:19.0988 5576 ================================================================================ 2011/06/15 16:58:19.0988 5576 Scan finished 2011/06/15 16:58:19.0988 5576 ================================================================================ 2011/06/15 16:58:20.0004 2996 Detected object count: 0 2011/06/15 16:58:20.0004 2996 Actual detected object count: 0 2011/06/15 16:59:02.0629 2160 ================================================================================ 2011/06/15 16:59:02.0629 2160 Scan started 2011/06/15 16:59:02.0629 2160 Mode: Manual; 2011/06/15 16:59:02.0629 2160 ================================================================================ 2011/06/15 16:59:03.0145 2160 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys 2011/06/15 16:59:03.0191 2160 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2011/06/15 16:59:03.0238 2160 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2011/06/15 16:59:03.0270 2160 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2011/06/15 16:59:03.0301 2160 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2011/06/15 16:59:03.0363 2160 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys 2011/06/15 16:59:03.0410 2160 agp440 (198636e76971ebc96404547ec0fd5e75) C:\Windows\system32\drivers\agp440.sys 2011/06/15 16:59:03.0441 2160 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/06/15 16:59:03.0504 2160 aliide (0b3b337a68d9a75cc8d787dc98b53d79) C:\Windows\system32\drivers\aliide.sys 2011/06/15 16:59:03.0598 2160 amdagp (2363abc8989a14fd7247ca6f4e89d397) C:\Windows\system32\drivers\amdagp.sys 2011/06/15 16:59:03.0660 2160 amdide (468a204966d09f327a662c35f4b15dd3) C:\Windows\system32\drivers\amdide.sys 2011/06/15 16:59:03.0707 2160 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2011/06/15 16:59:03.0738 2160 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2011/06/15 16:59:03.0801 2160 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2011/06/15 16:59:03.0895 2160 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2011/06/15 16:59:03.0910 2160 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/06/15 16:59:04.0020 2160 atapi (0b77f93ab73798f97e8e0a0aa4ccbeef) C:\Windows\system32\drivers\atapi.sys 2011/06/15 16:59:04.0098 2160 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys 2011/06/15 16:59:04.0191 2160 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys 2011/06/15 16:59:04.0223 2160 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/06/15 16:59:04.0254 2160 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/06/15 16:59:04.0301 2160 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/06/15 16:59:04.0348 2160 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/06/15 16:59:04.0395 2160 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/06/15 16:59:04.0410 2160 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/06/15 16:59:04.0441 2160 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/06/15 16:59:04.0645 2160 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys 2011/06/15 16:59:04.0691 2160 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys 2011/06/15 16:59:04.0738 2160 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2011/06/15 16:59:04.0785 2160 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys 2011/06/15 16:59:04.0863 2160 cmdide (2ac0c92b29ec21838f4cb46adb26bcc0) C:\Windows\system32\drivers\cmdide.sys 2011/06/15 16:59:04.0926 2160 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys 2011/06/15 16:59:04.0988 2160 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2011/06/15 16:59:05.0035 2160 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2011/06/15 16:59:05.0113 2160 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys 2011/06/15 16:59:05.0191 2160 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys 2011/06/15 16:59:05.0254 2160 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys 2011/06/15 16:59:05.0301 2160 DXGKrnl (2d13d9e98caf6321f219b28921af214c) C:\Windows\System32\drivers\dxgkrnl.sys 2011/06/15 16:59:05.0348 2160 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/06/15 16:59:05.0395 2160 Ecache (38573398f734b71b06cd2411494f234a) C:\Windows\system32\drivers\ecache.sys 2011/06/15 16:59:05.0504 2160 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2011/06/15 16:59:05.0566 2160 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys 2011/06/15 16:59:05.0613 2160 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2011/06/15 16:59:05.0676 2160 FET5X86V (8787449f8ef116db0e8e06c3555746a7) C:\Windows\system32\DRIVERS\fetnd5bv.sys 2011/06/15 16:59:05.0785 2160 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys 2011/06/15 16:59:05.0816 2160 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys 2011/06/15 16:59:05.0848 2160 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys 2011/06/15 16:59:05.0910 2160 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/06/15 16:59:05.0926 2160 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys 2011/06/15 16:59:05.0988 2160 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys 2011/06/15 16:59:06.0035 2160 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2011/06/15 16:59:06.0098 2160 GDMnIcpt (e07bb6d958dc2a000065c9e696050fae) C:\Windows\system32\drivers\MiniIcpt.sys 2011/06/15 16:59:06.0113 2160 GDTdiInterceptor (11ac049160d70280aa6e3f77c07f8909) C:\Windows\system32\drivers\GDTdiIcpt.sys 2011/06/15 16:59:06.0270 2160 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/06/15 16:59:06.0316 2160 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/06/15 16:59:06.0410 2160 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/06/15 16:59:06.0441 2160 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/06/15 16:59:06.0504 2160 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys 2011/06/15 16:59:06.0598 2160 HookCentre (4d7b09a5dbd7d711d82b3c7385405229) C:\Windows\system32\drivers\HookCentre.sys 2011/06/15 16:59:06.0645 2160 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2011/06/15 16:59:06.0707 2160 HTTP (481b86e8939289f77fbcea1b24cec687) C:\Windows\system32\drivers\HTTP.sys 2011/06/15 16:59:06.0754 2160 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2011/06/15 16:59:06.0801 2160 i8042prt (bea9838cd25d36beba3f94386a761d60) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/06/15 16:59:06.0863 2160 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\drivers\iastor.sys 2011/06/15 16:59:06.0926 2160 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2011/06/15 16:59:06.0957 2160 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/06/15 16:59:07.0129 2160 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys 2011/06/15 16:59:07.0207 2160 intelide (4a6b4c4fab7716c869fa9d19ac8ca5a5) C:\Windows\system32\drivers\intelide.sys 2011/06/15 16:59:07.0254 2160 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys 2011/06/15 16:59:07.0348 2160 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2011/06/15 16:59:07.0410 2160 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys 2011/06/15 16:59:07.0441 2160 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys 2011/06/15 16:59:07.0488 2160 isapnp (ce2997a0c3b0049a3188c4f0c7a04bc9) C:\Windows\system32\drivers\isapnp.sys 2011/06/15 16:59:07.0535 2160 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/06/15 16:59:07.0582 2160 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/06/15 16:59:07.0645 2160 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/06/15 16:59:07.0707 2160 JRAID (c1632fe31d1824a43dea29725312e3fa) C:\Windows\system32\drivers\jraid.sys 2011/06/15 16:59:07.0754 2160 kbdclass (c9b0cf786d5f151a43c7be8e243f2819) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/06/15 16:59:07.0785 2160 kbdhid (97ab2fb84e8e77d93cee85550f4cf7f9) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/06/15 16:59:07.0848 2160 KSecDD (b6fac1ff7d4a05c06da9e53dbf5e9e7a) C:\Windows\system32\Drivers\ksecdd.sys 2011/06/15 16:59:07.0926 2160 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys 2011/06/15 16:59:07.0988 2160 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2011/06/15 16:59:08.0129 2160 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2011/06/15 16:59:08.0176 2160 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2011/06/15 16:59:08.0223 2160 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys 2011/06/15 16:59:08.0270 2160 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2011/06/15 16:59:08.0332 2160 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys 2011/06/15 16:59:08.0410 2160 monitor (ee05f7a5e2cefb275b08f3e3fcc2a8eb) C:\Windows\system32\DRIVERS\monitor.sys 2011/06/15 16:59:08.0441 2160 mouclass (4a00b3cf90ad075193ca5aeece71154c) C:\Windows\system32\DRIVERS\mouclass.sys 2011/06/15 16:59:08.0535 2160 mouhid (8d9b701d716843c39e93b3432cb721fc) C:\Windows\system32\DRIVERS\mouhid.sys 2011/06/15 16:59:08.0566 2160 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys 2011/06/15 16:59:08.0629 2160 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2011/06/15 16:59:08.0676 2160 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys 2011/06/15 16:59:08.0801 2160 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/06/15 16:59:08.0848 2160 MRxDAV (08f0c494a69cf3106ee7ffc48d8e5ac7) C:\Windows\system32\drivers\mrxdav.sys 2011/06/15 16:59:08.0910 2160 mrxsmb (bbb0d31b477cff3b4f737ed0367f635f) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/06/15 16:59:08.0926 2160 mrxsmb10 (a6130566ac4178473b5dac8f8f74407d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/06/15 16:59:08.0973 2160 mrxsmb20 (3d475e770d3ab2d0c5e3e1386871f9da) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/06/15 16:59:09.0020 2160 msahci (13fa01d10c95762e3e191bb023dfa8cc) C:\Windows\system32\drivers\msahci.sys 2011/06/15 16:59:09.0082 2160 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2011/06/15 16:59:09.0176 2160 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys 2011/06/15 16:59:09.0223 2160 msisadrv (0a64168b63535520adfd6b959695404a) C:\Windows\system32\drivers\msisadrv.sys 2011/06/15 16:59:09.0270 2160 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys 2011/06/15 16:59:09.0301 2160 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/06/15 16:59:09.0316 2160 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys 2011/06/15 16:59:09.0363 2160 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys 2011/06/15 16:59:09.0395 2160 mssmbios (e09cedb1bca303b7f6ae22f512e56969) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/06/15 16:59:09.0504 2160 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys 2011/06/15 16:59:09.0535 2160 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys 2011/06/15 16:59:09.0598 2160 NativeWifiP (be8c26e61be5c5a49a6babd17aeed1b7) C:\Windows\system32\DRIVERS\nwifi.sys 2011/06/15 16:59:09.0660 2160 NDIS (6e8dfface597629cef5df7d69217628f) C:\Windows\system32\drivers\ndis.sys 2011/06/15 16:59:09.0691 2160 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/06/15 16:59:09.0738 2160 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/06/15 16:59:09.0770 2160 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/06/15 16:59:09.0801 2160 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys 2011/06/15 16:59:09.0832 2160 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys 2011/06/15 16:59:09.0863 2160 netbt (231f6ccfdb7a604221f18fb0852c8560) C:\Windows\system32\DRIVERS\netbt.sys 2011/06/15 16:59:09.0988 2160 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/06/15 16:59:10.0035 2160 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys 2011/06/15 16:59:10.0113 2160 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys 2011/06/15 16:59:10.0191 2160 Ntfs (f08824715ca6076f5e73e005ab83b9c8) C:\Windows\system32\drivers\Ntfs.sys 2011/06/15 16:59:10.0332 2160 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/06/15 16:59:10.0363 2160 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys 2011/06/15 16:59:10.0566 2160 nvlddmkm (0ad2e0a3933aac2a392f0c6a68e2d2f8) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/06/15 16:59:10.0754 2160 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2011/06/15 16:59:10.0801 2160 nvrd32 (ed399014a8029de02ba5ae01da8cc9ee) C:\Windows\system32\drivers\nvrd32.sys 2011/06/15 16:59:10.0816 2160 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2011/06/15 16:59:10.0879 2160 nvstor32 (703e3a7093b0fac0eebadbb8e931ecaf) C:\Windows\system32\drivers\nvstor32.sys 2011/06/15 16:59:10.0926 2160 nv_agp (925eb9e53eca4473a2d156a02b7418e3) C:\Windows\system32\drivers\nv_agp.sys 2011/06/15 16:59:11.0004 2160 ohci1394 (8994cbfc215a9ef4495e6ae7992954fc) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/06/15 16:59:11.0145 2160 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/06/15 16:59:11.0176 2160 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys 2011/06/15 16:59:11.0207 2160 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/06/15 16:59:11.0238 2160 pci (a48c4d0acc933f7a37e52ab0761811ad) C:\Windows\system32\drivers\pci.sys 2011/06/15 16:59:11.0363 2160 pciide (353968946bcb766f6c5c01717686b382) C:\Windows\system32\drivers\pciide.sys 2011/06/15 16:59:11.0426 2160 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/06/15 16:59:11.0473 2160 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/06/15 16:59:11.0598 2160 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys 2011/06/15 16:59:11.0645 2160 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2011/06/15 16:59:11.0723 2160 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys 2011/06/15 16:59:11.0785 2160 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2011/06/15 16:59:11.0832 2160 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/06/15 16:59:11.0926 2160 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys 2011/06/15 16:59:11.0973 2160 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys 2011/06/15 16:59:12.0098 2160 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/06/15 16:59:12.0145 2160 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/06/15 16:59:12.0270 2160 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys 2011/06/15 16:59:12.0285 2160 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/06/15 16:59:12.0363 2160 rdpdr (87ee019fe9fbff071d76ccf9ec794646) C:\Windows\system32\drivers\rdpdr.sys 2011/06/15 16:59:12.0473 2160 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys 2011/06/15 16:59:12.0535 2160 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys 2011/06/15 16:59:12.0691 2160 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys 2011/06/15 16:59:12.0754 2160 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/06/15 16:59:12.0910 2160 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/06/15 16:59:12.0957 2160 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys 2011/06/15 16:59:13.0051 2160 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys 2011/06/15 16:59:13.0098 2160 sermouse (2baf2abc0da0d50ebe8289c720977052) C:\Windows\system32\drivers\sermouse.sys 2011/06/15 16:59:13.0270 2160 sffdisk (55b145d4248012d306da8e92fa9fdc20) C:\Windows\system32\drivers\sffdisk.sys 2011/06/15 16:59:13.0316 2160 sffp_mmc (b86dfcd55294a0495571a27b861e6ef3) C:\Windows\system32\drivers\sffp_mmc.sys 2011/06/15 16:59:13.0348 2160 sffp_sd (5b327b59fae2b01c34690d91ed03786e) C:\Windows\system32\drivers\sffp_sd.sys 2011/06/15 16:59:13.0395 2160 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/06/15 16:59:13.0551 2160 sisagp (e5773c4cff310d00a59db01ef4074135) C:\Windows\system32\drivers\sisagp.sys 2011/06/15 16:59:13.0582 2160 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2011/06/15 16:59:13.0613 2160 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2011/06/15 16:59:13.0676 2160 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys 2011/06/15 16:59:13.0738 2160 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys 2011/06/15 16:59:13.0816 2160 srv (081be0d7a95af38d2aa238afcfc103aa) C:\Windows\system32\DRIVERS\srv.sys 2011/06/15 16:59:13.0863 2160 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys 2011/06/15 16:59:13.0926 2160 srvnet (3d2ca9f958fb6e28447da61f65b9deba) C:\Windows\system32\DRIVERS\srvnet.sys 2011/06/15 16:59:14.0051 2160 swenum (9c539aaffb0b6d7bce984c74317ff29f) C:\Windows\system32\DRIVERS\swenum.sys 2011/06/15 16:59:14.0113 2160 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/06/15 16:59:14.0145 2160 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/06/15 16:59:14.0191 2160 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/06/15 16:59:14.0285 2160 Tcpip (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\drivers\tcpip.sys 2011/06/15 16:59:14.0348 2160 Tcpip6 (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\DRIVERS\tcpip.sys 2011/06/15 16:59:14.0410 2160 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys 2011/06/15 16:59:14.0520 2160 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys 2011/06/15 16:59:14.0551 2160 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys 2011/06/15 16:59:14.0613 2160 tdx (7973f7239486800cd79e4fdbab6a07df) C:\Windows\system32\DRIVERS\tdx.sys 2011/06/15 16:59:14.0645 2160 TermDD (cfe870506361bac80a549749116ad870) C:\Windows\system32\DRIVERS\termdd.sys 2011/06/15 16:59:14.0832 2160 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/06/15 16:59:14.0879 2160 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys 2011/06/15 16:59:14.0941 2160 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys 2011/06/15 16:59:14.0988 2160 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2011/06/15 16:59:15.0051 2160 udfs (deea398a92952ccc421ba5b39662cabe) C:\Windows\system32\DRIVERS\udfs.sys 2011/06/15 16:59:15.0191 2160 uliagpkx (5895ef4d0f1424392ee6439250e25677) C:\Windows\system32\drivers\uliagpkx.sys 2011/06/15 16:59:15.0254 2160 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2011/06/15 16:59:15.0285 2160 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/06/15 16:59:15.0332 2160 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/06/15 16:59:15.0363 2160 umbus (dc8828971d997de009647fce59e0ce8f) C:\Windows\system32\DRIVERS\umbus.sys 2011/06/15 16:59:15.0441 2160 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys 2011/06/15 16:59:15.0473 2160 usbccgp (3f795d59734259a00d385fbd65191bf4) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/06/15 16:59:15.0520 2160 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/06/15 16:59:15.0566 2160 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys 2011/06/15 16:59:15.0613 2160 usbehci (5555f6df13a1a1c327d67e9da7b99aee) C:\Windows\system32\DRIVERS\usbehci.sys 2011/06/15 16:59:15.0660 2160 usbhub (8dabb8cb47e0736930cf6492aed361a6) C:\Windows\system32\DRIVERS\usbhub.sys 2011/06/15 16:59:15.0707 2160 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys 2011/06/15 16:59:15.0754 2160 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/06/15 16:59:15.0785 2160 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys 2011/06/15 16:59:15.0848 2160 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/06/15 16:59:15.0879 2160 usbuhci (718fdf0b0f16e1d3b992f95eadf1af75) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/06/15 16:59:16.0035 2160 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/06/15 16:59:16.0066 2160 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys 2011/06/15 16:59:16.0113 2160 viaagp (66e64d5cbeb047c90e65f0962483a5b2) C:\Windows\system32\drivers\viaagp.sys 2011/06/15 16:59:16.0145 2160 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2011/06/15 16:59:16.0191 2160 viaide (7100b56688c5d6d7695d18fd001f0cd6) C:\Windows\system32\drivers\viaide.sys 2011/06/15 16:59:16.0254 2160 viamraid (7dc3e1dc6e4f8be381c31bfea578412a) C:\Windows\system32\drivers\viamraid.sys 2011/06/15 16:59:16.0301 2160 ViBus (aa3e6722843540b9c8ec5257e3d4b675) C:\Windows\system32\DRIVERS\ViBus.sys 2011/06/15 16:59:16.0332 2160 ViPrt (a1b7cffe5f09b825fba506c4de9fdac7) C:\Windows\system32\DRIVERS\ViPrt.sys 2011/06/15 16:59:16.0363 2160 volmgr (cc8a64a532fd2844ee68f4061ed8a7fd) C:\Windows\system32\drivers\volmgr.sys 2011/06/15 16:59:16.0410 2160 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys 2011/06/15 16:59:16.0520 2160 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys 2011/06/15 16:59:16.0566 2160 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2011/06/15 16:59:16.0707 2160 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/06/15 16:59:16.0738 2160 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/15 16:59:16.0754 2160 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/15 16:59:16.0832 2160 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2011/06/15 16:59:16.0895 2160 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys 2011/06/15 16:59:17.0004 2160 winusb (086d2e78eecd6195667282adc6ca109f) C:\Windows\system32\DRIVERS\winusb.sys 2011/06/15 16:59:17.0066 2160 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys 2011/06/15 16:59:17.0223 2160 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/06/15 16:59:17.0285 2160 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys 2011/06/15 16:59:17.0363 2160 WUDFRd (ee0974d4042da9cf4c569ac4eca8c9c0) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/06/15 16:59:17.0410 2160 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 2011/06/15 16:59:17.0441 2160 ================================================================================ 2011/06/15 16:59:17.0441 2160 Scan finished 2011/06/15 16:59:17.0441 2160 ================================================================================ 2011/06/15 16:59:17.0457 5908 Detected object count: 0 2011/06/15 16:59:17.0457 5908 Actual detected object count: 0 |
|
| Themen zu Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen |
| com surrogate funktioniert nicht mehr, converter, desktop, error, firefox, flash player, google chrome, google earth, grand theft auto, iexplore.exe, install.exe, logfile, nvlddmkm.sys, oldtimer, plug-in, programm, realtek, searchplugins, security, security scan, shell32.dll, shortcut, software, start menu, svchost.exe, vista recovery, windows |
Textbox.
.
Linear-Darstellung
