| |
| |||||||
Log-Analyse und Auswertung: JS/TrojanDownloader.Iframe.NKE trojan/HTML/Fraud.BG trojanWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
29.09.2012, 20:17
| #1 |
 |  JS/TrojanDownloader.Iframe.NKE trojan/HTML/Fraud.BG trojan Bitte um Hilfe! hier der link zu meinen Problem... http://www.trojaner-board.de/124039-...entfernen.html hab Viren und Trojaner auf dem Laptop |
|
30.09.2012, 21:50
| #2 |
| | JS/TrojanDownloader.Iframe.NKE trojan/HTML/Fraud.BG trojan ***** DRIVE/DIRECTORY SCAN *****
__________________Trojan Remover Ver 6.8.5.2611. For information, email support@simplysup.com [Unregistered version] Scan started at: 19:16:40 30 Sep 2012 Using Database v7962 Operating System: Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601] File System: NTFS UAC is ENABLED [default level] UserData directory: C:\Users\fabo\AppData\Roaming\Simply Super Software\Trojan Remover\ Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\ Logfile directory: C:\Users\fabo\Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files (x86)\Trojan Remover\ Running with Administrator privileges ************************************************************ Carrying out scan on C:\ (including subdirectories) Archive files will be EXCLUDED. ------------------------------ C:\Program Files (x86)\OpenOffice.org 3\program\calc.dll appears to contain: Trojan.FakeAlert C:\Program Files (x86)\OpenOffice.org 3\program\calc.dll - file renamed to: C:\Program Files (x86)\OpenOffice.org 3\program\calc.dll.vir C:\ProgramData\Avira\AntiVir Desktop\TEMP\avguard1.tmp appears to be in-use/locked C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin appears to be in-use/locked C:\Users\All Users\Avira\AntiVir Desktop\TEMP\avguard1.tmp appears to be in-use/locked C:\Users\All Users\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin appears to be in-use/locked C:\windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb appears to be in-use/locked C:\windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb appears to be in-use/locked C:\windows\System32\config\RegBack\SECURITY appears to be in-use/locked C:\windows\System32\config\security appears to be in-use/locked ------------------------------ 133875 files scanned 1 Malware file detected Scan completed at: 22:35:05 30 Sep 2012 Total Scan time: 03:18:24 ------------------------------------------------------------------------- Trojan Remover needs to restart the system to complete operations 30.09.2012 22:39:21: restart commenced ************************************************************ ***** DRIVE/DIRECTORY SCAN ***** Trojan Remover Ver 6.8.5.2611. For information, email support@simplysup.com [Unregistered version] Scan started at: 18:08:19 30 Sep 2012 Using Database v7962 Operating System: Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601] File System: NTFS UAC is ENABLED [default level] UserData directory: C:\Users\fabo\AppData\Roaming\Simply Super Software\Trojan Remover\ Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\ Logfile directory: C:\Users\fabo\Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files (x86)\Trojan Remover\ Running with Administrator privileges ************************************************************ Carrying out scan on D:\ (including subdirectories) Archive files will be EXCLUDED. ------------------------------ ------------------------------ 25952 files scanned Directory scan complete - no Malware files detected Scan completed at: 19:08:41 30 Sep 2012 Total Scan time: 01:00:21 ************************************************************ ***** NORMAL SCAN FOR ACTIVE MALWARE ***** Trojan Remover Ver 6.8.5.2611. For information, email support@simplysup.com [Unregistered version] Scan started at: 18:06:42 30 Sep 2012 Using Database v7962 Operating System: Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601] File System: NTFS UAC is ENABLED [default level] UserData directory: C:\Users\fabo\AppData\Roaming\Simply Super Software\Trojan Remover\ Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\ Logfile directory: C:\Users\fabo\Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files (x86)\Trojan Remover\ Running with Administrator privileges ************************************************************ 18:06:42: ----- CHECKING DEFAULT FILE ASSOCIATIONS ----- No modified default file associations detected ************************************************************ 18:06:42: ----- SCANNING FOR ROOTKIT SERVICES ----- No hidden Services were detected. ************************************************************ 18:06:42: Scanning -----WINDOWS REGISTRY----- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon This key's "Shell" value calls the following program(s): Key value: [explorer.exe] File: C:\windows\Explorer.exe C:\windows\Explorer.exe 2871808 bytes Created: 30.08.2011 17:48 Modified: 25.02.2011 08:19 Company: Microsoft Corporation ---------- This key's "Userinit" value calls the following program(s): Key value: [C:\Windows\system32\userinit.exe,] File: C:\Windows\system32\userinit.exe C:\windows\System32\userinit.exe 30720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: [avgnt] Value Data: ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 348664 bytes Created: 08.03.2012 19:27 Modified: 08.08.2012 18:26 Company: Avira Operations GmbH & Co. KG -------------------- Value Name: [HP Software Update] Value Data: [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 49208 bytes Created: 10.05.2011 02:41 Modified: 10.05.2011 02:41 Company: Hewlett-Packard -------------------- Value Name: [Adobe ARM] Value Data: ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 919008 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated -------------------- Value Name: [APSDaemon] Value Data: ["C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 59280 bytes Created: 30.05.2012 20:06 Modified: 30.05.2012 20:06 Company: Apple Inc. -------------------- Value Name: [iTunesHelper] Value Data: ["C:\Program Files (x86)\iTunes\iTunesHelper.exe"] C:\Program Files (x86)\iTunes\iTunesHelper.exe 421776 bytes Created: 07.06.2012 19:33 Modified: 07.06.2012 19:33 Company: Apple Inc. -------------------- Value Name: [Norton Online Backup] Value Data: [C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe 1155928 bytes Created: 01.06.2010 15:33 Modified: 01.06.2010 15:33 Company: Symantec Corporation -------------------- Value Name: [SunJavaUpdateSched] Value Data: ["C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 252848 bytes Created: 03.07.2012 09:04 Modified: 03.07.2012 09:04 Company: Sun Microsystems, Inc. -------------------- Value Name: [TrojanScanner] Value Data: [C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot] C:\Program Files (x86)\Trojan Remover\Trjscan.exe 1247504 bytes Created: 30.09.2012 17:53 Modified: 30.09.2012 17:54 Company: Simply Super Software -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run Value Name: [NokiaSuite.exe] Value Data: [C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe 1086376 bytes Created: 03.08.2012 16:06 Modified: 03.08.2012 16:06 Company: Nokia -------------------- Value Name: [BlazeServoTool] Value Data: ["C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe"] C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe - [file not found to scan] -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty ************************************************************ 18:06:43: Scanning -----WINDOWS 64 Bit REGISTRY----- -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: [RtHDVCpl] Value Data: [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 11855976 bytes Created: 09.06.2011 08:08 Modified: 19.05.2011 04:21 Company: Realtek Semiconductor -------------------- Value Name: [IgfxTray] Value Data: [C:\windows\system32\igfxtray.exe] C:\windows\System32\igfxtray.exe 167704 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [HotKeysCmds] Value Data: [C:\windows\system32\hkcmd.exe] C:\windows\System32\hkcmd.exe 392984 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [Persistence] Value Data: [C:\windows\system32\igfxpers.exe] C:\windows\System32\igfxpers.exe 417560 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [ETDCtrl] Value Data: [%ProgramFiles%\Elantech\ETDCtrl.exe] C:\Program Files\Elantech\ETDCtrl.exe 2817872 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty ************************************************************ 18:06:44: Scanning -----SHELLEXECUTEHOOKS----- ShellExecuteHooks key is empty ************************************************************ 18:06:44: Scanning -----HIDDEN REGISTRY ENTRIES----- Taskdir check completed ---------- No Hidden File-loading Registry Entries found ---------- ************************************************************ 18:06:44: Scanning -----ACTIVE SCREENSAVER----- No active ScreenSaver found to scan. ************************************************************ 18:06:44: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----- Key: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} Path: %SystemRoot%\system32\unregmp2.exe /ShowWMP C:\windows\System32\unregmp2.exe 323584 bytes Created: 14.07.2009 02:23 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: >{26923b43-4d38-484f-9b9e-de460746276c} Path: C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig C:\Windows\SysWOW64\ie4uinit.exe 74240 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} Path: "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP C:\Windows\SysWOW64\iedkcs32.dll 353584 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} Path: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll C:\windows\System32\themeui.dll 2851840 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation Scan cancelled by User ---------- Windows Registry Active Setup Keys scan stopped at user request The ServiceDLLs registry keys were not scanned The Services registry keys were not scanned The VxD Entries were not scanned The Winlogon\Notify DLLs were not scanned The ContextMenuHandlers were not scanned The Browser Helper Objects were not scanned The ShellServiceObjects were not scanned The SharedTaskScheduler DLLs were not scanned The Imagefile Debuggers were not scanned The AppInit_DLLs were not scanned The Security Provider DLLs were not scanned The Global Startup Group was not scanned The User Startup Groups were not scanned The Scheduled Tasks were not scanned The ShellIconOverylayIdentifiers were not scanned The Device Drivers were not scanned Heuristic Scans were not carried out Running Processes were not scanned The HOSTS file was not checked The check on Explorer.exe was not carried out Internet Explorer settings were not checked. ************************************************************ === NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES === Scan completed at: 18:06:46 30 Sep 2012 Total Scan time: 00:00:04 ************************************************************ ***** NORMAL SCAN FOR ACTIVE MALWARE ***** Trojan Remover Ver 6.8.5.2611. For information, email support@simplysup.com [Unregistered version] Scan started at: 18:04:19 30 Sep 2012 Using Database v7962 Operating System: Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601] File System: NTFS UAC is ENABLED [default level] UserData directory: C:\Users\fabo\AppData\Roaming\Simply Super Software\Trojan Remover\ Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\ Logfile directory: C:\Users\fabo\Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files (x86)\Trojan Remover\ Running with Administrator privileges ************************************************************ 18:04:19: ----- CHECKING DEFAULT FILE ASSOCIATIONS ----- No modified default file associations detected ************************************************************ 18:04:19: ----- SCANNING FOR ROOTKIT SERVICES ----- No hidden Services were detected. ************************************************************ 18:04:19: Scanning -----WINDOWS REGISTRY----- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon This key's "Shell" value calls the following program(s): Key value: [explorer.exe] File: C:\windows\Explorer.exe C:\windows\Explorer.exe 2871808 bytes Created: 30.08.2011 17:48 Modified: 25.02.2011 08:19 Company: Microsoft Corporation ---------- This key's "Userinit" value calls the following program(s): Key value: [C:\Windows\system32\userinit.exe,] File: C:\Windows\system32\userinit.exe C:\windows\System32\userinit.exe 30720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: [avgnt] Value Data: ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 348664 bytes Created: 08.03.2012 19:27 Modified: 08.08.2012 18:26 Company: Avira Operations GmbH & Co. KG -------------------- Value Name: [HP Software Update] Value Data: [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 49208 bytes Created: 10.05.2011 02:41 Modified: 10.05.2011 02:41 Company: Hewlett-Packard -------------------- Value Name: [Adobe ARM] Value Data: ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 919008 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated -------------------- Value Name: [APSDaemon] Value Data: ["C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 59280 bytes Created: 30.05.2012 20:06 Modified: 30.05.2012 20:06 Company: Apple Inc. -------------------- Value Name: [iTunesHelper] Value Data: ["C:\Program Files (x86)\iTunes\iTunesHelper.exe"] C:\Program Files (x86)\iTunes\iTunesHelper.exe 421776 bytes Created: 07.06.2012 19:33 Modified: 07.06.2012 19:33 Company: Apple Inc. -------------------- Value Name: [Norton Online Backup] Value Data: [C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe 1155928 bytes Created: 01.06.2010 15:33 Modified: 01.06.2010 15:33 Company: Symantec Corporation -------------------- Value Name: [SunJavaUpdateSched] Value Data: ["C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 252848 bytes Created: 03.07.2012 09:04 Modified: 03.07.2012 09:04 Company: Sun Microsystems, Inc. -------------------- Value Name: [TrojanScanner] Value Data: [C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot] C:\Program Files (x86)\Trojan Remover\Trjscan.exe 1247504 bytes Created: 30.09.2012 17:53 Modified: 30.09.2012 17:54 Company: Simply Super Software -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run Value Name: [NokiaSuite.exe] Value Data: [C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe 1086376 bytes Created: 03.08.2012 16:06 Modified: 03.08.2012 16:06 Company: Nokia -------------------- Value Name: [BlazeServoTool] Value Data: ["C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe"] C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe - [file not found to scan] -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty ************************************************************ 18:04:20: Scanning -----WINDOWS 64 Bit REGISTRY----- -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: [RtHDVCpl] Value Data: [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 11855976 bytes Created: 09.06.2011 08:08 Modified: 19.05.2011 04:21 Company: Realtek Semiconductor -------------------- Value Name: [IgfxTray] Value Data: [C:\windows\system32\igfxtray.exe] C:\windows\System32\igfxtray.exe 167704 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [HotKeysCmds] Value Data: [C:\windows\system32\hkcmd.exe] C:\windows\System32\hkcmd.exe 392984 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [Persistence] Value Data: [C:\windows\system32\igfxpers.exe] C:\windows\System32\igfxpers.exe 417560 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [ETDCtrl] Value Data: [%ProgramFiles%\Elantech\ETDCtrl.exe] C:\Program Files\Elantech\ETDCtrl.exe 2817872 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty ************************************************************ 18:04:20: Scanning -----SHELLEXECUTEHOOKS----- ShellExecuteHooks key is empty ************************************************************ 18:04:20: Scanning -----HIDDEN REGISTRY ENTRIES----- Taskdir check completed ---------- No Hidden File-loading Registry Entries found ---------- ************************************************************ 18:04:21: Scanning -----ACTIVE SCREENSAVER----- No active ScreenSaver found to scan. ************************************************************ 18:04:21: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----- Key: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} Path: %SystemRoot%\system32\unregmp2.exe /ShowWMP C:\windows\System32\unregmp2.exe 323584 bytes Created: 14.07.2009 02:23 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: >{26923b43-4d38-484f-9b9e-de460746276c} Path: C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig C:\Windows\SysWOW64\ie4uinit.exe 74240 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} Path: "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP C:\Windows\SysWOW64\iedkcs32.dll 353584 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} Path: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll C:\windows\System32\themeui.dll 2851840 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} Path: "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE C:\Program Files (x86)\Windows Mail\WinMail.exe Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6} Path: %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI C:\windows\System32\unregmp2.exe 323584 bytes Created: 14.07.2009 02:23 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: {89820200-ECBD-11cf-8B85-00AA005B4340} Path: regsvr32.exe /s /n /i:U shell32.dll C:\windows\System32\shell32.dll 14172672 bytes Created: 10.07.2012 21:35 Modified: 09.06.2012 07:43 Company: Microsoft Corporation ---------- Key: {89820200-ECBD-11cf-8B85-00AA005B4383} Path: C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings C:\Windows\SysWOW64\ie4uinit.exe 74240 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: {89B4C1CD-B018-4511-B0A1-5476DBF70820} Path: C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install C:\Windows\SysWOW64\mscories.dll 80720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- ************************************************************ 18:04:22: Scanning ----- SERVICEDLL REGISTRY KEYS ----- ************************************************************ 18:04:22: Scanning ----- SERVICES REGISTRY KEYS ----- Key: 1394ohci ImagePath: \SystemRoot\system32\drivers\1394ohci.sys C:\windows\System32\drivers\1394ohci.sys 229888 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: ACPI ImagePath: system32\drivers\ACPI.sys C:\windows\System32\drivers\ACPI.sys 334208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: AcpiPmi ImagePath: \SystemRoot\system32\drivers\acpipmi.sys C:\windows\System32\drivers\acpipmi.sys 12800 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: AdobeARMservice ImagePath: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 63960 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated ---------- Key: AdobeFlashPlayerUpdateSvc ImagePath: C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 250288 bytes Created: 25.06.2012 21:23 Modified: 29.09.2012 21:21 Company: Adobe Systems Incorporated ---------- Key: adp94xx ImagePath: \SystemRoot\system32\drivers\adp94xx.sys C:\windows\System32\drivers\adp94xx.sys 491088 bytes Created: 10.06.2009 22:36 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: adpahci ImagePath: \SystemRoot\system32\drivers\adpahci.sys C:\windows\System32\drivers\adpahci.sys 339536 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: adpu320 ImagePath: \SystemRoot\system32\drivers\adpu320.sys C:\windows\System32\drivers\adpu320.sys 182864 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: AFD ImagePath: \SystemRoot\system32\drivers\afd.sys C:\windows\System32\drivers\afd.sys 498688 bytes Created: 16.02.2012 23:34 Modified: 28.12.2011 05:59 Company: Microsoft Corporation ---------- Key: agp440 ImagePath: \SystemRoot\system32\drivers\agp440.sys C:\windows\System32\drivers\agp440.sys 61008 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: ALG ImagePath: %SystemRoot%\System32\alg.exe C:\windows\System32\alg.exe 79360 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 03:38 Company: Microsoft Corporation ---------- Key: aliide ImagePath: \SystemRoot\system32\drivers\aliide.sys C:\windows\System32\drivers\aliide.sys 15440 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Acer Laboratories Inc. ---------- Key: amdide ImagePath: \SystemRoot\system32\drivers\amdide.sys C:\windows\System32\drivers\amdide.sys 15440 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: AmdK8 ImagePath: \SystemRoot\system32\drivers\amdk8.sys C:\windows\System32\drivers\amdk8.sys 64512 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: AmdPPM ImagePath: \SystemRoot\system32\drivers\amdppm.sys C:\windows\System32\drivers\amdppm.sys 60928 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: amdsata ImagePath: \SystemRoot\system32\drivers\amdsata.sys C:\windows\System32\drivers\amdsata.sys 107904 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Advanced Micro Devices ---------- Key: amdsbs ImagePath: \SystemRoot\system32\drivers\amdsbs.sys C:\windows\System32\drivers\amdsbs.sys 194128 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:52 Company: AMD Technologies Inc. ---------- Key: amdxata ImagePath: system32\drivers\amdxata.sys C:\windows\System32\drivers\amdxata.sys 27008 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Advanced Micro Devices ---------- Key: AntiVirSchedulerService ImagePath: "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 86224 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: AntiVirService ImagePath: "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 110032 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: AppID ImagePath: \SystemRoot\system32\drivers\appid.sys C:\windows\System32\drivers\appid.sys 61440 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Apple Mobile Device ImagePath: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 55184 bytes Created: 24.05.2012 13:28 Modified: 24.05.2012 13:28 Company: Apple Inc. ---------- Key: arc ImagePath: \SystemRoot\system32\drivers\arc.sys C:\windows\System32\drivers\arc.sys 87632 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: arcsas ImagePath: \SystemRoot\system32\drivers\arcsas.sys C:\windows\System32\drivers\arcsas.sys 97856 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: AsyncMac ImagePath: system32\DRIVERS\asyncmac.sys C:\windows\System32\DRIVERS\asyncmac.sys 23040 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: atapi ImagePath: system32\drivers\atapi.sys C:\windows\System32\drivers\atapi.sys 24128 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: avgntflt ImagePath: system32\DRIVERS\avgntflt.sys C:\windows\System32\DRIVERS\avgntflt.sys 98848 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira GmbH ---------- Key: avipbb ImagePath: system32\DRIVERS\avipbb.sys C:\windows\System32\DRIVERS\avipbb.sys 132832 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira GmbH ---------- Key: avkmgr ImagePath: system32\DRIVERS\avkmgr.sys C:\windows\System32\DRIVERS\avkmgr.sys 27760 bytes Created: 08.03.2012 19:27 Modified: 16.09.2011 17:08 Company: Avira GmbH ---------- Key: b06bdrv ImagePath: \SystemRoot\system32\drivers\bxvbda.sys C:\windows\System32\drivers\bxvbda.sys 468480 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: b57nd60a ImagePath: system32\DRIVERS\b57nd60a.sys C:\windows\System32\DRIVERS\b57nd60a.sys 270848 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: blbdrive ImagePath: system32\DRIVERS\blbdrive.sys C:\windows\System32\DRIVERS\blbdrive.sys 45056 bytes Created: 14.07.2009 01:35 Modified: 14.07.2009 01:35 Company: Microsoft Corporation ---------- Key: Bonjour Service ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Program Files\Bonjour\mDNSResponder.exe 462184 bytes Created: 30.08.2011 23:05 Modified: 30.08.2011 23:05 Company: Apple Inc. ---------- Key: bowser ImagePath: system32\DRIVERS\bowser.sys C:\windows\System32\DRIVERS\bowser.sys 90624 bytes Created: 09.06.2011 08:41 Modified: 23.02.2011 06:55 Company: Microsoft Corporation ---------- Key: BrFiltLo ImagePath: \SystemRoot\system32\drivers\BrFiltLo.sys C:\windows\System32\drivers\BrFiltLo.sys 18432 bytes Created: 14.07.2009 03:19 Modified: 10.06.2009 22:41 Company: Brother Industries, Ltd. ---------- Key: BrFiltUp ImagePath: \SystemRoot\system32\drivers\BrFiltUp.sys C:\windows\System32\drivers\BrFiltUp.sys 8704 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries, Ltd. ---------- Key: Brserid ImagePath: \SystemRoot\System32\Drivers\Brserid.sys C:\windows\System32\Drivers\Brserid.sys 286720 bytes Created: 14.07.2009 03:19 Modified: 14.07.2009 03:19 Company: Brother Industries Ltd. ---------- Key: BrSerWdm ImagePath: \SystemRoot\System32\Drivers\BrSerWdm.sys C:\windows\System32\Drivers\BrSerWdm.sys 47104 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BrUsbMdm ImagePath: \SystemRoot\System32\Drivers\BrUsbMdm.sys C:\windows\System32\Drivers\BrUsbMdm.sys 14976 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BrUsbSer ImagePath: \SystemRoot\System32\Drivers\BrUsbSer.sys C:\windows\System32\Drivers\BrUsbSer.sys 14720 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BthEnum ImagePath: \SystemRoot\system32\drivers\BthEnum.sys C:\windows\System32\drivers\BthEnum.sys 41984 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: BTHMODEM ImagePath: \SystemRoot\system32\drivers\bthmodem.sys C:\windows\System32\drivers\bthmodem.sys 72192 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: BthPan ImagePath: system32\DRIVERS\bthpan.sys C:\windows\System32\DRIVERS\bthpan.sys 118784 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: BTHPORT ImagePath: \SystemRoot\System32\Drivers\BTHport.sys C:\windows\System32\Drivers\BTHport.sys 552960 bytes Created: 15.08.2012 21:47 Modified: 06.07.2012 22:07 Company: Microsoft Corporation ---------- Key: BTHUSB ImagePath: \SystemRoot\System32\Drivers\BTHUSB.sys C:\windows\System32\Drivers\BTHUSB.sys 80384 bytes Created: 31.08.2011 16:13 Modified: 28.04.2011 05:54 Company: Microsoft Corporation ---------- Key: cdfs ImagePath: system32\DRIVERS\cdfs.sys C:\windows\System32\DRIVERS\cdfs.sys 92160 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: cdrom ImagePath: system32\DRIVERS\cdrom.sys C:\windows\System32\DRIVERS\cdrom.sys 147456 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: circlass ImagePath: \SystemRoot\system32\drivers\circlass.sys C:\windows\System32\drivers\circlass.sys 45568 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: CLFS ImagePath: System32\CLFS.sys C:\windows\System32\CLFS.sys 367696 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: clr_optimization_v2.0.50727_32 ImagePath: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 66384 bytes Created: 13.07.2009 22:46 Modified: 10.06.2009 23:23 Company: Microsoft Corporation ---------- Key: clr_optimization_v2.0.50727_64 ImagePath: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 89920 bytes Created: 13.07.2009 22:37 Modified: 10.06.2009 22:39 Company: Microsoft Corporation ---------- Key: clr_optimization_v4.0.30319_32 ImagePath: C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 130384 bytes Created: 18.03.2010 13:16 Modified: 18.03.2010 13:16 Company: Microsoft Corporation ---------- Key: clr_optimization_v4.0.30319_64 ImagePath: C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 138576 bytes Created: 18.03.2010 14:27 Modified: 18.03.2010 14:27 Company: Microsoft Corporation ---------- Key: clwvd ImagePath: system32\DRIVERS\clwvd.sys C:\windows\System32\DRIVERS\clwvd.sys 31088 bytes Created: 10.11.2010 01:04 Modified: 10.11.2010 01:04 Company: CyberLink Corporation ---------- Key: CmBatt ImagePath: system32\DRIVERS\CmBatt.sys C:\windows\System32\DRIVERS\CmBatt.sys 17664 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: cmdide ImagePath: \SystemRoot\system32\drivers\cmdide.sys C:\windows\System32\drivers\cmdide.sys 17488 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: CMD Technology, Inc. ---------- Key: CNG ImagePath: System32\Drivers\cng.sys C:\windows\System32\Drivers\cng.sys 458704 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:50 Company: Microsoft Corporation ---------- Key: Compbatt ImagePath: system32\DRIVERS\compbatt.sys C:\windows\System32\DRIVERS\compbatt.sys 21584 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: CompositeBus ImagePath: system32\DRIVERS\CompositeBus.sys C:\windows\System32\DRIVERS\CompositeBus.sys 38912 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: COMSysApp ImagePath: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} C:\windows\System32\dllhost.exe 9728 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: crcdisk ImagePath: \SystemRoot\system32\drivers\crcdisk.sys C:\windows\System32\drivers\crcdisk.sys 24144 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: cvhsvc ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 822624 bytes Created: 04.01.2012 15:22 Modified: 04.01.2012 15:22 Company: Microsoft Corporation ---------- Key: DfsC ImagePath: System32\Drivers\dfsc.sys C:\windows\System32\Drivers\dfsc.sys 102400 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: discache ImagePath: System32\drivers\discache.sys C:\windows\System32\drivers\discache.sys 40448 bytes Created: 14.07.2009 01:37 Modified: 14.07.2009 01:37 Company: Microsoft Corporation ---------- Key: Disk ImagePath: system32\drivers\disk.sys C:\windows\System32\drivers\disk.sys 73280 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: drmkaud ImagePath: system32\drivers\drmkaud.sys C:\windows\System32\drivers\drmkaud.sys 5632 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: DXGKrnl ImagePath: \SystemRoot\System32\drivers\dxgkrnl.sys C:\windows\System32\drivers\dxgkrnl.sys 982912 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ebdrv ImagePath: \SystemRoot\system32\drivers\evbda.sys C:\windows\System32\drivers\evbda.sys 3286016 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: EFS ImagePath: %SystemRoot%\System32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: ehRecvr ImagePath: %systemroot%\ehome\ehRecvr.exe C:\windows\ehome\ehRecvr.exe 696832 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ehSched ImagePath: %systemroot%\ehome\ehsched.exe C:\windows\ehome\ehsched.exe 127488 bytes Created: 14.07.2009 02:24 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: elxstor ImagePath: \SystemRoot\system32\drivers\elxstor.sys C:\windows\System32\drivers\elxstor.sys 530496 bytes Created: 10.06.2009 22:36 Modified: 14.07.2009 03:47 Company: Emulex ---------- Key: ErrDev ImagePath: \SystemRoot\system32\drivers\errdev.sys C:\windows\System32\drivers\errdev.sys 9728 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: ETD ImagePath: system32\DRIVERS\ETD.sys C:\windows\System32\DRIVERS\ETD.sys 258896 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. ---------- Key: Fax ImagePath: %systemroot%\system32\fxssvc.exe C:\windows\System32\fxssvc.exe 689152 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: fdc ImagePath: \SystemRoot\system32\drivers\fdc.sys C:\windows\System32\drivers\fdc.sys 29696 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: FileInfo ImagePath: system32\drivers\fileinfo.sys C:\windows\System32\drivers\fileinfo.sys 70224 bytes Created: 14.07.2009 01:34 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: Filetrace ImagePath: system32\drivers\filetrace.sys C:\windows\System32\drivers\filetrace.sys 34304 bytes Created: 14.07.2009 01:25 Modified: 14.07.2009 01:25 Company: Microsoft Corporation ---------- Key: flpydisk ImagePath: \SystemRoot\system32\drivers\flpydisk.sys C:\windows\System32\drivers\flpydisk.sys 24576 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: FltMgr ImagePath: system32\drivers\fltmgr.sys C:\windows\System32\drivers\fltmgr.sys 289664 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: FontCache3.0.0.0 ImagePath: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 42856 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: FsDepends ImagePath: System32\drivers\FsDepends.sys C:\windows\System32\drivers\FsDepends.sys 55376 bytes Created: 14.07.2009 01:26 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: fvevol ImagePath: System32\DRIVERS\fvevol.sys C:\windows\System32\DRIVERS\fvevol.sys 223248 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: gagp30kx ImagePath: \SystemRoot\system32\drivers\gagp30kx.sys C:\windows\System32\drivers\gagp30kx.sys 65088 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: GameConsoleService ImagePath: "C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe" C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe 246520 bytes Created: 03.06.2010 19:48 Modified: 03.06.2010 19:48 Company: WildTangent, Inc. ---------- Key: GEARAspiWDM ImagePath: system32\DRIVERS\GEARAspiWDM.sys C:\windows\System32\DRIVERS\GEARAspiWDM.sys 34152 bytes Created: 14.08.2012 23:12 Modified: 18.05.2009 13:17 Company: GEAR Software Inc. ---------- Key: hcw85cir ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys C:\windows\System32\drivers\hcw85cir.sys 31232 bytes Created: 14.07.2009 00:53 Modified: 10.06.2009 22:31 Company: Hauppauge Computer Works, Inc. ---------- Key: HdAudAddService ImagePath: system32\drivers\HdAudio.sys C:\windows\System32\drivers\HdAudio.sys 350208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HDAudBus ImagePath: system32\DRIVERS\HDAudBus.sys C:\windows\System32\DRIVERS\HDAudBus.sys 122368 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HidBatt ImagePath: \SystemRoot\system32\drivers\HidBatt.sys C:\windows\System32\drivers\HidBatt.sys 26624 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: HidBth ImagePath: \SystemRoot\system32\drivers\hidbth.sys C:\windows\System32\drivers\hidbth.sys 100864 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: HidIr ImagePath: \SystemRoot\system32\drivers\hidir.sys C:\windows\System32\drivers\hidir.sys 46592 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: HidUsb ImagePath: system32\DRIVERS\hidusb.sys C:\windows\System32\DRIVERS\hidusb.sys 30208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HpSAMD ImagePath: \SystemRoot\system32\drivers\HpSAMD.sys C:\windows\System32\drivers\HpSAMD.sys 78720 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Hewlett-Packard Company ---------- Key: HTTP ImagePath: system32\drivers\HTTP.sys C:\windows\System32\drivers\HTTP.sys 753664 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: hwpolicy ImagePath: System32\drivers\hwpolicy.sys C:\windows\System32\drivers\hwpolicy.sys 14720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: i8042prt ImagePath: system32\DRIVERS\i8042prt.sys C:\windows\System32\DRIVERS\i8042prt.sys 105472 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: iaStor ImagePath: system32\DRIVERS\iaStor.sys C:\windows\System32\DRIVERS\iaStor.sys 437272 bytes Created: 09.06.2011 08:05 Modified: 13.09.2010 11:24 Company: Intel Corporation ---------- Key: iaStorV ImagePath: \SystemRoot\system32\drivers\iaStorV.sys C:\windows\System32\drivers\iaStorV.sys 410496 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Intel Corporation ---------- Key: idsvc ImagePath: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 856400 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: igfx ImagePath: system32\DRIVERS\igdkmd64.sys C:\windows\System32\DRIVERS\igdkmd64.sys 12311904 bytes Created: 10.01.2012 14:28 Modified: 10.01.2012 14:28 Company: Intel Corporation ---------- Key: iirsp ImagePath: \SystemRoot\system32\drivers\iirsp.sys C:\windows\System32\drivers\iirsp.sys 44112 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: Intel Corp./ICP vortex GmbH ---------- Key: IntcAzAudAddService ImagePath: system32\drivers\RTKVHD64.sys C:\windows\System32\drivers\RTKVHD64.sys 2881256 bytes Created: 09.06.2011 08:08 Modified: 25.05.2011 06:34 Company: Realtek Semiconductor Corp. ---------- Key: IntcDAud ImagePath: system32\DRIVERS\IntcDAud.sys C:\windows\System32\DRIVERS\IntcDAud.sys 317440 bytes Created: 23.08.2011 05:12 Modified: 23.08.2011 05:12 Company: Intel(R) Corporation ---------- Key: intelide ImagePath: \SystemRoot\system32\drivers\intelide.sys C:\windows\System32\drivers\intelide.sys 16960 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: intelppm ImagePath: system32\DRIVERS\intelppm.sys C:\windows\System32\DRIVERS\intelppm.sys 62464 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: IpFilterDriver ImagePath: system32\DRIVERS\ipfltdrv.sys C:\windows\System32\DRIVERS\ipfltdrv.sys 82944 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: IPMIDRV ImagePath: \SystemRoot\system32\drivers\IPMIDrv.sys C:\windows\System32\drivers\IPMIDrv.sys 78848 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: IPNAT ImagePath: System32\drivers\ipnat.sys C:\windows\System32\drivers\ipnat.sys 116224 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: iPod Service ImagePath: "C:\Program Files\iPod\bin\iPodService.exe" C:\Program Files\iPod\bin\iPodService.exe 936848 bytes Created: 07.06.2012 19:33 Modified: 07.06.2012 19:33 Company: Apple Inc. ---------- Key: IRENUM ImagePath: system32\drivers\irenum.sys C:\windows\System32\drivers\irenum.sys 17920 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: isapnp ImagePath: \SystemRoot\system32\drivers\isapnp.sys C:\windows\System32\drivers\isapnp.sys 20544 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: iScsiPrt ImagePath: \SystemRoot\system32\drivers\msiscsi.sys C:\windows\System32\drivers\msiscsi.sys 273792 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: IT9135BDA ImagePath: System32\Drivers\IT9135BDA.sys C:\windows\System32\Drivers\IT9135BDA.sys 113280 bytes Created: 03.02.2010 10:05 Modified: 03.02.2010 10:05 Company: ITE ---------- Key: kbdclass ImagePath: system32\DRIVERS\kbdclass.sys C:\windows\System32\DRIVERS\kbdclass.sys 50768 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: kbdhid ImagePath: \SystemRoot\system32\drivers\kbdhid.sys C:\windows\System32\drivers\kbdhid.sys 33280 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: KeyIso ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: KSecDD ImagePath: System32\Drivers\ksecdd.sys C:\windows\System32\Drivers\ksecdd.sys 95600 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:48 Company: Microsoft Corporation ---------- Key: KSecPkg ImagePath: System32\Drivers\ksecpkg.sys C:\windows\System32\Drivers\ksecpkg.sys 151920 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:48 Company: Microsoft Corporation ---------- Key: ksthunk ImagePath: \SystemRoot\system32\drivers\ksthunk.sys C:\windows\System32\drivers\ksthunk.sys 20992 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: lltdio ImagePath: system32\DRIVERS\lltdio.sys C:\windows\System32\DRIVERS\lltdio.sys 60928 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: LMS ImagePath: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 326424 bytes Created: 09.06.2011 08:05 Modified: 05.05.2011 14:44 Company: Intel Corporation ---------- Key: LSI_FC ImagePath: \SystemRoot\system32\drivers\lsi_fc.sys C:\windows\System32\drivers\lsi_fc.sys 114752 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SAS ImagePath: \SystemRoot\system32\drivers\lsi_sas.sys C:\windows\System32\drivers\lsi_sas.sys 106560 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SAS2 ImagePath: \SystemRoot\system32\drivers\lsi_sas2.sys C:\windows\System32\drivers\lsi_sas2.sys 65600 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SCSI ImagePath: \SystemRoot\system32\drivers\lsi_scsi.sys C:\windows\System32\drivers\lsi_scsi.sys 115776 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: luafv ImagePath: \SystemRoot\system32\drivers\luafv.sys C:\windows\System32\drivers\luafv.sys 113152 bytes Created: 14.07.2009 01:26 Modified: 14.07.2009 01:26 Company: Microsoft Corporation ---------- Key: MBAMProtector ImagePath: \??\C:\windows\system32\drivers\mbam.sys C:\windows\System32\drivers\mbam.sys 25928 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: MBAMScheduler ImagePath: "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 399432 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: MBAMService ImagePath: "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 676936 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: McComponentHostService ImagePath: "C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe" C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe 237008 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. ---------- Key: megasas ImagePath: \SystemRoot\system32\drivers\megasas.sys C:\windows\System32\drivers\megasas.sys 35392 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: MegaSR ImagePath: \SystemRoot\system32\drivers\MegaSR.sys C:\windows\System32\drivers\MegaSR.sys 284736 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation, Inc. ---------- Key: MEIx64 ImagePath: system32\DRIVERS\HECIx64.sys C:\windows\System32\DRIVERS\HECIx64.sys 56344 bytes Created: 09.06.2011 23:17 Modified: 20.10.2010 18:34 Company: Intel Corporation ---------- Key: Modem ImagePath: system32\drivers\modem.sys C:\windows\System32\drivers\modem.sys 40448 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: monitor ImagePath: system32\DRIVERS\monitor.sys C:\windows\System32\DRIVERS\monitor.sys 30208 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: mouclass ImagePath: system32\DRIVERS\mouclass.sys C:\windows\System32\DRIVERS\mouclass.sys 49216 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: mouhid ImagePath: system32\DRIVERS\mouhid.sys C:\windows\System32\DRIVERS\mouhid.sys 31232 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: mountmgr ImagePath: System32\drivers\mountmgr.sys C:\windows\System32\drivers\mountmgr.sys 94592 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: MozillaMaintenance ImagePath: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 114144 bytes Created: 14.09.2012 00:20 Modified: 06.09.2012 03:25 Company: Mozilla Foundation ---------- Key: mpio ImagePath: \SystemRoot\system32\drivers\mpio.sys C:\windows\System32\drivers\mpio.sys 155008 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: mpsdrv ImagePath: System32\drivers\mpsdrv.sys C:\windows\System32\drivers\mpsdrv.sys 77312 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: MRxDAV ImagePath: \SystemRoot\system32\drivers\mrxdav.sys C:\windows\System32\drivers\mrxdav.sys 140800 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: mrxsmb ImagePath: system32\DRIVERS\mrxsmb.sys C:\windows\System32\DRIVERS\mrxsmb.sys 158208 bytes Created: 30.08.2011 17:47 Modified: 27.04.2011 04:40 Company: Microsoft Corporation ---------- Key: mrxsmb10 ImagePath: system32\DRIVERS\mrxsmb10.sys C:\windows\System32\DRIVERS\mrxsmb10.sys 288768 bytes Created: 30.08.2011 17:47 Modified: 09.07.2011 04:46 Company: Microsoft Corporation ---------- Key: mrxsmb20 ImagePath: system32\DRIVERS\mrxsmb20.sys C:\windows\System32\DRIVERS\mrxsmb20.sys 128000 bytes Created: 30.08.2011 17:47 Modified: 27.04.2011 04:39 Company: Microsoft Corporation ---------- Key: msahci ImagePath: system32\drivers\msahci.sys C:\windows\System32\drivers\msahci.sys 31104 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: msdsm ImagePath: \SystemRoot\system32\drivers\msdsm.sys C:\windows\System32\drivers\msdsm.sys 140672 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: MSDTC ImagePath: %SystemRoot%\System32\msdtc.exe C:\windows\System32\msdtc.exe 141824 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: mshidkmdf ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys C:\windows\System32\drivers\mshidkmdf.sys 8192 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: msisadrv ImagePath: system32\drivers\msisadrv.sys C:\windows\System32\drivers\msisadrv.sys 15424 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: msiserver ImagePath: %systemroot%\system32\msiexec.exe /V C:\windows\System32\msiexec.exe 128000 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: MSKSSRV ImagePath: system32\drivers\MSKSSRV.sys C:\windows\System32\drivers\MSKSSRV.sys 11136 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MSPCLOCK ImagePath: system32\drivers\MSPCLOCK.sys C:\windows\System32\drivers\MSPCLOCK.sys 7168 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MSPQM ImagePath: system32\drivers\MSPQM.sys C:\windows\System32\drivers\MSPQM.sys 6784 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: mssmbios ImagePath: system32\DRIVERS\mssmbios.sys C:\windows\System32\DRIVERS\mssmbios.sys 32320 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: MSTEE ImagePath: system32\drivers\MSTEE.sys C:\windows\System32\drivers\MSTEE.sys 8064 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MTConfig ImagePath: \SystemRoot\system32\drivers\MTConfig.sys C:\windows\System32\drivers\MTConfig.sys 15360 bytes Created: 14.07.2009 02:02 Modified: 14.07.2009 02:02 Company: Microsoft Corporation ---------- Key: Mup ImagePath: System32\Drivers\mup.sys C:\windows\System32\Drivers\mup.sys 60496 bytes Created: 14.07.2009 01:23 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: NativeWifiP ImagePath: system32\DRIVERS\nwifi.sys C:\windows\System32\DRIVERS\nwifi.sys 318976 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: NDIS ImagePath: system32\drivers\ndis.sys C:\windows\System32\drivers\ndis.sys 950128 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: NdisCap ImagePath: system32\DRIVERS\ndiscap.sys C:\windows\System32\DRIVERS\ndiscap.sys 35328 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: NdisTapi ImagePath: system32\DRIVERS\ndistapi.sys C:\windows\System32\DRIVERS\ndistapi.sys 24064 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: Ndisuio ImagePath: system32\DRIVERS\ndisuio.sys C:\windows\System32\DRIVERS\ndisuio.sys 56832 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: NdisWan ImagePath: system32\DRIVERS\ndiswan.sys C:\windows\System32\DRIVERS\ndiswan.sys 164352 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: NetBIOS ImagePath: system32\DRIVERS\netbios.sys C:\windows\System32\DRIVERS\netbios.sys 44544 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: NetBT ImagePath: System32\DRIVERS\netbt.sys C:\windows\System32\DRIVERS\netbt.sys 261632 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: Netlogon ImagePath: %systemroot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: NETwNs64 ImagePath: system32\DRIVERS\NETwNs64.sys C:\windows\System32\DRIVERS\NETwNs64.sys 11417088 bytes Created: 01.12.2011 22:51 Modified: 01.12.2011 22:51 Company: Intel Corporation ---------- Key: nfrd960 ImagePath: \SystemRoot\system32\drivers\nfrd960.sys C:\windows\System32\drivers\nfrd960.sys 51264 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: IBM Corporation ---------- Key: nmwcd ImagePath: system32\drivers\ccdcmbx64.sys C:\windows\System32\drivers\ccdcmbx64.sys 19968 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: nmwcdc ImagePath: system32\drivers\ccdcmbox64.sys C:\windows\System32\drivers\ccdcmbox64.sys 27136 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: NOBU ImagePath: "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 2804568 bytes Created: 01.06.2010 15:31 Modified: 01.06.2010 15:31 Company: Symantec Corporation ---------- Key: nsiproxy ImagePath: system32\drivers\nsiproxy.sys C:\windows\System32\drivers\nsiproxy.sys 24576 bytes Created: 14.07.2009 01:21 Modified: 14.07.2009 01:21 Company: Microsoft Corporation ---------- Key: nvlddmkm ImagePath: system32\DRIVERS\nvlddmkm.sys C:\windows\System32\DRIVERS\nvlddmkm.sys 13042408 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nvpciflt ImagePath: system32\DRIVERS\nvpciflt.sys C:\windows\System32\DRIVERS\nvpciflt.sys 25960 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nvraid ImagePath: \SystemRoot\system32\drivers\nvraid.sys C:\windows\System32\drivers\nvraid.sys 148352 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: NVIDIA Corporation ---------- Key: nvstor ImagePath: \SystemRoot\system32\drivers\nvstor.sys C:\windows\System32\drivers\nvstor.sys 166272 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: NVIDIA Corporation ---------- Key: NVSvc ImagePath: %SystemRoot%\system32\nvvsvc.exe C:\windows\System32\nvvsvc.exe 993896 bytes Created: 17.01.2011 04:07 Modified: 17.01.2011 04:07 Company: NVIDIA Corporation ---------- Key: nvUpdatusService ImagePath: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 2009704 bytes Created: 09.06.2011 08:07 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nv_agp ImagePath: \SystemRoot\system32\drivers\nv_agp.sys C:\windows\System32\drivers\nv_agp.sys 122960 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: ohci1394 ImagePath: \SystemRoot\system32\drivers\ohci1394.sys C:\windows\System32\drivers\ohci1394.sys 72832 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: ose ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 149352 bytes Created: 09.01.2010 21:18 Modified: 09.01.2010 21:18 Company: Microsoft Corporation ---------- Key: osppsvc ImagePath: "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 4925184 bytes Created: 09.01.2010 21:34 Modified: 09.01.2010 21:34 Company: Microsoft Corporation ---------- Key: Parport ImagePath: \SystemRoot\system32\drivers\parport.sys C:\windows\System32\drivers\parport.sys 97280 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: partmgr ImagePath: System32\drivers\partmgr.sys C:\windows\System32\drivers\partmgr.sys 75120 bytes Created: 09.05.2012 19:25 Modified: 17.03.2012 09:58 Company: Microsoft Corporation ---------- Key: pccsmcfd ImagePath: system32\DRIVERS\pccsmcfdx64.sys C:\windows\System32\DRIVERS\pccsmcfdx64.sys 26112 bytes Created: 19.12.2011 23:08 Modified: 27.06.2012 15:18 Company: Nokia ---------- Key: pci ImagePath: system32\drivers\pci.sys C:\windows\System32\drivers\pci.sys 184704 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: pciide ImagePath: \SystemRoot\system32\drivers\pciide.sys C:\windows\System32\drivers\pciide.sys 12352 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: pcmcia ImagePath: \SystemRoot\system32\drivers\pcmcia.sys C:\windows\System32\drivers\pcmcia.sys 220752 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: pcw ImagePath: System32\drivers\pcw.sys C:\windows\System32\drivers\pcw.sys 50768 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: PEAUTH ImagePath: system32\drivers\peauth.sys C:\windows\System32\drivers\peauth.sys 651264 bytes Created: 14.07.2009 01:51 Modified: 14.07.2009 03:01 Company: Microsoft Corporation ---------- Key: PerfHost ImagePath: %SystemRoot%\SysWow64\perfhost.exe C:\windows\SysWow64\perfhost.exe 20992 bytes Created: 14.07.2009 01:11 Modified: 14.07.2009 03:14 Company: Microsoft Corporation ---------- Key: PptpMiniport ImagePath: system32\DRIVERS\raspptp.sys C:\windows\System32\DRIVERS\raspptp.sys 111104 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Processor ImagePath: \SystemRoot\system32\drivers\processr.sys C:\windows\System32\drivers\processr.sys 60416 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: ProtectedStorage ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: Psched ImagePath: system32\DRIVERS\pacer.sys C:\windows\System32\DRIVERS\pacer.sys 131584 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ql2300 ImagePath: \SystemRoot\system32\drivers\ql2300.sys C:\windows\System32\drivers\ql2300.sys 1524816 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: QLogic Corporation ---------- Key: ql40xx ImagePath: \SystemRoot\system32\drivers\ql40xx.sys C:\windows\System32\drivers\ql40xx.sys 128592 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: QLogic Corporation ---------- Key: QWAVEdrv ImagePath: \SystemRoot\system32\drivers\qwavedrv.sys C:\windows\System32\drivers\qwavedrv.sys 46592 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: RasAcd ImagePath: System32\DRIVERS\rasacd.sys C:\windows\System32\DRIVERS\rasacd.sys 14848 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: RasAgileVpn ImagePath: system32\DRIVERS\AgileVpn.sys C:\windows\System32\DRIVERS\AgileVpn.sys 60416 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: Rasl2tp ImagePath: system32\DRIVERS\rasl2tp.sys C:\windows\System32\DRIVERS\rasl2tp.sys 129536 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: RasPppoe ImagePath: system32\DRIVERS\raspppoe.sys C:\windows\System32\DRIVERS\raspppoe.sys 92672 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: RasSstp ImagePath: system32\DRIVERS\rassstp.sys C:\windows\System32\DRIVERS\rassstp.sys 83968 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: rdbss ImagePath: system32\DRIVERS\rdbss.sys C:\windows\System32\DRIVERS\rdbss.sys 309248 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: rdpbus ImagePath: \SystemRoot\system32\drivers\rdpbus.sys C:\windows\System32\drivers\rdpbus.sys 24064 bytes Created: 14.07.2009 02:17 Modified: 14.07.2009 02:17 Company: Microsoft Corporation ---------- Key: RDPCDD ImagePath: System32\DRIVERS\RDPCDD.sys C:\windows\System32\DRIVERS\RDPCDD.sys 7680 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: RDPENCDD ImagePath: system32\drivers\rdpencdd.sys C:\windows\System32\drivers\rdpencdd.sys 7680 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: RDPREFMP ImagePath: system32\drivers\rdprefmp.sys C:\windows\System32\drivers\rdprefmp.sys 8192 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: rdyboost ImagePath: System32\drivers\rdyboost.sys C:\windows\System32\drivers\rdyboost.sys 213888 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: RFCOMM ImagePath: system32\DRIVERS\rfcomm.sys C:\windows\System32\DRIVERS\rfcomm.sys 158720 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: RichVideo ImagePath: "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 244904 bytes Created: 09.06.2011 08:27 Modified: 01.12.2009 09:21 Company: ---------- Key: RpcLocator ImagePath: %SystemRoot%\system32\locator.exe C:\windows\System32\locator.exe 10240 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: rspndr ImagePath: system32\DRIVERS\rspndr.sys C:\windows\System32\DRIVERS\rspndr.sys 76800 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: RTL8167 ImagePath: system32\DRIVERS\Rt64win7.sys C:\windows\System32\DRIVERS\Rt64win7.sys 471144 bytes Created: 09.06.2011 08:09 Modified: 22.04.2011 12:17 Company: Realtek ---------- Key: rtport ImagePath: \??\C:\windows\SysWOW64\drivers\rtport.sys C:\windows\SysWOW64\drivers\rtport.sys 15144 bytes Created: 28.07.2011 03:48 Modified: 28.07.2011 03:48 Company: Windows (R) 2003 DDK 3790 provider ---------- Key: SABI ImagePath: \??\C:\windows\system32\Drivers\SABI.sys C:\windows\System32\Drivers\SABI.sys 13824 bytes Created: 09.06.2011 08:12 Modified: 28.05.2009 08:38 Company: SAMSUNG ELECTRONICS ---------- Key: SamSs ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: Samsung UPD Service ImagePath: "C:\windows\System32\SUPDSvc.exe" C:\windows\System32\SUPDSvc.exe 166704 bytes Created: 09.06.2011 23:20 Modified: 09.08.2010 21:04 Company: Samsung Electronics CO., LTD. ---------- Key: sbp2port ImagePath: \SystemRoot\system32\drivers\sbp2port.sys C:\windows\System32\drivers\sbp2port.sys 103808 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: SBSDWSCService ImagePath: C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 1153368 bytes Created: 29.08.2011 18:34 Modified: 26.01.2009 15:31 Company: Safer Networking Ltd. ---------- Key: scfilter ImagePath: System32\DRIVERS\scfilter.sys C:\windows\System32\DRIVERS\scfilter.sys 29696 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Serenum ImagePath: \SystemRoot\system32\drivers\serenum.sys C:\windows\System32\drivers\serenum.sys 23552 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: Serial ImagePath: \SystemRoot\system32\drivers\serial.sys C:\windows\System32\drivers\serial.sys 94208 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: sermouse ImagePath: \SystemRoot\system32\drivers\sermouse.sys C:\windows\System32\drivers\sermouse.sys 26624 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: ServiceLayer ImagePath: "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 724888 bytes Created: 01.08.2012 16:07 Modified: 01.08.2012 16:07 Company: Nokia ---------- Key: sffdisk ImagePath: \SystemRoot\system32\drivers\sffdisk.sys C:\windows\System32\drivers\sffdisk.sys 14336 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: sffp_mmc ImagePath: \SystemRoot\system32\drivers\sffp_mmc.sys C:\windows\System32\drivers\sffp_mmc.sys 13824 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: sffp_sd ImagePath: \SystemRoot\system32\drivers\sffp_sd.sys C:\windows\System32\drivers\sffp_sd.sys 14336 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: sfloppy ImagePath: \SystemRoot\system32\drivers\sfloppy.sys C:\windows\System32\drivers\sfloppy.sys 16896 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: Sftfs ImagePath: system32\DRIVERS\Sftfslh.sys C:\windows\System32\DRIVERS\Sftfslh.sys 764264 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: sftlist ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 508776 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftplay ImagePath: system32\DRIVERS\Sftplaylh.sys C:\windows\System32\DRIVERS\Sftplaylh.sys 268648 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftredir ImagePath: system32\DRIVERS\Sftredirlh.sys C:\windows\System32\DRIVERS\Sftredirlh.sys 25960 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftvol ImagePath: system32\DRIVERS\Sftvollh.sys C:\windows\System32\DRIVERS\Sftvollh.sys 22376 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: sftvsa ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 219496 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: SiSRaid2 ImagePath: \SystemRoot\system32\drivers\SiSRaid2.sys C:\windows\System32\drivers\SiSRaid2.sys 43584 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: Silicon Integrated Systems Corp. ---------- Key: SiSRaid4 ImagePath: \SystemRoot\system32\drivers\sisraid4.sys C:\windows\System32\drivers\sisraid4.sys 80464 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: Silicon Integrated Systems ---------- Key: SkypeUpdate ImagePath: "C:\Program Files (x86)\Skype\Updater\Updater.exe" C:\Program Files (x86)\Skype\Updater\Updater.exe -R- 160944 bytes Created: 13.07.2012 13:28 Modified: 13.07.2012 13:28 Company: Skype Technologies ---------- Key: Smb ImagePath: system32\DRIVERS\smb.sys C:\windows\System32\DRIVERS\smb.sys 93184 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: SNMPTRAP ImagePath: %SystemRoot%\System32\snmptrap.exe C:\windows\System32\snmptrap.exe 14336 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: Spooler ImagePath: %SystemRoot%\System32\spoolsv.exe C:\windows\System32\spoolsv.exe 559104 bytes Created: 15.08.2012 18:11 Modified: 11.02.2012 08:36 Company: Microsoft Corporation ---------- Key: sppsvc ImagePath: %SystemRoot%\system32\sppsvc.exe C:\windows\System32\sppsvc.exe 3524608 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: srv ImagePath: System32\DRIVERS\srv.sys C:\windows\System32\DRIVERS\srv.sys 467456 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:06 Company: Microsoft Corporation ---------- Key: srv2 ImagePath: System32\DRIVERS\srv2.sys C:\windows\System32\DRIVERS\srv2.sys 410112 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:05 Company: Microsoft Corporation ---------- Key: srvnet ImagePath: System32\DRIVERS\srvnet.sys C:\windows\System32\DRIVERS\srvnet.sys 168448 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:05 Company: Microsoft Corporation ---------- Key: stexstor ImagePath: \SystemRoot\system32\drivers\stexstor.sys C:\windows\System32\drivers\stexstor.sys 24656 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: Promise Technology ---------- Key: StillCam ImagePath: system32\DRIVERS\serscan.sys C:\windows\System32\DRIVERS\serscan.sys 12288 bytes Created: 14.07.2009 02:35 Modified: 14.07.2009 02:35 Company: Microsoft Corporation ---------- Key: swenum ImagePath: system32\DRIVERS\swenum.sys C:\windows\System32\DRIVERS\swenum.sys 12496 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: Tcpip ImagePath: System32\drivers\tcpip.sys C:\windows\System32\drivers\tcpip.sys 1913200 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: TCPIP6 ImagePath: system32\DRIVERS\tcpip.sys C:\windows\System32\DRIVERS\tcpip.sys 1913200 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: tcpipreg ImagePath: System32\drivers\tcpipreg.sys C:\windows\System32\drivers\tcpipreg.sys 45056 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TDPIPE ImagePath: system32\drivers\tdpipe.sys C:\windows\System32\drivers\tdpipe.sys 15872 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: TDTCP ImagePath: system32\drivers\tdtcp.sys C:\windows\System32\drivers\tdtcp.sys 23552 bytes Created: 14.03.2012 19:26 Modified: 17.02.2012 06:57 Company: Microsoft Corporation ---------- Key: tdx ImagePath: system32\DRIVERS\tdx.sys C:\windows\System32\DRIVERS\tdx.sys 119296 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TermDD ImagePath: system32\DRIVERS\termdd.sys C:\windows\System32\DRIVERS\termdd.sys 63360 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TrustedInstaller ImagePath: %SystemRoot%\servicing\TrustedInstaller.exe C:\windows\servicing\TrustedInstaller.exe 194048 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: tssecsrv ImagePath: System32\DRIVERS\tssecsrv.sys C:\windows\System32\DRIVERS\tssecsrv.sys 39424 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TsUsbFlt ImagePath: system32\drivers\tsusbflt.sys C:\windows\System32\drivers\tsusbflt.sys 59392 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TsUsbGD ImagePath: \SystemRoot\system32\drivers\TsUsbGD.sys C:\windows\System32\drivers\TsUsbGD.sys 31232 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: tunnel ImagePath: system32\DRIVERS\tunnel.sys C:\windows\System32\DRIVERS\tunnel.sys 125440 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TurboB ImagePath: system32\DRIVERS\TurboB.sys C:\windows\System32\DRIVERS\TurboB.sys 19192 bytes Created: 08.10.2010 02:23 Modified: 08.10.2010 02:23 Company: Intel(R) Corporation ---------- Key: TurboBoost ImagePath: "C:\Program Files\Intel\TurboBoost\TurboBoost.exe" C:\Program Files\Intel\TurboBoost\TurboBoost.exe 150016 bytes Created: 08.10.2010 02:24 Modified: 08.10.2010 02:24 Company: Intel(R) Corporation ---------- Key: uagp35 ImagePath: \SystemRoot\system32\drivers\uagp35.sys C:\windows\System32\drivers\uagp35.sys 64080 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: udfs ImagePath: system32\DRIVERS\udfs.sys C:\windows\System32\DRIVERS\udfs.sys 328192 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UI0Detect ImagePath: %SystemRoot%\system32\UI0Detect.exe C:\windows\System32\UI0Detect.exe 40960 bytes Created: 14.07.2009 01:52 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: uliagpkx ImagePath: \SystemRoot\system32\drivers\uliagpkx.sys C:\windows\System32\drivers\uliagpkx.sys 64592 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: umbus ImagePath: system32\DRIVERS\umbus.sys C:\windows\System32\DRIVERS\umbus.sys 48640 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UmPass ImagePath: \SystemRoot\system32\drivers\umpass.sys C:\windows\System32\drivers\umpass.sys 9728 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: UNS ImagePath: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 2656536 bytes Created: 09.06.2011 08:05 Modified: 05.05.2011 14:44 Company: Intel Corporation ---------- Key: upperdev ImagePath: system32\DRIVERS\usbser_lowerfltx64.sys C:\windows\System32\DRIVERS\usbser_lowerfltx64.sys 9216 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: USBAAPL64 ImagePath: System32\Drivers\usbaapl64.sys C:\windows\System32\Drivers\usbaapl64.sys 52736 bytes Created: 25.04.2012 12:11 Modified: 25.04.2012 12:11 Company: Apple, Inc. ---------- Key: usbccgp ImagePath: system32\DRIVERS\usbccgp.sys C:\windows\System32\DRIVERS\usbccgp.sys 98816 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbcir ImagePath: \SystemRoot\system32\drivers\usbcir.sys C:\windows\System32\drivers\usbcir.sys 100352 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: usbehci ImagePath: \SystemRoot\system32\drivers\usbehci.sys C:\windows\System32\drivers\usbehci.sys 52736 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbhub ImagePath: system32\DRIVERS\usbhub.sys C:\windows\System32\DRIVERS\usbhub.sys 343040 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbohci ImagePath: \SystemRoot\system32\drivers\usbohci.sys C:\windows\System32\drivers\usbohci.sys 25600 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbprint ImagePath: system32\DRIVERS\usbprint.sys C:\windows\System32\DRIVERS\usbprint.sys 25088 bytes Created: 14.07.2009 02:38 Modified: 14.07.2009 02:38 Company: Microsoft Corporation ---------- Key: usbscan ImagePath: system32\DRIVERS\usbscan.sys C:\windows\System32\DRIVERS\usbscan.sys 41984 bytes Created: 14.07.2009 02:35 Modified: 14.07.2009 02:35 Company: Microsoft Corporation ---------- Key: usbser ImagePath: system32\drivers\usbser.sys C:\windows\System32\drivers\usbser.sys 32768 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UsbserFilt ImagePath: system32\DRIVERS\usbser_lowerfltjx64.sys C:\windows\System32\DRIVERS\usbser_lowerfltjx64.sys 9216 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: USBSTOR ImagePath: system32\DRIVERS\USBSTOR.SYS C:\windows\System32\DRIVERS\USBSTOR.SYS 91648 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 06:37 Company: Microsoft Corporation ---------- Key: usbuhci ImagePath: \SystemRoot\system32\drivers\usbuhci.sys C:\windows\System32\drivers\usbuhci.sys 30720 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbvideo ImagePath: System32\Drivers\usbvideo.sys C:\windows\System32\Drivers\usbvideo.sys 184960 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: VaultSvc ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: vdrvroot ImagePath: system32\drivers\vdrvroot.sys C:\windows\System32\drivers\vdrvroot.sys 36432 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: vds ImagePath: %SystemRoot%\System32\vds.exe C:\windows\System32\vds.exe 533504 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vga ImagePath: system32\DRIVERS\vgapnp.sys C:\windows\System32\DRIVERS\vgapnp.sys 29184 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: VgaSave ImagePath: \SystemRoot\System32\drivers\vga.sys C:\windows\System32\drivers\vga.sys 29184 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: vhdmp ImagePath: \SystemRoot\system32\drivers\vhdmp.sys C:\windows\System32\drivers\vhdmp.sys 215936 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: viaide ImagePath: \SystemRoot\system32\drivers\viaide.sys C:\windows\System32\drivers\viaide.sys 17488 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: VIA Technologies, Inc. ---------- Key: volmgr ImagePath: system32\drivers\volmgr.sys C:\windows\System32\drivers\volmgr.sys 71552 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: volmgrx ImagePath: System32\drivers\volmgrx.sys C:\windows\System32\drivers\volmgrx.sys 363392 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: volsnap ImagePath: system32\drivers\volsnap.sys C:\windows\System32\drivers\volsnap.sys 295808 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vsmraid ImagePath: \SystemRoot\system32\drivers\vsmraid.sys C:\windows\System32\drivers\vsmraid.sys 161872 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: VIA Technologies Inc.,Ltd ---------- Key: VSS ImagePath: %systemroot%\system32\vssvc.exe C:\windows\System32\vssvc.exe 1600512 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vwifibus ImagePath: system32\DRIVERS\vwifibus.sys C:\windows\System32\DRIVERS\vwifibus.sys 24576 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: vwififlt ImagePath: system32\DRIVERS\vwififlt.sys C:\windows\System32\DRIVERS\vwififlt.sys 60416 bytes Created: 09.06.2011 08:42 Modified: 25.01.2011 11:34 Company: Microsoft Corporation ---------- Key: vwifimp ImagePath: system32\DRIVERS\vwifimp.sys C:\windows\System32\DRIVERS\vwifimp.sys 18432 bytes Created: 09.06.2011 08:42 Modified: 25.01.2011 11:34 Company: Microsoft Corporation ---------- Key: WacomPen ImagePath: \SystemRoot\system32\drivers\wacompen.sys C:\windows\System32\drivers\wacompen.sys 27776 bytes Created: 14.07.2009 02:02 Modified: 14.07.2009 02:02 Company: Microsoft Corporation ---------- Key: WANARP ImagePath: system32\DRIVERS\wanarp.sys C:\windows\System32\DRIVERS\wanarp.sys 88576 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Wanarpv6 ImagePath: system32\DRIVERS\wanarp.sys C:\windows\System32\DRIVERS\wanarp.sys 88576 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: wbengine ImagePath: "%systemroot%\system32\wbengine.exe" C:\windows\System32\wbengine.exe 1504256 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: Wd ImagePath: \SystemRoot\system32\drivers\wd.sys C:\windows\System32\drivers\wd.sys 21056 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: Wdf01000 ImagePath: system32\drivers\Wdf01000.sys C:\windows\System32\drivers\Wdf01000.sys 654928 bytes Created: 14.07.2009 01:22 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: WfpLwf ImagePath: system32\DRIVERS\wfplwf.sys C:\windows\System32\DRIVERS\wfplwf.sys 12800 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: WIMMount ImagePath: system32\drivers\wimmount.sys C:\windows\System32\drivers\wimmount.sys 22096 bytes Created: 14.07.2009 01:29 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: WinUsb ImagePath: system32\DRIVERS\WinUsb.sys C:\windows\System32\DRIVERS\WinUsb.sys 41984 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: wlcrasvc ImagePath: "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 57184 bytes Created: 22.09.2010 11:10 Modified: 22.09.2010 11:10 Company: Microsoft Corporation ---------- Key: wlidsvc ImagePath: "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2286976 bytes Created: 21.09.2010 07:49 Modified: 21.09.2010 07:49 Company: Microsoft Corp. ---------- Key: WmiAcpi ImagePath: system32\DRIVERS\wmiacpi.sys C:\windows\System32\DRIVERS\wmiacpi.sys 14336 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: wmiApSrv ImagePath: %systemroot%\system32\wbem\WmiApSrv.exe C:\windows\System32\wbem\WmiApSrv.exe 203264 bytes Created: 14.07.2009 01:47 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: WMPNetworkSvc ImagePath: "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" C:\Program Files\Windows Media Player\wmpnetwk.exe 1525248 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: ws2ifsl ImagePath: \SystemRoot\system32\drivers\ws2ifsl.sys C:\windows\System32\drivers\ws2ifsl.sys 21504 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: WSearch ImagePath: %systemroot%\system32\SearchIndexer.exe /Embedding C:\windows\System32\SearchIndexer.exe 591872 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation ---------- Key: WudfPf ImagePath: system32\drivers\WudfPf.sys C:\windows\System32\drivers\WudfPf.sys 112128 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: WUDFRd ImagePath: system32\DRIVERS\WUDFRd.sys C:\windows\System32\DRIVERS\WUDFRd.sys 172544 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- |
|
30.09.2012, 22:01
| #3 |
| | JS/TrojanDownloader.Iframe.NKE trojan/HTML/Fraud.BG trojan ************************************************************
__________________18:05:19: Scanning -----VXD ENTRIES----- ************************************************************ 18:05:19: Scanning ----- WINLOGON\NOTIFY DLLS ----- No WINLOGON\NOTIFY DLLs found to scan Rootkit scan of Winlogon\Notify key not possible [key may not exist] ************************************************************ 18:05:19: Scanning ----- CONTEXTMENUHANDLERS ----- Key: 7-Zip CLSID: {23170F69-40C1-278A-1000-000100020000} Path: C:\Program Files (x86)\7-Zip\7-zip.dll C:\Program Files (x86)\7-Zip\7-zip.dll 55808 bytes Created: 18.11.2010 18:08 Modified: 18.11.2010 18:08 Company: Igor Pavlov ---------- Key: Shell Extension for Malware scanning CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A} Path: C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll 2292176 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: WinRAR CLSID: {B41DB860-64E4-11D2-9906-E49FADC173CA} Path: C:\Program Files (x86)\WinRAR\rarext64.dll C:\Program Files (x86)\WinRAR\rarext64.dll 164864 bytes Created: 08.09.2011 22:01 Modified: 28.05.2011 22:05 Company: Alexander Roshal ---------- Key: WinRAR32 CLSID: {B41DB860-8EE4-11D2-9906-E49FADC173CA} Path: C:\Program Files (x86)\WinRAR\rarext.dll C:\Program Files (x86)\WinRAR\rarext.dll 140288 bytes Created: 08.09.2011 22:01 Modified: 28.05.2011 22:04 Company: Alexander Roshal ---------- ************************************************************ 18:05:20: Scanning ----- FOLDER\COLUMNHANDLERS ----- Key: {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} File: C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll - [file not found to scan] ---------- Key: {F9DB5320-233E-11D1-9F84-707F02C10627} File: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll 394168 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems, Inc. ---------- ************************************************************ 18:05:21: Scanning ----- BROWSER HELPER OBJECTS ----- Key: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} BHO: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 63944 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated ---------- Key: {53707962-6F74-2D53-2644-206D7942484F} BHO: C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll 1879896 bytes Created: 29.08.2011 18:34 Modified: 26.01.2009 15:31 Company: Safer Networking Limited ---------- Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} BHO: C:\Program Files (x86)\Java\jre7\bin\ssv.dll C:\Program Files (x86)\Java\jre7\bin\ssv.dll 449512 bytes Created: 04.09.2012 18:04 Modified: 04.09.2012 18:04 Company: Oracle Corporation ---------- Key: {9030D464-4C02-4ABF-8ECC-5164760863C6} BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 529280 bytes Created: 21.09.2010 07:54 Modified: 21.09.2010 07:54 Company: Microsoft Corp. ---------- Key: {AA609D72-8482-4076-8991-8CDAE5B93BCB} BHO: C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll 1973760 bytes Created: 09.06.2011 08:38 Modified: 25.10.2010 14:44 Company: Samsung Electronics Co., Ltd. ---------- Key: {DBC80044-A445-435b-BC74-9C25C1C588A9} BHO: C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll 157672 bytes Created: 04.09.2012 18:04 Modified: 04.09.2012 18:04 Company: Oracle Corporation ---------- ************************************************************ 18:05:22: Scanning ----- SHELLSERVICEOBJECTS ----- ************************************************************ 18:05:22: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----- No SharedTaskScheduler entries found to scan ************************************************************ 18:05:22: Scanning ----- IMAGEFILE DEBUGGERS ----- No "Debugger" entries found. ************************************************************ 18:05:22: Scanning ----- APPINIT_DLLS ----- AppInitDLLs entry = [C:\windows\SysWOW64\nvinit.dll] File: C:\windows\SysWOW64\nvinit.dll C:\windows\SysWOW64\nvinit.dll 192616 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- ************************************************************ 18:05:22: Scanning ----- SECURITY PROVIDER DLLS ----- ************************************************************ 18:05:22: Scanning ------ COMMON STARTUP GROUP ------ [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup] The Common Startup Group attempts to load the following file(s) at boot time: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -HS- 174 bytes Created: 14.07.2009 06:54 Modified: 14.07.2009 06:54 Company: [no info] -------------------- McAfee Security Scan Plus.lnk - links to C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE 272528 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. -------------------- ************************************************************ 18:05:23: Scanning ----- USER STARTUP GROUPS ----- Checking Startup Group for: fabo [C:\Users\fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup] C:\Users\fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -HS- 174 bytes Created: 29.08.2011 16:24 Modified: 11.07.2012 20:55 Company: [no info] ---------- OpenOffice.org 3.4.lnk - links to C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE 1199104 bytes Created: 19.04.2012 07:41 Modified: 19.04.2012 07:41 Company: [no info] ---------- -------------------- ************************************************************ 18:05:23: Scanning ----- SCHEDULED TASKS ----- Taskname: Adobe Flash Player Updater File: C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 250288 bytes Created: 25.06.2012 21:23 Modified: 29.09.2012 21:21 Company: Adobe Systems Incorporated Schedule: At 01:21:00 every day Next Run Time: 30.09.2012 18:21:00 Status: Ready Creator: Adobe Systems Incorporated Comments: Mit diesem Task ist Ihre Flash Player-Installation immer aktuell und verwendet die neuesten Verbesserungen und Sicherheits-Fixes. Wenn dieser Task deaktiviert oder entfernt wird, kann Adobe Flash Player Ihren Computer nicht automatisch mit den neuesten Sicherheits-Fixes sichern. ---------- Taskname: advSRS5 File: C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe 4387632 bytes Created: 09.06.2011 08:35 Modified: 17.11.2010 10:24 Company: SEC Schedule: At logon Next Run Time: Status: Running Creator: SEC Comments: Samsung Recovery Solution 5 Scheduler ---------- Taskname: BatteryLifeExtender File: C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe 6619648 bytes Created: 18.12.2010 01:47 Modified: 18.12.2010 01:47 Company: Samsung Electronics. Co. Ltd. Parameters: /2 Schedule: At logon Next Run Time: Status: Ready Creator: sec Comments: ---------- Taskname: EasyBatteryManager File: C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe 362352 bytes Created: 09.06.2011 08:11 Modified: 20.07.2010 06:55 Company: SAMSUNG Electronics co., LTD. Schedule: At logon Next Run Time: Status: Ready Creator: Administrator Comments: ---------- Taskname: EasyDisplayMgr File: C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe 945232 bytes Created: 09.06.2011 08:37 Modified: 23.12.2010 08:07 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: EasyPartitionManager File: C:\Windows\MSetup\BA46-12225A02\EPM.exe Schedule: At logon Next Run Time: Status: Disabled Creator: Administrator Comments: C:\Windows\MSetup\BA46-12225A02\EPM.exe - [file not found to scan] ---------- Taskname: EasySpeedUpManager File: Multiple Parameters: /s Schedule: At logon Next Run Time: Status: Running Creator: Administrators Comments: Easy SpeedUp Manager Multiple - [file not found to scan] ---------- Taskname: HP Photo Creations Messager File: C:\ProgramData\HP Photo Creations\MessageCheck.exe C:\ProgramData\HP Photo Creations\MessageCheck.exe 153768 bytes Created: 15.02.2011 12:11 Modified: 15.02.2011 12:11 Company: [no info] Schedule: At 01:01:00 every day Next Run Time: 30.09.2012 19:01:00 Status: Ready Creator: fabo Comments: ---------- Taskname: HPCustParticipation HP Deskjet 3070 B611 series File: C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe 4238184 bytes Created: 08.06.2011 18:34 Modified: 08.06.2011 18:34 Company: Hewlett-Packard Co. Parameters: /UA 9.5 /DDV 0x0905 Schedule: At 22:27:00 on 25.04.2012 Next Run Time: 30.09.2012 18:27:00 Status: Ready Creator: fabo Comments: ---------- Taskname: hpUrlLauncher.exe_{A3CCEABE-12A2-4928-956D-02C9B3D94E36} File: C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\utils\hpUrlLauncher.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\utils\hpUrlLauncher.exe 199528 bytes Created: 08.06.2011 23:49 Modified: 08.06.2011 23:49 Company: Hewlett-Packard Co. Parameters: https://h30495.www3.hp.com/printers/add?jumpID=in_instKarnak5%2F&cc=de&modelName=HP%20Deskjet%203070%20B611%20series&serialNo=CN1AL470R5&serialNo_Extra=05MQ&modelID=CQ191B&serviceID=2211 2&invitation=no Schedule: Task not scheduled Next Run Time: Status: Ready Creator: Comments: ---------- Taskname: MirageAgent File: C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe 136488 bytes Created: 10.11.2010 01:03 Modified: 10.11.2010 01:03 Company: CyberLink Schedule: At logon Next Run Time: Status: Running Creator: CyberLink Comments: ---------- Taskname: MovieColorEnhancer File: C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe 775848 bytes Created: 09.06.2011 08:20 Modified: 29.11.2010 07:42 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: SamsungSupportCenter File: C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe 3398736 bytes Created: 04.09.2011 12:45 Modified: 04.09.2011 12:45 Company: SAMSUNG Electronics Schedule: At logon Next Run Time: Status: Running Creator: Administrators Comments: SamsungSupportCenter ---------- Taskname: SmartRestarter File: C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe 2996592 bytes Created: 09.06.2011 08:12 Modified: 05.08.2010 07:12 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: SUPBackground File: C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe 2783312 bytes Created: 09.06.2011 08:37 Modified: 20.12.2011 15:52 Company: Samsung Electronics Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: WifiManager File: C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe 7060560 bytes Created: 09.06.2011 08:37 Modified: 04.01.2011 15:06 Company: Samsung Electronics Co., Ltd. Parameters: hide Schedule: At logon Next Run Time: Status: Running Creator: ctype-PC\ctype Comments: ---------- ************************************************************ 18:05:28: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----- Key: SharingPrivate CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235} File: %SystemRoot%\system32\ntshrui.dll C:\windows\System32\ntshrui.dll 509952 bytes Created: 16.02.2012 23:34 Modified: 04.01.2012 12:44 Company: Microsoft Corporation ---------- ************************************************************ 18:05:28: Scanning ----- DEVICE DRIVER ENTRIES ----- Value: msacm.l3acm File: C:\Windows\SysWOW64\l3codeca.acm C:\Windows\SysWOW64\l3codeca.acm 64000 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 03:14 Company: Fraunhofer Institut Integrierte Schaltungen IIS ---------- Value: vidc.cvid File: iccvid.dll iccvid.dll - [file not found to scan] ---------- Value: msacm.siren File: sirenacm.dll sirenacm.dll - [file not found to scan] ---------- ************************************************************ 18:05:29: ----- ADDITIONAL CHECKS ----- Heuristic checks for hidden files/drivers completed ---------- Layered Service Provider entries checks completed ---------- Windows Explorer Policies checks completed ---------- Desktop Wallpaper: C:\Users\fabo\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp C:\Users\fabo\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp 5242934 bytes Created: 29.08.2011 19:16 Modified: 23.08.2012 08:49 Company: [no info] ---------- Web Desktop Wallpaper entry is blank ---------- Checks for rogue DNS NameServers completed ---------- Checks for Backdoor.ZeroAccess completed ---------- Additional checks completed ************************************************************ 18:05:45: Scanning ----- RUNNING PROCESSES ----- C:\windows\System32\smss.exe 112640 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\csrss.exe 7680 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\wininit.exe 129024 bytes Created: 14.07.2009 01:52 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\services.exe 328704 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\lsm.exe 343040 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation -------------------- C:\windows\System32\svchost.exe 27136 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\winlogon.exe 390656 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\windows\System32\taskeng.exe 464384 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 1196648 bytes Created: 17.01.2011 04:07 Modified: 17.01.2011 04:07 Company: NVIDIA Corporation -------------------- C:\windows\System32\taskhost.exe 69120 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 766536 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation -------------------- C:\windows\System32\dwm.exe 120320 bytes Created: 14.07.2009 01:37 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe 272528 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. -------------------- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe 10376704 bytes Created: 19.04.2012 08:57 Modified: 19.04.2012 08:57 Company: OpenOffice.org -------------------- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin 10368512 bytes Created: 19.04.2012 08:57 Modified: 19.04.2012 08:57 Company: OpenOffice.org -------------------- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe 248784 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG -------------------- C:\windows\System32\conhost.exe 338432 bytes Created: 30.08.2011 17:47 Modified: 24.06.2011 07:25 Company: Microsoft Corporation -------------------- C:\windows\System32\igfxext.exe 239896 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- C:\windows\System32\SearchIndexer.exe 591872 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation -------------------- C:\windows\System32\SearchProtocolHost.exe 249856 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe 220568 bytes Created: 01.08.2012 16:07 Modified: 01.08.2012 16:07 Company: Nokia -------------------- C:\Program Files\Elantech\ETDCtrlHelper.exe 2247504 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. -------------------- C:\windows\System32\wbem\WmiPrvSE.exe 372736 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe FileSize: 4766968 [This is a Trojan Remover component] -------------------- -------------------- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe 148888 bytes Created: 01.08.2012 16:06 Modified: 01.08.2012 16:06 Company: Nokia -------------------- C:\windows\System32\dllhost.exe 9728 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 222592 bytes Created: 21.09.2010 07:49 Modified: 21.09.2010 07:49 Company: Microsoft Corp. -------------------- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe 103720 bytes Created: 02.11.2009 07:21 Modified: 02.11.2009 07:21 Company: CyberLink -------------------- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe 87336 bytes Created: 20.09.2010 05:24 Modified: 20.09.2010 05:24 Company: CyberLink Corp. -------------------- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe 719360 bytes Created: 09.06.2011 08:23 Modified: 11.01.2011 08:31 Company: Samsung Electronics Co., Ltd. -------------------- C:\windows\System32\SearchFilterHost.exe 113664 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation -------------------- ************************************************************ 18:06:28: Checking HOSTS file No malicious entries were found in the HOSTS file ************************************************************ ------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------ HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page": ChatZum Search HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page": C:\Windows\SysWOW64\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page": Bing HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL": MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL": Bing HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page": HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page": C:\windows\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page": This value is blank HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL": Bing ************************************************************ === NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES === Scan completed at: 18:06:28 30 Sep 2012 Total Scan time: 00:02:09 ************************************************************ ***** NORMAL SCAN FOR ACTIVE MALWARE ***** Trojan Remover Ver 6.8.5.2611. For information, email support@simplysup.com [Unregistered version] Scan started at: 18:01:32 30 Sep 2012 Using Database v7962 Operating System: Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601] File System: NTFS UAC is ENABLED [default level] UserData directory: C:\Users\fabo\AppData\Roaming\Simply Super Software\Trojan Remover\ Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\ Logfile directory: C:\Users\fabo\Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files (x86)\Trojan Remover\ Running with Administrator privileges ************************************************************ 18:01:32: ----- CHECKING DEFAULT FILE ASSOCIATIONS ----- No modified default file associations detected ************************************************************ 18:01:32: ----- SCANNING FOR ROOTKIT SERVICES ----- No hidden Services were detected. ************************************************************ 18:01:33: Scanning -----WINDOWS REGISTRY----- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon This key's "Shell" value calls the following program(s): Key value: [explorer.exe] File: C:\windows\Explorer.exe C:\windows\Explorer.exe 2871808 bytes Created: 30.08.2011 17:48 Modified: 25.02.2011 08:19 Company: Microsoft Corporation ---------- This key's "Userinit" value calls the following program(s): Key value: [C:\Windows\system32\userinit.exe,] File: C:\Windows\system32\userinit.exe C:\windows\System32\userinit.exe 30720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: [avgnt] Value Data: ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 348664 bytes Created: 08.03.2012 19:27 Modified: 08.08.2012 18:26 Company: Avira Operations GmbH & Co. KG -------------------- Value Name: [HP Software Update] Value Data: [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 49208 bytes Created: 10.05.2011 02:41 Modified: 10.05.2011 02:41 Company: Hewlett-Packard -------------------- Value Name: [Adobe ARM] Value Data: ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 919008 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated -------------------- Value Name: [APSDaemon] Value Data: ["C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 59280 bytes Created: 30.05.2012 20:06 Modified: 30.05.2012 20:06 Company: Apple Inc. -------------------- Value Name: [iTunesHelper] Value Data: ["C:\Program Files (x86)\iTunes\iTunesHelper.exe"] C:\Program Files (x86)\iTunes\iTunesHelper.exe 421776 bytes Created: 07.06.2012 19:33 Modified: 07.06.2012 19:33 Company: Apple Inc. -------------------- Value Name: [Norton Online Backup] Value Data: [C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe 1155928 bytes Created: 01.06.2010 15:33 Modified: 01.06.2010 15:33 Company: Symantec Corporation -------------------- Value Name: [SunJavaUpdateSched] Value Data: ["C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 252848 bytes Created: 03.07.2012 09:04 Modified: 03.07.2012 09:04 Company: Sun Microsystems, Inc. -------------------- Value Name: [TrojanScanner] Value Data: [C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot] C:\Program Files (x86)\Trojan Remover\Trjscan.exe 1247504 bytes Created: 30.09.2012 17:53 Modified: 30.09.2012 17:54 Company: Simply Super Software -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run Value Name: [NokiaSuite.exe] Value Data: [C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe 1086376 bytes Created: 03.08.2012 16:06 Modified: 03.08.2012 16:06 Company: Nokia -------------------- Value Name: [BlazeServoTool] Value Data: ["C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe"] C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe - [file not found to scan] -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty ************************************************************ 18:01:34: Scanning -----WINDOWS 64 Bit REGISTRY----- -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: [RtHDVCpl] Value Data: [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 11855976 bytes Created: 09.06.2011 08:08 Modified: 19.05.2011 04:21 Company: Realtek Semiconductor -------------------- Value Name: [IgfxTray] Value Data: [C:\windows\system32\igfxtray.exe] C:\windows\System32\igfxtray.exe 167704 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [HotKeysCmds] Value Data: [C:\windows\system32\hkcmd.exe] C:\windows\System32\hkcmd.exe 392984 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [Persistence] Value Data: [C:\windows\system32\igfxpers.exe] C:\windows\System32\igfxpers.exe 417560 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [ETDCtrl] Value Data: [%ProgramFiles%\Elantech\ETDCtrl.exe] C:\Program Files\Elantech\ETDCtrl.exe 2817872 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty ************************************************************ 18:01:35: Scanning -----SHELLEXECUTEHOOKS----- ShellExecuteHooks key is empty ************************************************************ 18:01:35: Scanning -----HIDDEN REGISTRY ENTRIES----- Taskdir check completed ---------- No Hidden File-loading Registry Entries found ---------- ************************************************************ 18:01:35: Scanning -----ACTIVE SCREENSAVER----- No active ScreenSaver found to scan. ************************************************************ 18:01:35: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----- Key: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} Path: %SystemRoot%\system32\unregmp2.exe /ShowWMP C:\windows\System32\unregmp2.exe 323584 bytes Created: 14.07.2009 02:23 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: >{26923b43-4d38-484f-9b9e-de460746276c} Path: C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig C:\Windows\SysWOW64\ie4uinit.exe 74240 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} Path: "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP C:\Windows\SysWOW64\iedkcs32.dll 353584 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} Path: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll C:\windows\System32\themeui.dll 2851840 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} Path: "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE C:\Program Files (x86)\Windows Mail\WinMail.exe Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6} Path: %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI C:\windows\System32\unregmp2.exe 323584 bytes Created: 14.07.2009 02:23 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: {89820200-ECBD-11cf-8B85-00AA005B4340} Path: regsvr32.exe /s /n /i:U shell32.dll C:\windows\System32\shell32.dll 14172672 bytes Created: 10.07.2012 21:35 Modified: 09.06.2012 07:43 Company: Microsoft Corporation ---------- Key: {89820200-ECBD-11cf-8B85-00AA005B4383} Path: C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings C:\Windows\SysWOW64\ie4uinit.exe 74240 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: {89B4C1CD-B018-4511-B0A1-5476DBF70820} Path: C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install C:\Windows\SysWOW64\mscories.dll 80720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- ************************************************************ 18:01:36: Scanning ----- SERVICEDLL REGISTRY KEYS ----- ************************************************************ 18:01:40: Scanning ----- SERVICES REGISTRY KEYS ----- Key: 1394ohci ImagePath: \SystemRoot\system32\drivers\1394ohci.sys C:\windows\System32\drivers\1394ohci.sys 229888 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: ACPI ImagePath: system32\drivers\ACPI.sys C:\windows\System32\drivers\ACPI.sys 334208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: AcpiPmi ImagePath: \SystemRoot\system32\drivers\acpipmi.sys C:\windows\System32\drivers\acpipmi.sys 12800 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: AdobeARMservice ImagePath: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 63960 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated ---------- Key: AdobeFlashPlayerUpdateSvc ImagePath: C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 250288 bytes Created: 25.06.2012 21:23 Modified: 29.09.2012 21:21 Company: Adobe Systems Incorporated ---------- Key: adp94xx ImagePath: \SystemRoot\system32\drivers\adp94xx.sys C:\windows\System32\drivers\adp94xx.sys 491088 bytes Created: 10.06.2009 22:36 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: adpahci ImagePath: \SystemRoot\system32\drivers\adpahci.sys C:\windows\System32\drivers\adpahci.sys 339536 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: adpu320 ImagePath: \SystemRoot\system32\drivers\adpu320.sys C:\windows\System32\drivers\adpu320.sys 182864 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: AFD ImagePath: \SystemRoot\system32\drivers\afd.sys C:\windows\System32\drivers\afd.sys 498688 bytes Created: 16.02.2012 23:34 Modified: 28.12.2011 05:59 Company: Microsoft Corporation ---------- Key: agp440 ImagePath: \SystemRoot\system32\drivers\agp440.sys C:\windows\System32\drivers\agp440.sys 61008 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: ALG ImagePath: %SystemRoot%\System32\alg.exe C:\windows\System32\alg.exe 79360 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 03:38 Company: Microsoft Corporation ---------- Key: aliide ImagePath: \SystemRoot\system32\drivers\aliide.sys C:\windows\System32\drivers\aliide.sys 15440 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Acer Laboratories Inc. ---------- Key: amdide ImagePath: \SystemRoot\system32\drivers\amdide.sys C:\windows\System32\drivers\amdide.sys 15440 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: AmdK8 ImagePath: \SystemRoot\system32\drivers\amdk8.sys C:\windows\System32\drivers\amdk8.sys 64512 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: AmdPPM ImagePath: \SystemRoot\system32\drivers\amdppm.sys C:\windows\System32\drivers\amdppm.sys 60928 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: amdsata ImagePath: \SystemRoot\system32\drivers\amdsata.sys C:\windows\System32\drivers\amdsata.sys 107904 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Advanced Micro Devices ---------- Key: amdsbs ImagePath: \SystemRoot\system32\drivers\amdsbs.sys C:\windows\System32\drivers\amdsbs.sys 194128 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:52 Company: AMD Technologies Inc. ---------- Key: amdxata ImagePath: system32\drivers\amdxata.sys C:\windows\System32\drivers\amdxata.sys 27008 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Advanced Micro Devices ---------- Key: AntiVirSchedulerService ImagePath: "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 86224 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: AntiVirService ImagePath: "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 110032 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: AppID ImagePath: \SystemRoot\system32\drivers\appid.sys C:\windows\System32\drivers\appid.sys 61440 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Apple Mobile Device ImagePath: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 55184 bytes Created: 24.05.2012 13:28 Modified: 24.05.2012 13:28 Company: Apple Inc. ---------- Key: arc ImagePath: \SystemRoot\system32\drivers\arc.sys C:\windows\System32\drivers\arc.sys 87632 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: arcsas ImagePath: \SystemRoot\system32\drivers\arcsas.sys C:\windows\System32\drivers\arcsas.sys 97856 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: AsyncMac ImagePath: system32\DRIVERS\asyncmac.sys C:\windows\System32\DRIVERS\asyncmac.sys 23040 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: atapi ImagePath: system32\drivers\atapi.sys C:\windows\System32\drivers\atapi.sys 24128 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: avgntflt ImagePath: system32\DRIVERS\avgntflt.sys C:\windows\System32\DRIVERS\avgntflt.sys 98848 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira GmbH ---------- Key: avipbb ImagePath: system32\DRIVERS\avipbb.sys C:\windows\System32\DRIVERS\avipbb.sys 132832 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira GmbH ---------- Key: avkmgr ImagePath: system32\DRIVERS\avkmgr.sys C:\windows\System32\DRIVERS\avkmgr.sys 27760 bytes Created: 08.03.2012 19:27 Modified: 16.09.2011 17:08 Company: Avira GmbH ---------- Key: b06bdrv ImagePath: \SystemRoot\system32\drivers\bxvbda.sys C:\windows\System32\drivers\bxvbda.sys 468480 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: b57nd60a ImagePath: system32\DRIVERS\b57nd60a.sys C:\windows\System32\DRIVERS\b57nd60a.sys 270848 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: blbdrive ImagePath: system32\DRIVERS\blbdrive.sys C:\windows\System32\DRIVERS\blbdrive.sys 45056 bytes Created: 14.07.2009 01:35 Modified: 14.07.2009 01:35 Company: Microsoft Corporation ---------- Key: Bonjour Service ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Program Files\Bonjour\mDNSResponder.exe 462184 bytes Created: 30.08.2011 23:05 Modified: 30.08.2011 23:05 Company: Apple Inc. ---------- Key: bowser ImagePath: system32\DRIVERS\bowser.sys C:\windows\System32\DRIVERS\bowser.sys 90624 bytes Created: 09.06.2011 08:41 Modified: 23.02.2011 06:55 Company: Microsoft Corporation ---------- Key: BrFiltLo ImagePath: \SystemRoot\system32\drivers\BrFiltLo.sys C:\windows\System32\drivers\BrFiltLo.sys 18432 bytes Created: 14.07.2009 03:19 Modified: 10.06.2009 22:41 Company: Brother Industries, Ltd. ---------- Key: BrFiltUp ImagePath: \SystemRoot\system32\drivers\BrFiltUp.sys C:\windows\System32\drivers\BrFiltUp.sys 8704 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries, Ltd. ---------- Key: Brserid ImagePath: \SystemRoot\System32\Drivers\Brserid.sys C:\windows\System32\Drivers\Brserid.sys 286720 bytes Created: 14.07.2009 03:19 Modified: 14.07.2009 03:19 Company: Brother Industries Ltd. ---------- Key: BrSerWdm ImagePath: \SystemRoot\System32\Drivers\BrSerWdm.sys C:\windows\System32\Drivers\BrSerWdm.sys 47104 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BrUsbMdm ImagePath: \SystemRoot\System32\Drivers\BrUsbMdm.sys C:\windows\System32\Drivers\BrUsbMdm.sys 14976 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BrUsbSer ImagePath: \SystemRoot\System32\Drivers\BrUsbSer.sys C:\windows\System32\Drivers\BrUsbSer.sys 14720 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BthEnum ImagePath: \SystemRoot\system32\drivers\BthEnum.sys C:\windows\System32\drivers\BthEnum.sys 41984 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: BTHMODEM ImagePath: \SystemRoot\system32\drivers\bthmodem.sys C:\windows\System32\drivers\bthmodem.sys 72192 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: BthPan ImagePath: system32\DRIVERS\bthpan.sys C:\windows\System32\DRIVERS\bthpan.sys 118784 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: BTHPORT ImagePath: \SystemRoot\System32\Drivers\BTHport.sys C:\windows\System32\Drivers\BTHport.sys 552960 bytes Created: 15.08.2012 21:47 Modified: 06.07.2012 22:07 Company: Microsoft Corporation ---------- Key: BTHUSB ImagePath: \SystemRoot\System32\Drivers\BTHUSB.sys C:\windows\System32\Drivers\BTHUSB.sys 80384 bytes Created: 31.08.2011 16:13 Modified: 28.04.2011 05:54 Company: Microsoft Corporation ---------- Key: cdfs ImagePath: system32\DRIVERS\cdfs.sys C:\windows\System32\DRIVERS\cdfs.sys 92160 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: cdrom ImagePath: system32\DRIVERS\cdrom.sys C:\windows\System32\DRIVERS\cdrom.sys 147456 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: circlass ImagePath: \SystemRoot\system32\drivers\circlass.sys C:\windows\System32\drivers\circlass.sys 45568 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: CLFS ImagePath: System32\CLFS.sys C:\windows\System32\CLFS.sys 367696 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: clr_optimization_v2.0.50727_32 ImagePath: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 66384 bytes Created: 13.07.2009 22:46 Modified: 10.06.2009 23:23 Company: Microsoft Corporation ---------- Key: clr_optimization_v2.0.50727_64 ImagePath: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 89920 bytes Created: 13.07.2009 22:37 Modified: 10.06.2009 22:39 Company: Microsoft Corporation ---------- Key: clr_optimization_v4.0.30319_32 ImagePath: C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 130384 bytes Created: 18.03.2010 13:16 Modified: 18.03.2010 13:16 Company: Microsoft Corporation ---------- Key: clr_optimization_v4.0.30319_64 ImagePath: C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 138576 bytes Created: 18.03.2010 14:27 Modified: 18.03.2010 14:27 Company: Microsoft Corporation ---------- Key: clwvd ImagePath: system32\DRIVERS\clwvd.sys C:\windows\System32\DRIVERS\clwvd.sys 31088 bytes Created: 10.11.2010 01:04 Modified: 10.11.2010 01:04 Company: CyberLink Corporation ---------- Key: CmBatt ImagePath: system32\DRIVERS\CmBatt.sys C:\windows\System32\DRIVERS\CmBatt.sys 17664 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: cmdide ImagePath: \SystemRoot\system32\drivers\cmdide.sys C:\windows\System32\drivers\cmdide.sys 17488 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: CMD Technology, Inc. ---------- Key: CNG ImagePath: System32\Drivers\cng.sys C:\windows\System32\Drivers\cng.sys 458704 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:50 Company: Microsoft Corporation ---------- Key: Compbatt ImagePath: system32\DRIVERS\compbatt.sys C:\windows\System32\DRIVERS\compbatt.sys 21584 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: CompositeBus ImagePath: system32\DRIVERS\CompositeBus.sys C:\windows\System32\DRIVERS\CompositeBus.sys 38912 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: COMSysApp ImagePath: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} C:\windows\System32\dllhost.exe 9728 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: crcdisk ImagePath: \SystemRoot\system32\drivers\crcdisk.sys C:\windows\System32\drivers\crcdisk.sys 24144 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: cvhsvc ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 822624 bytes Created: 04.01.2012 15:22 Modified: 04.01.2012 15:22 Company: Microsoft Corporation ---------- Key: DfsC ImagePath: System32\Drivers\dfsc.sys C:\windows\System32\Drivers\dfsc.sys 102400 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: discache ImagePath: System32\drivers\discache.sys C:\windows\System32\drivers\discache.sys 40448 bytes Created: 14.07.2009 01:37 Modified: 14.07.2009 01:37 Company: Microsoft Corporation ---------- Key: Disk ImagePath: system32\drivers\disk.sys C:\windows\System32\drivers\disk.sys 73280 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: drmkaud ImagePath: system32\drivers\drmkaud.sys C:\windows\System32\drivers\drmkaud.sys 5632 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: DXGKrnl ImagePath: \SystemRoot\System32\drivers\dxgkrnl.sys C:\windows\System32\drivers\dxgkrnl.sys 982912 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ebdrv ImagePath: \SystemRoot\system32\drivers\evbda.sys C:\windows\System32\drivers\evbda.sys 3286016 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: EFS ImagePath: %SystemRoot%\System32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: ehRecvr ImagePath: %systemroot%\ehome\ehRecvr.exe C:\windows\ehome\ehRecvr.exe 696832 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ehSched ImagePath: %systemroot%\ehome\ehsched.exe C:\windows\ehome\ehsched.exe 127488 bytes Created: 14.07.2009 02:24 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: elxstor ImagePath: \SystemRoot\system32\drivers\elxstor.sys C:\windows\System32\drivers\elxstor.sys 530496 bytes Created: 10.06.2009 22:36 Modified: 14.07.2009 03:47 Company: Emulex ---------- Key: ErrDev ImagePath: \SystemRoot\system32\drivers\errdev.sys C:\windows\System32\drivers\errdev.sys 9728 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: ETD ImagePath: system32\DRIVERS\ETD.sys C:\windows\System32\DRIVERS\ETD.sys 258896 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. ---------- Key: Fax ImagePath: %systemroot%\system32\fxssvc.exe C:\windows\System32\fxssvc.exe 689152 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: fdc ImagePath: \SystemRoot\system32\drivers\fdc.sys C:\windows\System32\drivers\fdc.sys 29696 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: FileInfo ImagePath: system32\drivers\fileinfo.sys C:\windows\System32\drivers\fileinfo.sys 70224 bytes Created: 14.07.2009 01:34 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: Filetrace ImagePath: system32\drivers\filetrace.sys C:\windows\System32\drivers\filetrace.sys 34304 bytes Created: 14.07.2009 01:25 Modified: 14.07.2009 01:25 Company: Microsoft Corporation ---------- Key: flpydisk ImagePath: \SystemRoot\system32\drivers\flpydisk.sys C:\windows\System32\drivers\flpydisk.sys 24576 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: FltMgr ImagePath: system32\drivers\fltmgr.sys C:\windows\System32\drivers\fltmgr.sys 289664 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: FontCache3.0.0.0 ImagePath: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 42856 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: FsDepends ImagePath: System32\drivers\FsDepends.sys C:\windows\System32\drivers\FsDepends.sys 55376 bytes Created: 14.07.2009 01:26 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: fvevol ImagePath: System32\DRIVERS\fvevol.sys C:\windows\System32\DRIVERS\fvevol.sys 223248 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: gagp30kx ImagePath: \SystemRoot\system32\drivers\gagp30kx.sys C:\windows\System32\drivers\gagp30kx.sys 65088 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: GameConsoleService ImagePath: "C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe" C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe 246520 bytes Created: 03.06.2010 19:48 Modified: 03.06.2010 19:48 Company: WildTangent, Inc. ---------- Key: GEARAspiWDM ImagePath: system32\DRIVERS\GEARAspiWDM.sys C:\windows\System32\DRIVERS\GEARAspiWDM.sys 34152 bytes Created: 14.08.2012 23:12 Modified: 18.05.2009 13:17 Company: GEAR Software Inc. ---------- Key: hcw85cir ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys C:\windows\System32\drivers\hcw85cir.sys 31232 bytes Created: 14.07.2009 00:53 Modified: 10.06.2009 22:31 Company: Hauppauge Computer Works, Inc. ---------- Key: HdAudAddService ImagePath: system32\drivers\HdAudio.sys C:\windows\System32\drivers\HdAudio.sys 350208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HDAudBus ImagePath: system32\DRIVERS\HDAudBus.sys C:\windows\System32\DRIVERS\HDAudBus.sys 122368 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HidBatt ImagePath: \SystemRoot\system32\drivers\HidBatt.sys C:\windows\System32\drivers\HidBatt.sys 26624 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: HidBth ImagePath: \SystemRoot\system32\drivers\hidbth.sys C:\windows\System32\drivers\hidbth.sys 100864 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: HidIr ImagePath: \SystemRoot\system32\drivers\hidir.sys C:\windows\System32\drivers\hidir.sys 46592 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: HidUsb ImagePath: system32\DRIVERS\hidusb.sys C:\windows\System32\DRIVERS\hidusb.sys 30208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HpSAMD ImagePath: \SystemRoot\system32\drivers\HpSAMD.sys C:\windows\System32\drivers\HpSAMD.sys 78720 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Hewlett-Packard Company ---------- Key: HTTP ImagePath: system32\drivers\HTTP.sys C:\windows\System32\drivers\HTTP.sys 753664 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: hwpolicy ImagePath: System32\drivers\hwpolicy.sys C:\windows\System32\drivers\hwpolicy.sys 14720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: i8042prt ImagePath: system32\DRIVERS\i8042prt.sys C:\windows\System32\DRIVERS\i8042prt.sys 105472 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: iaStor ImagePath: system32\DRIVERS\iaStor.sys C:\windows\System32\DRIVERS\iaStor.sys 437272 bytes Created: 09.06.2011 08:05 Modified: 13.09.2010 11:24 Company: Intel Corporation ---------- Key: iaStorV ImagePath: \SystemRoot\system32\drivers\iaStorV.sys C:\windows\System32\drivers\iaStorV.sys 410496 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Intel Corporation ---------- Key: idsvc ImagePath: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 856400 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: igfx ImagePath: system32\DRIVERS\igdkmd64.sys C:\windows\System32\DRIVERS\igdkmd64.sys 12311904 bytes Created: 10.01.2012 14:28 Modified: 10.01.2012 14:28 Company: Intel Corporation ---------- Key: iirsp ImagePath: \SystemRoot\system32\drivers\iirsp.sys C:\windows\System32\drivers\iirsp.sys 44112 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: Intel Corp./ICP vortex GmbH ---------- Key: IntcAzAudAddService ImagePath: system32\drivers\RTKVHD64.sys C:\windows\System32\drivers\RTKVHD64.sys 2881256 bytes Created: 09.06.2011 08:08 Modified: 25.05.2011 06:34 Company: Realtek Semiconductor Corp. ---------- Key: IntcDAud ImagePath: system32\DRIVERS\IntcDAud.sys C:\windows\System32\DRIVERS\IntcDAud.sys 317440 bytes Created: 23.08.2011 05:12 Modified: 23.08.2011 05:12 Company: Intel(R) Corporation ---------- Key: intelide ImagePath: \SystemRoot\system32\drivers\intelide.sys C:\windows\System32\drivers\intelide.sys 16960 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: intelppm ImagePath: system32\DRIVERS\intelppm.sys C:\windows\System32\DRIVERS\intelppm.sys 62464 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: IpFilterDriver ImagePath: system32\DRIVERS\ipfltdrv.sys C:\windows\System32\DRIVERS\ipfltdrv.sys 82944 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: IPMIDRV ImagePath: \SystemRoot\system32\drivers\IPMIDrv.sys C:\windows\System32\drivers\IPMIDrv.sys 78848 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: IPNAT ImagePath: System32\drivers\ipnat.sys C:\windows\System32\drivers\ipnat.sys 116224 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: iPod Service ImagePath: "C:\Program Files\iPod\bin\iPodService.exe" C:\Program Files\iPod\bin\iPodService.exe 936848 bytes Created: 07.06.2012 19:33 Modified: 07.06.2012 19:33 Company: Apple Inc. ---------- Key: IRENUM ImagePath: system32\drivers\irenum.sys C:\windows\System32\drivers\irenum.sys 17920 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: isapnp ImagePath: \SystemRoot\system32\drivers\isapnp.sys C:\windows\System32\drivers\isapnp.sys 20544 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: iScsiPrt ImagePath: \SystemRoot\system32\drivers\msiscsi.sys C:\windows\System32\drivers\msiscsi.sys 273792 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: IT9135BDA ImagePath: System32\Drivers\IT9135BDA.sys C:\windows\System32\Drivers\IT9135BDA.sys 113280 bytes Created: 03.02.2010 10:05 Modified: 03.02.2010 10:05 Company: ITE ---------- Key: kbdclass ImagePath: system32\DRIVERS\kbdclass.sys C:\windows\System32\DRIVERS\kbdclass.sys 50768 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: kbdhid ImagePath: \SystemRoot\system32\drivers\kbdhid.sys C:\windows\System32\drivers\kbdhid.sys 33280 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: KeyIso ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: KSecDD ImagePath: System32\Drivers\ksecdd.sys C:\windows\System32\Drivers\ksecdd.sys 95600 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:48 Company: Microsoft Corporation ---------- Key: KSecPkg ImagePath: System32\Drivers\ksecpkg.sys C:\windows\System32\Drivers\ksecpkg.sys 151920 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:48 Company: Microsoft Corporation ---------- Key: ksthunk ImagePath: \SystemRoot\system32\drivers\ksthunk.sys C:\windows\System32\drivers\ksthunk.sys 20992 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: lltdio ImagePath: system32\DRIVERS\lltdio.sys C:\windows\System32\DRIVERS\lltdio.sys 60928 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: LMS ImagePath: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 326424 bytes Created: 09.06.2011 08:05 Modified: 05.05.2011 14:44 Company: Intel Corporation ---------- Key: LSI_FC ImagePath: \SystemRoot\system32\drivers\lsi_fc.sys C:\windows\System32\drivers\lsi_fc.sys 114752 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SAS ImagePath: \SystemRoot\system32\drivers\lsi_sas.sys C:\windows\System32\drivers\lsi_sas.sys 106560 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SAS2 ImagePath: \SystemRoot\system32\drivers\lsi_sas2.sys C:\windows\System32\drivers\lsi_sas2.sys 65600 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SCSI ImagePath: \SystemRoot\system32\drivers\lsi_scsi.sys C:\windows\System32\drivers\lsi_scsi.sys 115776 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: luafv ImagePath: \SystemRoot\system32\drivers\luafv.sys C:\windows\System32\drivers\luafv.sys 113152 bytes Created: 14.07.2009 01:26 Modified: 14.07.2009 01:26 Company: Microsoft Corporation ---------- Key: MBAMProtector ImagePath: \??\C:\windows\system32\drivers\mbam.sys C:\windows\System32\drivers\mbam.sys 25928 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: MBAMScheduler ImagePath: "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 399432 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: MBAMService ImagePath: "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 676936 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: McComponentHostService ImagePath: "C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe" C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe 237008 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. ---------- Key: megasas ImagePath: \SystemRoot\system32\drivers\megasas.sys C:\windows\System32\drivers\megasas.sys 35392 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: MegaSR ImagePath: \SystemRoot\system32\drivers\MegaSR.sys C:\windows\System32\drivers\MegaSR.sys 284736 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation, Inc. ---------- Key: MEIx64 ImagePath: system32\DRIVERS\HECIx64.sys C:\windows\System32\DRIVERS\HECIx64.sys 56344 bytes Created: 09.06.2011 23:17 Modified: 20.10.2010 18:34 Company: Intel Corporation ---------- Key: Modem ImagePath: system32\drivers\modem.sys C:\windows\System32\drivers\modem.sys 40448 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: monitor ImagePath: system32\DRIVERS\monitor.sys C:\windows\System32\DRIVERS\monitor.sys 30208 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: mouclass ImagePath: system32\DRIVERS\mouclass.sys C:\windows\System32\DRIVERS\mouclass.sys 49216 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: mouhid ImagePath: system32\DRIVERS\mouhid.sys C:\windows\System32\DRIVERS\mouhid.sys 31232 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: mountmgr ImagePath: System32\drivers\mountmgr.sys C:\windows\System32\drivers\mountmgr.sys 94592 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: MozillaMaintenance ImagePath: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 114144 bytes Created: 14.09.2012 00:20 Modified: 06.09.2012 03:25 Company: Mozilla Foundation ---------- Key: mpio ImagePath: \SystemRoot\system32\drivers\mpio.sys C:\windows\System32\drivers\mpio.sys 155008 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: mpsdrv ImagePath: System32\drivers\mpsdrv.sys C:\windows\System32\drivers\mpsdrv.sys 77312 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: MRxDAV ImagePath: \SystemRoot\system32\drivers\mrxdav.sys C:\windows\System32\drivers\mrxdav.sys 140800 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: mrxsmb ImagePath: system32\DRIVERS\mrxsmb.sys C:\windows\System32\DRIVERS\mrxsmb.sys 158208 bytes Created: 30.08.2011 17:47 Modified: 27.04.2011 04:40 Company: Microsoft Corporation ---------- Key: mrxsmb10 ImagePath: system32\DRIVERS\mrxsmb10.sys C:\windows\System32\DRIVERS\mrxsmb10.sys 288768 bytes Created: 30.08.2011 17:47 Modified: 09.07.2011 04:46 Company: Microsoft Corporation ---------- Key: mrxsmb20 ImagePath: system32\DRIVERS\mrxsmb20.sys C:\windows\System32\DRIVERS\mrxsmb20.sys 128000 bytes Created: 30.08.2011 17:47 Modified: 27.04.2011 04:39 Company: Microsoft Corporation ---------- Key: msahci ImagePath: system32\drivers\msahci.sys C:\windows\System32\drivers\msahci.sys 31104 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: msdsm ImagePath: \SystemRoot\system32\drivers\msdsm.sys C:\windows\System32\drivers\msdsm.sys 140672 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: MSDTC ImagePath: %SystemRoot%\System32\msdtc.exe C:\windows\System32\msdtc.exe 141824 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: mshidkmdf ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys C:\windows\System32\drivers\mshidkmdf.sys 8192 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: msisadrv ImagePath: system32\drivers\msisadrv.sys C:\windows\System32\drivers\msisadrv.sys 15424 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: msiserver ImagePath: %systemroot%\system32\msiexec.exe /V C:\windows\System32\msiexec.exe 128000 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: MSKSSRV ImagePath: system32\drivers\MSKSSRV.sys C:\windows\System32\drivers\MSKSSRV.sys 11136 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MSPCLOCK ImagePath: system32\drivers\MSPCLOCK.sys C:\windows\System32\drivers\MSPCLOCK.sys 7168 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MSPQM ImagePath: system32\drivers\MSPQM.sys C:\windows\System32\drivers\MSPQM.sys 6784 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: mssmbios ImagePath: system32\DRIVERS\mssmbios.sys C:\windows\System32\DRIVERS\mssmbios.sys 32320 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: MSTEE ImagePath: system32\drivers\MSTEE.sys C:\windows\System32\drivers\MSTEE.sys 8064 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MTConfig ImagePath: \SystemRoot\system32\drivers\MTConfig.sys C:\windows\System32\drivers\MTConfig.sys 15360 bytes Created: 14.07.2009 02:02 Modified: 14.07.2009 02:02 Company: Microsoft Corporation ---------- Key: Mup ImagePath: System32\Drivers\mup.sys C:\windows\System32\Drivers\mup.sys 60496 bytes Created: 14.07.2009 01:23 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: NativeWifiP ImagePath: system32\DRIVERS\nwifi.sys C:\windows\System32\DRIVERS\nwifi.sys 318976 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: NDIS ImagePath: system32\drivers\ndis.sys C:\windows\System32\drivers\ndis.sys 950128 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: NdisCap ImagePath: system32\DRIVERS\ndiscap.sys C:\windows\System32\DRIVERS\ndiscap.sys 35328 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: NdisTapi ImagePath: system32\DRIVERS\ndistapi.sys C:\windows\System32\DRIVERS\ndistapi.sys 24064 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: Ndisuio ImagePath: system32\DRIVERS\ndisuio.sys C:\windows\System32\DRIVERS\ndisuio.sys 56832 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: NdisWan ImagePath: system32\DRIVERS\ndiswan.sys C:\windows\System32\DRIVERS\ndiswan.sys 164352 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: NetBIOS ImagePath: system32\DRIVERS\netbios.sys C:\windows\System32\DRIVERS\netbios.sys 44544 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: NetBT ImagePath: System32\DRIVERS\netbt.sys C:\windows\System32\DRIVERS\netbt.sys 261632 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: Netlogon ImagePath: %systemroot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: NETwNs64 ImagePath: system32\DRIVERS\NETwNs64.sys C:\windows\System32\DRIVERS\NETwNs64.sys 11417088 bytes Created: 01.12.2011 22:51 Modified: 01.12.2011 22:51 Company: Intel Corporation ---------- Key: nfrd960 ImagePath: \SystemRoot\system32\drivers\nfrd960.sys C:\windows\System32\drivers\nfrd960.sys 51264 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: IBM Corporation ---------- Key: nmwcd ImagePath: system32\drivers\ccdcmbx64.sys C:\windows\System32\drivers\ccdcmbx64.sys 19968 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: nmwcdc ImagePath: system32\drivers\ccdcmbox64.sys C:\windows\System32\drivers\ccdcmbox64.sys 27136 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: NOBU ImagePath: "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 2804568 bytes Created: 01.06.2010 15:31 Modified: 01.06.2010 15:31 Company: Symantec Corporation ---------- Key: nsiproxy ImagePath: system32\drivers\nsiproxy.sys C:\windows\System32\drivers\nsiproxy.sys 24576 bytes Created: 14.07.2009 01:21 Modified: 14.07.2009 01:21 Company: Microsoft Corporation ---------- Key: nvlddmkm ImagePath: system32\DRIVERS\nvlddmkm.sys C:\windows\System32\DRIVERS\nvlddmkm.sys 13042408 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nvpciflt ImagePath: system32\DRIVERS\nvpciflt.sys C:\windows\System32\DRIVERS\nvpciflt.sys 25960 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nvraid ImagePath: \SystemRoot\system32\drivers\nvraid.sys C:\windows\System32\drivers\nvraid.sys 148352 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: NVIDIA Corporation ---------- Key: nvstor ImagePath: \SystemRoot\system32\drivers\nvstor.sys C:\windows\System32\drivers\nvstor.sys 166272 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: NVIDIA Corporation ---------- Key: NVSvc ImagePath: %SystemRoot%\system32\nvvsvc.exe C:\windows\System32\nvvsvc.exe 993896 bytes Created: 17.01.2011 04:07 Modified: 17.01.2011 04:07 Company: NVIDIA Corporation ---------- Key: nvUpdatusService ImagePath: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 2009704 bytes Created: 09.06.2011 08:07 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nv_agp ImagePath: \SystemRoot\system32\drivers\nv_agp.sys C:\windows\System32\drivers\nv_agp.sys 122960 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: ohci1394 ImagePath: \SystemRoot\system32\drivers\ohci1394.sys C:\windows\System32\drivers\ohci1394.sys 72832 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: ose ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 149352 bytes Created: 09.01.2010 21:18 Modified: 09.01.2010 21:18 Company: Microsoft Corporation ---------- Key: osppsvc ImagePath: "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 4925184 bytes Created: 09.01.2010 21:34 Modified: 09.01.2010 21:34 Company: Microsoft Corporation ---------- Key: Parport ImagePath: \SystemRoot\system32\drivers\parport.sys C:\windows\System32\drivers\parport.sys 97280 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: partmgr ImagePath: System32\drivers\partmgr.sys C:\windows\System32\drivers\partmgr.sys 75120 bytes Created: 09.05.2012 19:25 Modified: 17.03.2012 09:58 Company: Microsoft Corporation ---------- Key: pccsmcfd ImagePath: system32\DRIVERS\pccsmcfdx64.sys C:\windows\System32\DRIVERS\pccsmcfdx64.sys 26112 bytes Created: 19.12.2011 23:08 Modified: 27.06.2012 15:18 Company: Nokia ---------- Key: pci ImagePath: system32\drivers\pci.sys C:\windows\System32\drivers\pci.sys 184704 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: pciide ImagePath: \SystemRoot\system32\drivers\pciide.sys C:\windows\System32\drivers\pciide.sys 12352 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: pcmcia ImagePath: \SystemRoot\system32\drivers\pcmcia.sys C:\windows\System32\drivers\pcmcia.sys 220752 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: pcw ImagePath: System32\drivers\pcw.sys C:\windows\System32\drivers\pcw.sys 50768 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: PEAUTH ImagePath: system32\drivers\peauth.sys C:\windows\System32\drivers\peauth.sys 651264 bytes Created: 14.07.2009 01:51 Modified: 14.07.2009 03:01 Company: Microsoft Corporation ---------- Key: PerfHost ImagePath: %SystemRoot%\SysWow64\perfhost.exe C:\windows\SysWow64\perfhost.exe 20992 bytes Created: 14.07.2009 01:11 Modified: 14.07.2009 03:14 Company: Microsoft Corporation ---------- Key: PptpMiniport ImagePath: system32\DRIVERS\raspptp.sys C:\windows\System32\DRIVERS\raspptp.sys 111104 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Processor ImagePath: \SystemRoot\system32\drivers\processr.sys C:\windows\System32\drivers\processr.sys 60416 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: ProtectedStorage ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: Psched ImagePath: system32\DRIVERS\pacer.sys C:\windows\System32\DRIVERS\pacer.sys 131584 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ql2300 ImagePath: \SystemRoot\system32\drivers\ql2300.sys C:\windows\System32\drivers\ql2300.sys 1524816 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: QLogic Corporation ---------- Key: ql40xx ImagePath: \SystemRoot\system32\drivers\ql40xx.sys C:\windows\System32\drivers\ql40xx.sys 128592 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: QLogic Corporation ---------- Key: QWAVEdrv ImagePath: \SystemRoot\system32\drivers\qwavedrv.sys C:\windows\System32\drivers\qwavedrv.sys 46592 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: RasAcd ImagePath: System32\DRIVERS\rasacd.sys C:\windows\System32\DRIVERS\rasacd.sys 14848 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: RasAgileVpn ImagePath: system32\DRIVERS\AgileVpn.sys C:\windows\System32\DRIVERS\AgileVpn.sys 60416 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: Rasl2tp ImagePath: system32\DRIVERS\rasl2tp.sys C:\windows\System32\DRIVERS\rasl2tp.sys 129536 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: RasPppoe ImagePath: system32\DRIVERS\raspppoe.sys C:\windows\System32\DRIVERS\raspppoe.sys 92672 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: RasSstp ImagePath: system32\DRIVERS\rassstp.sys C:\windows\System32\DRIVERS\rassstp.sys 83968 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: rdbss ImagePath: system32\DRIVERS\rdbss.sys C:\windows\System32\DRIVERS\rdbss.sys 309248 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: rdpbus ImagePath: \SystemRoot\system32\drivers\rdpbus.sys C:\windows\System32\drivers\rdpbus.sys 24064 bytes Created: 14.07.2009 02:17 Modified: 14.07.2009 02:17 Company: Microsoft Corporation ---------- Key: RDPCDD ImagePath: System32\DRIVERS\RDPCDD.sys C:\windows\System32\DRIVERS\RDPCDD.sys 7680 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: RDPENCDD ImagePath: system32\drivers\rdpencdd.sys C:\windows\System32\drivers\rdpencdd.sys 7680 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: RDPREFMP ImagePath: system32\drivers\rdprefmp.sys C:\windows\System32\drivers\rdprefmp.sys 8192 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: rdyboost ImagePath: System32\drivers\rdyboost.sys C:\windows\System32\drivers\rdyboost.sys 213888 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: RFCOMM ImagePath: system32\DRIVERS\rfcomm.sys C:\windows\System32\DRIVERS\rfcomm.sys 158720 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: RichVideo ImagePath: "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 244904 bytes Created: 09.06.2011 08:27 Modified: 01.12.2009 09:21 Company: ---------- Key: RpcLocator ImagePath: %SystemRoot%\system32\locator.exe C:\windows\System32\locator.exe 10240 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: rspndr ImagePath: system32\DRIVERS\rspndr.sys C:\windows\System32\DRIVERS\rspndr.sys 76800 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: RTL8167 ImagePath: system32\DRIVERS\Rt64win7.sys C:\windows\System32\DRIVERS\Rt64win7.sys 471144 bytes Created: 09.06.2011 08:09 Modified: 22.04.2011 12:17 Company: Realtek ---------- Key: rtport ImagePath: \??\C:\windows\SysWOW64\drivers\rtport.sys C:\windows\SysWOW64\drivers\rtport.sys 15144 bytes Created: 28.07.2011 03:48 Modified: 28.07.2011 03:48 Company: Windows (R) 2003 DDK 3790 provider ---------- Key: SABI ImagePath: \??\C:\windows\system32\Drivers\SABI.sys C:\windows\System32\Drivers\SABI.sys 13824 bytes Created: 09.06.2011 08:12 Modified: 28.05.2009 08:38 Company: SAMSUNG ELECTRONICS ---------- Key: SamSs ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: Samsung UPD Service ImagePath: "C:\windows\System32\SUPDSvc.exe" C:\windows\System32\SUPDSvc.exe 166704 bytes Created: 09.06.2011 23:20 Modified: 09.08.2010 21:04 Company: Samsung Electronics CO., LTD. ---------- Key: sbp2port ImagePath: \SystemRoot\system32\drivers\sbp2port.sys C:\windows\System32\drivers\sbp2port.sys 103808 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: SBSDWSCService ImagePath: C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 1153368 bytes Created: 29.08.2011 18:34 Modified: 26.01.2009 15:31 Company: Safer Networking Ltd. ---------- Key: scfilter ImagePath: System32\DRIVERS\scfilter.sys C:\windows\System32\DRIVERS\scfilter.sys 29696 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Serenum ImagePath: \SystemRoot\system32\drivers\serenum.sys C:\windows\System32\drivers\serenum.sys 23552 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: Serial ImagePath: \SystemRoot\system32\drivers\serial.sys C:\windows\System32\drivers\serial.sys 94208 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: sermouse ImagePath: \SystemRoot\system32\drivers\sermouse.sys C:\windows\System32\drivers\sermouse.sys 26624 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: ServiceLayer ImagePath: "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 724888 bytes Created: 01.08.2012 16:07 Modified: 01.08.2012 16:07 Company: Nokia ---------- Key: sffdisk ImagePath: \SystemRoot\system32\drivers\sffdisk.sys C:\windows\System32\drivers\sffdisk.sys 14336 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: sffp_mmc ImagePath: \SystemRoot\system32\drivers\sffp_mmc.sys C:\windows\System32\drivers\sffp_mmc.sys 13824 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: sffp_sd ImagePath: \SystemRoot\system32\drivers\sffp_sd.sys C:\windows\System32\drivers\sffp_sd.sys 14336 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: sfloppy ImagePath: \SystemRoot\system32\drivers\sfloppy.sys C:\windows\System32\drivers\sfloppy.sys 16896 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: Sftfs ImagePath: system32\DRIVERS\Sftfslh.sys C:\windows\System32\DRIVERS\Sftfslh.sys 764264 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: sftlist ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 508776 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftplay ImagePath: system32\DRIVERS\Sftplaylh.sys C:\windows\System32\DRIVERS\Sftplaylh.sys 268648 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftredir ImagePath: system32\DRIVERS\Sftredirlh.sys C:\windows\System32\DRIVERS\Sftredirlh.sys 25960 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftvol ImagePath: system32\DRIVERS\Sftvollh.sys C:\windows\System32\DRIVERS\Sftvollh.sys 22376 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: sftvsa ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 219496 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: SiSRaid2 ImagePath: \SystemRoot\system32\drivers\SiSRaid2.sys C:\windows\System32\drivers\SiSRaid2.sys 43584 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: Silicon Integrated Systems Corp. ---------- Key: SiSRaid4 ImagePath: \SystemRoot\system32\drivers\sisraid4.sys C:\windows\System32\drivers\sisraid4.sys 80464 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: Silicon Integrated Systems ---------- Key: SkypeUpdate ImagePath: "C:\Program Files (x86)\Skype\Updater\Updater.exe" C:\Program Files (x86)\Skype\Updater\Updater.exe -R- 160944 bytes Created: 13.07.2012 13:28 Modified: 13.07.2012 13:28 Company: Skype Technologies ---------- Key: Smb ImagePath: system32\DRIVERS\smb.sys C:\windows\System32\DRIVERS\smb.sys 93184 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: SNMPTRAP ImagePath: %SystemRoot%\System32\snmptrap.exe C:\windows\System32\snmptrap.exe 14336 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: Spooler ImagePath: %SystemRoot%\System32\spoolsv.exe C:\windows\System32\spoolsv.exe 559104 bytes Created: 15.08.2012 18:11 Modified: 11.02.2012 08:36 Company: Microsoft Corporation ---------- Key: sppsvc ImagePath: %SystemRoot%\system32\sppsvc.exe C:\windows\System32\sppsvc.exe 3524608 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: srv ImagePath: System32\DRIVERS\srv.sys C:\windows\System32\DRIVERS\srv.sys 467456 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:06 Company: Microsoft Corporation ---------- Key: srv2 ImagePath: System32\DRIVERS\srv2.sys C:\windows\System32\DRIVERS\srv2.sys 410112 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:05 Company: Microsoft Corporation ---------- Key: srvnet ImagePath: System32\DRIVERS\srvnet.sys C:\windows\System32\DRIVERS\srvnet.sys 168448 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:05 Company: Microsoft Corporation ---------- Key: stexstor ImagePath: \SystemRoot\system32\drivers\stexstor.sys C:\windows\System32\drivers\stexstor.sys 24656 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: Promise Technology ---------- Key: StillCam ImagePath: system32\DRIVERS\serscan.sys C:\windows\System32\DRIVERS\serscan.sys 12288 bytes Created: 14.07.2009 02:35 Modified: 14.07.2009 02:35 Company: Microsoft Corporation ---------- Key: swenum ImagePath: system32\DRIVERS\swenum.sys C:\windows\System32\DRIVERS\swenum.sys 12496 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: Tcpip ImagePath: System32\drivers\tcpip.sys C:\windows\System32\drivers\tcpip.sys 1913200 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: TCPIP6 ImagePath: system32\DRIVERS\tcpip.sys C:\windows\System32\DRIVERS\tcpip.sys 1913200 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: tcpipreg ImagePath: System32\drivers\tcpipreg.sys C:\windows\System32\drivers\tcpipreg.sys 45056 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TDPIPE ImagePath: system32\drivers\tdpipe.sys C:\windows\System32\drivers\tdpipe.sys 15872 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: TDTCP ImagePath: system32\drivers\tdtcp.sys C:\windows\System32\drivers\tdtcp.sys 23552 bytes Created: 14.03.2012 19:26 Modified: 17.02.2012 06:57 Company: Microsoft Corporation ---------- Key: tdx ImagePath: system32\DRIVERS\tdx.sys C:\windows\System32\DRIVERS\tdx.sys 119296 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TermDD ImagePath: system32\DRIVERS\termdd.sys C:\windows\System32\DRIVERS\termdd.sys 63360 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TrustedInstaller ImagePath: %SystemRoot%\servicing\TrustedInstaller.exe C:\windows\servicing\TrustedInstaller.exe 194048 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: tssecsrv ImagePath: System32\DRIVERS\tssecsrv.sys C:\windows\System32\DRIVERS\tssecsrv.sys 39424 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TsUsbFlt ImagePath: system32\drivers\tsusbflt.sys C:\windows\System32\drivers\tsusbflt.sys 59392 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TsUsbGD ImagePath: \SystemRoot\system32\drivers\TsUsbGD.sys C:\windows\System32\drivers\TsUsbGD.sys 31232 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: tunnel ImagePath: system32\DRIVERS\tunnel.sys C:\windows\System32\DRIVERS\tunnel.sys 125440 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TurboB ImagePath: system32\DRIVERS\TurboB.sys C:\windows\System32\DRIVERS\TurboB.sys 19192 bytes Created: 08.10.2010 02:23 Modified: 08.10.2010 02:23 Company: Intel(R) Corporation ---------- Key: TurboBoost ImagePath: "C:\Program Files\Intel\TurboBoost\TurboBoost.exe" C:\Program Files\Intel\TurboBoost\TurboBoost.exe 150016 bytes Created: 08.10.2010 02:24 Modified: 08.10.2010 02:24 Company: Intel(R) Corporation ---------- Key: uagp35 ImagePath: \SystemRoot\system32\drivers\uagp35.sys C:\windows\System32\drivers\uagp35.sys 64080 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: udfs ImagePath: system32\DRIVERS\udfs.sys C:\windows\System32\DRIVERS\udfs.sys 328192 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UI0Detect ImagePath: %SystemRoot%\system32\UI0Detect.exe C:\windows\System32\UI0Detect.exe 40960 bytes Created: 14.07.2009 01:52 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: uliagpkx ImagePath: \SystemRoot\system32\drivers\uliagpkx.sys C:\windows\System32\drivers\uliagpkx.sys 64592 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: umbus ImagePath: system32\DRIVERS\umbus.sys C:\windows\System32\DRIVERS\umbus.sys 48640 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UmPass ImagePath: \SystemRoot\system32\drivers\umpass.sys C:\windows\System32\drivers\umpass.sys 9728 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: UNS ImagePath: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 2656536 bytes Created: 09.06.2011 08:05 Modified: 05.05.2011 14:44 Company: Intel Corporation ---------- Key: upperdev ImagePath: system32\DRIVERS\usbser_lowerfltx64.sys C:\windows\System32\DRIVERS\usbser_lowerfltx64.sys 9216 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: USBAAPL64 ImagePath: System32\Drivers\usbaapl64.sys C:\windows\System32\Drivers\usbaapl64.sys 52736 bytes Created: 25.04.2012 12:11 Modified: 25.04.2012 12:11 Company: Apple, Inc. ---------- Key: usbccgp ImagePath: system32\DRIVERS\usbccgp.sys C:\windows\System32\DRIVERS\usbccgp.sys 98816 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbcir ImagePath: \SystemRoot\system32\drivers\usbcir.sys C:\windows\System32\drivers\usbcir.sys 100352 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: usbehci ImagePath: \SystemRoot\system32\drivers\usbehci.sys C:\windows\System32\drivers\usbehci.sys 52736 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbhub ImagePath: system32\DRIVERS\usbhub.sys C:\windows\System32\DRIVERS\usbhub.sys 343040 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbohci ImagePath: \SystemRoot\system32\drivers\usbohci.sys C:\windows\System32\drivers\usbohci.sys 25600 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbprint ImagePath: system32\DRIVERS\usbprint.sys C:\windows\System32\DRIVERS\usbprint.sys 25088 bytes Created: 14.07.2009 02:38 Modified: 14.07.2009 02:38 Company: Microsoft Corporation ---------- Key: usbscan ImagePath: system32\DRIVERS\usbscan.sys C:\windows\System32\DRIVERS\usbscan.sys 41984 bytes Created: 14.07.2009 02:35 Modified: 14.07.2009 02:35 Company: Microsoft Corporation ---------- Key: usbser ImagePath: system32\drivers\usbser.sys C:\windows\System32\drivers\usbser.sys 32768 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UsbserFilt ImagePath: system32\DRIVERS\usbser_lowerfltjx64.sys C:\windows\System32\DRIVERS\usbser_lowerfltjx64.sys 9216 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: USBSTOR ImagePath: system32\DRIVERS\USBSTOR.SYS C:\windows\System32\DRIVERS\USBSTOR.SYS 91648 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 06:37 Company: Microsoft Corporation ---------- Key: usbuhci ImagePath: \SystemRoot\system32\drivers\usbuhci.sys C:\windows\System32\drivers\usbuhci.sys 30720 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbvideo ImagePath: System32\Drivers\usbvideo.sys C:\windows\System32\Drivers\usbvideo.sys 184960 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: VaultSvc ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: vdrvroot ImagePath: system32\drivers\vdrvroot.sys C:\windows\System32\drivers\vdrvroot.sys 36432 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: vds ImagePath: %SystemRoot%\System32\vds.exe C:\windows\System32\vds.exe 533504 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vga ImagePath: system32\DRIVERS\vgapnp.sys C:\windows\System32\DRIVERS\vgapnp.sys 29184 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: VgaSave ImagePath: \SystemRoot\System32\drivers\vga.sys C:\windows\System32\drivers\vga.sys 29184 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: vhdmp ImagePath: \SystemRoot\system32\drivers\vhdmp.sys C:\windows\System32\drivers\vhdmp.sys 215936 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: viaide ImagePath: \SystemRoot\system32\drivers\viaide.sys C:\windows\System32\drivers\viaide.sys 17488 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: VIA Technologies, Inc. ---------- Key: volmgr ImagePath: system32\drivers\volmgr.sys C:\windows\System32\drivers\volmgr.sys 71552 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: volmgrx ImagePath: System32\drivers\volmgrx.sys C:\windows\System32\drivers\volmgrx.sys 363392 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: volsnap ImagePath: system32\drivers\volsnap.sys C:\windows\System32\drivers\volsnap.sys 295808 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vsmraid ImagePath: \SystemRoot\system32\drivers\vsmraid.sys C:\windows\System32\drivers\vsmraid.sys 161872 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: VIA Technologies Inc.,Ltd ---------- Key: VSS ImagePath: %systemroot%\system32\vssvc.exe C:\windows\System32\vssvc.exe 1600512 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vwifibus ImagePath: system32\DRIVERS\vwifibus.sys C:\windows\System32\DRIVERS\vwifibus.sys 24576 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: vwififlt ImagePath: system32\DRIVERS\vwififlt.sys C:\windows\System32\DRIVERS\vwififlt.sys 60416 bytes Created: 09.06.2011 08:42 Modified: 25.01.2011 11:34 Company: Microsoft Corporation ---------- Key: vwifimp ImagePath: system32\DRIVERS\vwifimp.sys C:\windows\System32\DRIVERS\vwifimp.sys 18432 bytes Created: 09.06.2011 08:42 Modified: 25.01.2011 11:34 Company: Microsoft Corporation ---------- Key: WacomPen ImagePath: \SystemRoot\system32\drivers\wacompen.sys C:\windows\System32\drivers\wacompen.sys 27776 bytes Created: 14.07.2009 02:02 Modified: 14.07.2009 02:02 Company: Microsoft Corporation ---------- Key: WANARP ImagePath: system32\DRIVERS\wanarp.sys C:\windows\System32\DRIVERS\wanarp.sys 88576 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Wanarpv6 ImagePath: system32\DRIVERS\wanarp.sys C:\windows\System32\DRIVERS\wanarp.sys 88576 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: wbengine ImagePath: "%systemroot%\system32\wbengine.exe" C:\windows\System32\wbengine.exe 1504256 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: Wd ImagePath: \SystemRoot\system32\drivers\wd.sys C:\windows\System32\drivers\wd.sys 21056 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: Wdf01000 ImagePath: system32\drivers\Wdf01000.sys C:\windows\System32\drivers\Wdf01000.sys 654928 bytes Created: 14.07.2009 01:22 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: WfpLwf ImagePath: system32\DRIVERS\wfplwf.sys C:\windows\System32\DRIVERS\wfplwf.sys 12800 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: WIMMount ImagePath: system32\drivers\wimmount.sys C:\windows\System32\drivers\wimmount.sys 22096 bytes Created: 14.07.2009 01:29 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: WinUsb ImagePath: system32\DRIVERS\WinUsb.sys C:\windows\System32\DRIVERS\WinUsb.sys 41984 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: wlcrasvc ImagePath: "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 57184 bytes Created: 22.09.2010 11:10 Modified: 22.09.2010 11:10 Company: Microsoft Corporation ---------- Key: wlidsvc ImagePath: "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2286976 bytes Created: 21.09.2010 07:49 Modified: 21.09.2010 07:49 Company: Microsoft Corp. ---------- Key: WmiAcpi ImagePath: system32\DRIVERS\wmiacpi.sys C:\windows\System32\DRIVERS\wmiacpi.sys 14336 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: wmiApSrv ImagePath: %systemroot%\system32\wbem\WmiApSrv.exe C:\windows\System32\wbem\WmiApSrv.exe 203264 bytes Created: 14.07.2009 01:47 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: WMPNetworkSvc ImagePath: "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" C:\Program Files\Windows Media Player\wmpnetwk.exe 1525248 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: ws2ifsl ImagePath: \SystemRoot\system32\drivers\ws2ifsl.sys C:\windows\System32\drivers\ws2ifsl.sys 21504 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: WSearch ImagePath: %systemroot%\system32\SearchIndexer.exe /Embedding C:\windows\System32\SearchIndexer.exe 591872 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation ---------- Key: WudfPf ImagePath: system32\drivers\WudfPf.sys C:\windows\System32\drivers\WudfPf.sys 112128 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: WUDFRd ImagePath: system32\DRIVERS\WUDFRd.sys C:\windows\System32\DRIVERS\WUDFRd.sys 172544 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- ************************************************************ 18:02:57: Scanning -----VXD ENTRIES----- ************************************************************ 18:02:57: Scanning ----- WINLOGON\NOTIFY DLLS ----- No WINLOGON\NOTIFY DLLs found to scan Rootkit scan of Winlogon\Notify key not possible [key may not exist] ************************************************************ 18:02:57: Scanning ----- CONTEXTMENUHANDLERS ----- Key: 7-Zip CLSID: {23170F69-40C1-278A-1000-000100020000} Path: C:\Program Files (x86)\7-Zip\7-zip.dll C:\Program Files (x86)\7-Zip\7-zip.dll 55808 bytes Created: 18.11.2010 18:08 Modified: 18.11.2010 18:08 Company: Igor Pavlov ---------- Key: Shell Extension for Malware scanning CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A} Path: C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll 2292176 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: WinRAR CLSID: {B41DB860-64E4-11D2-9906-E49FADC173CA} Path: C:\Program Files (x86)\WinRAR\rarext64.dll C:\Program Files (x86)\WinRAR\rarext64.dll 164864 bytes Created: 08.09.2011 22:01 Modified: 28.05.2011 22:05 Company: Alexander Roshal ---------- Key: WinRAR32 CLSID: {B41DB860-8EE4-11D2-9906-E49FADC173CA} Path: C:\Program Files (x86)\WinRAR\rarext.dll C:\Program Files (x86)\WinRAR\rarext.dll 140288 bytes Created: 08.09.2011 22:01 Modified: 28.05.2011 22:04 Company: Alexander Roshal ---------- ************************************************************ 18:02:58: Scanning ----- FOLDER\COLUMNHANDLERS ----- Key: {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} File: C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll - [file not found to scan] ---------- Key: {F9DB5320-233E-11D1-9F84-707F02C10627} File: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll 394168 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems, Inc. ---------- ************************************************************ 18:02:58: Scanning ----- BROWSER HELPER OBJECTS ----- Key: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} BHO: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 63944 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated ---------- Key: {53707962-6F74-2D53-2644-206D7942484F} BHO: C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll 1879896 bytes Created: 29.08.2011 18:34 Modified: 26.01.2009 15:31 Company: Safer Networking Limited ---------- Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} BHO: C:\Program Files (x86)\Java\jre7\bin\ssv.dll C:\Program Files (x86)\Java\jre7\bin\ssv.dll 449512 bytes Created: 04.09.2012 18:04 Modified: 04.09.2012 18:04 Company: Oracle Corporation ---------- Key: {9030D464-4C02-4ABF-8ECC-5164760863C6} BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 529280 bytes Created: 21.09.2010 07:54 Modified: 21.09.2010 07:54 Company: Microsoft Corp. ---------- Key: {AA609D72-8482-4076-8991-8CDAE5B93BCB} BHO: C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll 1973760 bytes Created: 09.06.2011 08:38 Modified: 25.10.2010 14:44 Company: Samsung Electronics Co., Ltd. ---------- Key: {DBC80044-A445-435b-BC74-9C25C1C588A9} BHO: C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll 157672 bytes Created: 04.09.2012 18:04 Modified: 04.09.2012 18:04 Company: Oracle Corporation ---------- ************************************************************ 18:03:00: Scanning ----- SHELLSERVICEOBJECTS ----- ************************************************************ 18:03:00: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----- No SharedTaskScheduler entries found to scan ************************************************************ 18:03:00: Scanning ----- IMAGEFILE DEBUGGERS ----- No "Debugger" entries found. ************************************************************ 18:03:00: Scanning ----- APPINIT_DLLS ----- AppInitDLLs entry = [C:\windows\SysWOW64\nvinit.dll] File: C:\windows\SysWOW64\nvinit.dll C:\windows\SysWOW64\nvinit.dll 192616 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- |
|
30.09.2012, 22:02
| #4 |
| | JS/TrojanDownloader.Iframe.NKE trojan/HTML/Fraud.BG trojan ************************************************************ 18:03:00: Scanning ----- SECURITY PROVIDER DLLS ----- ************************************************************ 18:03:00: Scanning ------ COMMON STARTUP GROUP ------ [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup] The Common Startup Group attempts to load the following file(s) at boot time: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -HS- 174 bytes Created: 14.07.2009 06:54 Modified: 14.07.2009 06:54 Company: [no info] -------------------- McAfee Security Scan Plus.lnk - links to C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE 272528 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. -------------------- ************************************************************ 18:03:01: Scanning ----- USER STARTUP GROUPS ----- Checking Startup Group for: fabo [C:\Users\fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup] C:\Users\fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -HS- 174 bytes Created: 29.08.2011 16:24 Modified: 11.07.2012 20:55 Company: [no info] ---------- OpenOffice.org 3.4.lnk - links to C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE 1199104 bytes Created: 19.04.2012 07:41 Modified: 19.04.2012 07:41 Company: [no info] ---------- -------------------- ************************************************************ 18:03:01: Scanning ----- SCHEDULED TASKS ----- Taskname: Adobe Flash Player Updater File: C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 250288 bytes Created: 25.06.2012 21:23 Modified: 29.09.2012 21:21 Company: Adobe Systems Incorporated Schedule: At 01:21:00 every day Next Run Time: 30.09.2012 18:21:00 Status: Ready Creator: Adobe Systems Incorporated Comments: Mit diesem Task ist Ihre Flash Player-Installation immer aktuell und verwendet die neuesten Verbesserungen und Sicherheits-Fixes. Wenn dieser Task deaktiviert oder entfernt wird, kann Adobe Flash Player Ihren Computer nicht automatisch mit den neuesten Sicherheits-Fixes sichern. ---------- Taskname: advSRS5 File: C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe 4387632 bytes Created: 09.06.2011 08:35 Modified: 17.11.2010 10:24 Company: SEC Schedule: At logon Next Run Time: Status: Running Creator: SEC Comments: Samsung Recovery Solution 5 Scheduler ---------- Taskname: BatteryLifeExtender File: C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe 6619648 bytes Created: 18.12.2010 01:47 Modified: 18.12.2010 01:47 Company: Samsung Electronics. Co. Ltd. Parameters: /2 Schedule: At logon Next Run Time: Status: Ready Creator: sec Comments: ---------- Taskname: EasyBatteryManager File: C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe 362352 bytes Created: 09.06.2011 08:11 Modified: 20.07.2010 06:55 Company: SAMSUNG Electronics co., LTD. Schedule: At logon Next Run Time: Status: Ready Creator: Administrator Comments: ---------- Taskname: EasyDisplayMgr File: C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe 945232 bytes Created: 09.06.2011 08:37 Modified: 23.12.2010 08:07 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: EasyPartitionManager File: C:\Windows\MSetup\BA46-12225A02\EPM.exe Schedule: At logon Next Run Time: Status: Disabled Creator: Administrator Comments: C:\Windows\MSetup\BA46-12225A02\EPM.exe - [file not found to scan] ---------- Taskname: EasySpeedUpManager File: Multiple Parameters: /s Schedule: At logon Next Run Time: Status: Running Creator: Administrators Comments: Easy SpeedUp Manager Multiple - [file not found to scan] ---------- Taskname: HP Photo Creations Messager File: C:\ProgramData\HP Photo Creations\MessageCheck.exe C:\ProgramData\HP Photo Creations\MessageCheck.exe 153768 bytes Created: 15.02.2011 12:11 Modified: 15.02.2011 12:11 Company: [no info] Schedule: At 01:01:00 every day Next Run Time: 30.09.2012 19:01:00 Status: Ready Creator: fabo Comments: ---------- Taskname: HPCustParticipation HP Deskjet 3070 B611 series File: C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe 4238184 bytes Created: 08.06.2011 18:34 Modified: 08.06.2011 18:34 Company: Hewlett-Packard Co. Parameters: /UA 9.5 /DDV 0x0905 Schedule: At 22:27:00 on 25.04.2012 Next Run Time: 30.09.2012 18:27:00 Status: Ready Creator: fabo Comments: ---------- Taskname: hpUrlLauncher.exe_{A3CCEABE-12A2-4928-956D-02C9B3D94E36} File: C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\utils\hpUrlLauncher.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\utils\hpUrlLauncher.exe 199528 bytes Created: 08.06.2011 23:49 Modified: 08.06.2011 23:49 Company: Hewlett-Packard Co. Parameters: https://h30495.www3.hp.com/printers/add?jumpID=in_instKarnak5%2F&cc=de&modelName=HP%20Deskjet%203070%20B611%20series&serialNo=CN1AL470R5&serialNo_Extra=05MQ&modelID=CQ191B&serviceID=2211 2&invitation=no Schedule: Task not scheduled Next Run Time: Status: Ready Creator: Comments: ---------- Taskname: MirageAgent File: C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe 136488 bytes Created: 10.11.2010 01:03 Modified: 10.11.2010 01:03 Company: CyberLink Schedule: At logon Next Run Time: Status: Running Creator: CyberLink Comments: ---------- Taskname: MovieColorEnhancer File: C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe 775848 bytes Created: 09.06.2011 08:20 Modified: 29.11.2010 07:42 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: SamsungSupportCenter File: C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe 3398736 bytes Created: 04.09.2011 12:45 Modified: 04.09.2011 12:45 Company: SAMSUNG Electronics Schedule: At logon Next Run Time: Status: Running Creator: Administrators Comments: SamsungSupportCenter ---------- Taskname: SmartRestarter File: C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe 2996592 bytes Created: 09.06.2011 08:12 Modified: 05.08.2010 07:12 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: SUPBackground File: C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe 2783312 bytes Created: 09.06.2011 08:37 Modified: 20.12.2011 15:52 Company: Samsung Electronics Schedule: At logon Next Run Time: Status: Queued Creator: Administrator Comments: ---------- Taskname: WifiManager File: C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe 7060560 bytes Created: 09.06.2011 08:37 Modified: 04.01.2011 15:06 Company: Samsung Electronics Co., Ltd. Parameters: hide Schedule: At logon Next Run Time: Status: Running Creator: ctype-PC\ctype Comments: ---------- ************************************************************ 18:03:06: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----- Key: SharingPrivate CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235} File: %SystemRoot%\system32\ntshrui.dll C:\windows\System32\ntshrui.dll 509952 bytes Created: 16.02.2012 23:34 Modified: 04.01.2012 12:44 Company: Microsoft Corporation ---------- ************************************************************ 18:03:06: Scanning ----- DEVICE DRIVER ENTRIES ----- Value: msacm.l3acm File: C:\Windows\SysWOW64\l3codeca.acm C:\Windows\SysWOW64\l3codeca.acm 64000 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 03:14 Company: Fraunhofer Institut Integrierte Schaltungen IIS ---------- Value: vidc.cvid File: iccvid.dll iccvid.dll - [file not found to scan] ---------- Value: msacm.siren File: sirenacm.dll sirenacm.dll - [file not found to scan] ---------- ************************************************************ 18:03:07: ----- ADDITIONAL CHECKS ----- Heuristic checks for hidden files/drivers completed ---------- Layered Service Provider entries checks completed ---------- Windows Explorer Policies checks completed ---------- Desktop Wallpaper: C:\Users\fabo\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp C:\Users\fabo\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp 5242934 bytes Created: 29.08.2011 19:16 Modified: 23.08.2012 08:49 Company: [no info] ---------- Web Desktop Wallpaper entry is blank ---------- Checks for rogue DNS NameServers completed ---------- Checks for Backdoor.ZeroAccess completed ---------- Additional checks completed ************************************************************ 18:03:23: Scanning ----- RUNNING PROCESSES ----- C:\windows\System32\smss.exe 112640 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\csrss.exe 7680 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\wininit.exe 129024 bytes Created: 14.07.2009 01:52 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\services.exe 328704 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\lsm.exe 343040 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation -------------------- C:\windows\System32\svchost.exe 27136 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\winlogon.exe 390656 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\windows\System32\taskeng.exe 464384 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 1196648 bytes Created: 17.01.2011 04:07 Modified: 17.01.2011 04:07 Company: NVIDIA Corporation -------------------- C:\windows\System32\taskhost.exe 69120 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 766536 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation -------------------- C:\windows\System32\dwm.exe 120320 bytes Created: 14.07.2009 01:37 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe 272528 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. -------------------- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe 10376704 bytes Created: 19.04.2012 08:57 Modified: 19.04.2012 08:57 Company: OpenOffice.org -------------------- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin 10368512 bytes Created: 19.04.2012 08:57 Modified: 19.04.2012 08:57 Company: OpenOffice.org -------------------- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe 248784 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG -------------------- C:\windows\System32\conhost.exe 338432 bytes Created: 30.08.2011 17:47 Modified: 24.06.2011 07:25 Company: Microsoft Corporation -------------------- C:\windows\System32\igfxext.exe 239896 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- C:\windows\System32\wbem\WmiPrvSE.exe 372736 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\windows\System32\SearchIndexer.exe 591872 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation -------------------- C:\windows\System32\SearchProtocolHost.exe 249856 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe 220568 bytes Created: 01.08.2012 16:07 Modified: 01.08.2012 16:07 Company: Nokia -------------------- C:\Program Files\Elantech\ETDCtrlHelper.exe 2247504 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. -------------------- C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe FileSize: 4766968 [This is a Trojan Remover component] -------------------- -------------------- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe 148888 bytes Created: 01.08.2012 16:06 Modified: 01.08.2012 16:06 Company: Nokia -------------------- C:\windows\System32\dllhost.exe 9728 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 222592 bytes Created: 21.09.2010 07:49 Modified: 21.09.2010 07:49 Company: Microsoft Corp. -------------------- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe 103720 bytes Created: 02.11.2009 07:21 Modified: 02.11.2009 07:21 Company: CyberLink -------------------- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe 87336 bytes Created: 20.09.2010 05:24 Modified: 20.09.2010 05:24 Company: CyberLink Corp. -------------------- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe 719360 bytes Created: 09.06.2011 08:23 Modified: 11.01.2011 08:31 Company: Samsung Electronics Co., Ltd. -------------------- ************************************************************ 18:04:05: Checking HOSTS file No malicious entries were found in the HOSTS file ************************************************************ ------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------ HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page": ChatZum Search HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page": C:\Windows\SysWOW64\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page": Bing HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL": MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL": Bing HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page": HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page": C:\windows\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page": This value is blank HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL": MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN ************************************************************ === NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES === Scan completed at: 18:04:06 30 Sep 2012 Total Scan time: 00:02:33 ************************************************************ ***** NORMAL SCAN FOR ACTIVE MALWARE ***** Trojan Remover Ver 6.8.5.2611. For information, email support@simplysup.com [Unregistered version] Scan started at: 17:55:04 30 Sep 2012 Using Database v7962 Operating System: Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601] File System: NTFS UAC is ENABLED [default level] UserData directory: C:\Users\fabo\AppData\Roaming\Simply Super Software\Trojan Remover\ Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\ Logfile directory: C:\Users\fabo\Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files (x86)\Trojan Remover\ Running with Administrator privileges ************************************************************ 17:55:04: ----- CHECKING DEFAULT FILE ASSOCIATIONS ----- No modified default file associations detected ************************************************************ 17:55:04: ----- SCANNING FOR ROOTKIT SERVICES ----- No hidden Services were detected. ************************************************************ 17:55:04: Scanning -----WINDOWS REGISTRY----- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon This key's "Shell" value calls the following program(s): Key value: [explorer.exe] File: C:\windows\Explorer.exe C:\windows\Explorer.exe 2871808 bytes Created: 30.08.2011 17:48 Modified: 25.02.2011 08:19 Company: Microsoft Corporation ---------- This key's "Userinit" value calls the following program(s): Key value: [C:\Windows\system32\userinit.exe,] File: C:\Windows\system32\userinit.exe C:\windows\System32\userinit.exe 30720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: [avgnt] Value Data: ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 348664 bytes Created: 08.03.2012 19:27 Modified: 08.08.2012 18:26 Company: Avira Operations GmbH & Co. KG -------------------- Value Name: [HP Software Update] Value Data: [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 49208 bytes Created: 10.05.2011 02:41 Modified: 10.05.2011 02:41 Company: Hewlett-Packard -------------------- Value Name: [Adobe ARM] Value Data: ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 919008 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated -------------------- Value Name: [APSDaemon] Value Data: ["C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 59280 bytes Created: 30.05.2012 20:06 Modified: 30.05.2012 20:06 Company: Apple Inc. -------------------- Value Name: [iTunesHelper] Value Data: ["C:\Program Files (x86)\iTunes\iTunesHelper.exe"] C:\Program Files (x86)\iTunes\iTunesHelper.exe 421776 bytes Created: 07.06.2012 19:33 Modified: 07.06.2012 19:33 Company: Apple Inc. -------------------- Value Name: [Norton Online Backup] Value Data: [C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe 1155928 bytes Created: 01.06.2010 15:33 Modified: 01.06.2010 15:33 Company: Symantec Corporation -------------------- Value Name: [SunJavaUpdateSched] Value Data: ["C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 252848 bytes Created: 03.07.2012 09:04 Modified: 03.07.2012 09:04 Company: Sun Microsystems, Inc. -------------------- Value Name: [TrojanScanner] Value Data: [C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot] C:\Program Files (x86)\Trojan Remover\Trjscan.exe 1247504 bytes Created: 30.09.2012 17:53 Modified: 30.09.2012 17:54 Company: Simply Super Software -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run Value Name: [NokiaSuite.exe] Value Data: [C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe 1086376 bytes Created: 03.08.2012 16:06 Modified: 03.08.2012 16:06 Company: Nokia -------------------- Value Name: [BlazeServoTool] Value Data: ["C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe"] C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe - [file not found to scan] -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty ************************************************************ 17:55:05: Scanning -----WINDOWS 64 Bit REGISTRY----- -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: [RtHDVCpl] Value Data: [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 11855976 bytes Created: 09.06.2011 08:08 Modified: 19.05.2011 04:21 Company: Realtek Semiconductor -------------------- Value Name: [IgfxTray] Value Data: [C:\windows\system32\igfxtray.exe] C:\windows\System32\igfxtray.exe 167704 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [HotKeysCmds] Value Data: [C:\windows\system32\hkcmd.exe] C:\windows\System32\hkcmd.exe 392984 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [Persistence] Value Data: [C:\windows\system32\igfxpers.exe] C:\windows\System32\igfxpers.exe 417560 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- Value Name: [ETDCtrl] Value Data: [%ProgramFiles%\Elantech\ETDCtrl.exe] C:\Program Files\Elantech\ETDCtrl.exe 2817872 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce This Registry key appears to be empty ************************************************************ 17:55:06: Scanning -----SHELLEXECUTEHOOKS----- ShellExecuteHooks key is empty ************************************************************ 17:55:06: Scanning -----HIDDEN REGISTRY ENTRIES----- Taskdir check completed ---------- No Hidden File-loading Registry Entries found ---------- ************************************************************ 17:55:06: Scanning -----ACTIVE SCREENSAVER----- No active ScreenSaver found to scan. ************************************************************ 17:55:06: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----- Key: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} Path: %SystemRoot%\system32\unregmp2.exe /ShowWMP C:\windows\System32\unregmp2.exe 323584 bytes Created: 14.07.2009 02:23 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: >{26923b43-4d38-484f-9b9e-de460746276c} Path: C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig C:\Windows\SysWOW64\ie4uinit.exe 74240 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} Path: "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP C:\Windows\SysWOW64\iedkcs32.dll 353584 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} Path: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll C:\windows\System32\themeui.dll 2851840 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} Path: "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE C:\Program Files (x86)\Windows Mail\WinMail.exe Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6} Path: %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI C:\windows\System32\unregmp2.exe 323584 bytes Created: 14.07.2009 02:23 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: {89820200-ECBD-11cf-8B85-00AA005B4340} Path: regsvr32.exe /s /n /i:U shell32.dll C:\windows\System32\shell32.dll 14172672 bytes Created: 10.07.2012 21:35 Modified: 09.06.2012 07:43 Company: Microsoft Corporation ---------- Key: {89820200-ECBD-11cf-8B85-00AA005B4383} Path: C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings C:\Windows\SysWOW64\ie4uinit.exe 74240 bytes Created: 09.06.2011 23:55 Modified: 09.06.2011 23:55 Company: Microsoft Corporation ---------- Key: {89B4C1CD-B018-4511-B0A1-5476DBF70820} Path: C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install C:\Windows\SysWOW64\mscories.dll 80720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- ************************************************************ 17:55:07: Scanning ----- SERVICEDLL REGISTRY KEYS ----- ************************************************************ 17:55:08: Scanning ----- SERVICES REGISTRY KEYS ----- Key: 1394ohci ImagePath: \SystemRoot\system32\drivers\1394ohci.sys C:\windows\System32\drivers\1394ohci.sys 229888 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: ACPI ImagePath: system32\drivers\ACPI.sys C:\windows\System32\drivers\ACPI.sys 334208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: AcpiPmi ImagePath: \SystemRoot\system32\drivers\acpipmi.sys C:\windows\System32\drivers\acpipmi.sys 12800 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: AdobeARMservice ImagePath: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 63960 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated ---------- Key: AdobeFlashPlayerUpdateSvc ImagePath: C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 250288 bytes Created: 25.06.2012 21:23 Modified: 29.09.2012 21:21 Company: Adobe Systems Incorporated ---------- Key: adp94xx ImagePath: \SystemRoot\system32\drivers\adp94xx.sys C:\windows\System32\drivers\adp94xx.sys 491088 bytes Created: 10.06.2009 22:36 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: adpahci ImagePath: \SystemRoot\system32\drivers\adpahci.sys C:\windows\System32\drivers\adpahci.sys 339536 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: adpu320 ImagePath: \SystemRoot\system32\drivers\adpu320.sys C:\windows\System32\drivers\adpu320.sys 182864 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: AFD ImagePath: \SystemRoot\system32\drivers\afd.sys C:\windows\System32\drivers\afd.sys 498688 bytes Created: 16.02.2012 23:34 Modified: 28.12.2011 05:59 Company: Microsoft Corporation ---------- Key: agp440 ImagePath: \SystemRoot\system32\drivers\agp440.sys C:\windows\System32\drivers\agp440.sys 61008 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: ALG ImagePath: %SystemRoot%\System32\alg.exe C:\windows\System32\alg.exe 79360 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 03:38 Company: Microsoft Corporation ---------- Key: aliide ImagePath: \SystemRoot\system32\drivers\aliide.sys C:\windows\System32\drivers\aliide.sys 15440 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Acer Laboratories Inc. ---------- Key: amdide ImagePath: \SystemRoot\system32\drivers\amdide.sys C:\windows\System32\drivers\amdide.sys 15440 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: AmdK8 ImagePath: \SystemRoot\system32\drivers\amdk8.sys C:\windows\System32\drivers\amdk8.sys 64512 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: AmdPPM ImagePath: \SystemRoot\system32\drivers\amdppm.sys C:\windows\System32\drivers\amdppm.sys 60928 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: amdsata ImagePath: \SystemRoot\system32\drivers\amdsata.sys C:\windows\System32\drivers\amdsata.sys 107904 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Advanced Micro Devices ---------- Key: amdsbs ImagePath: \SystemRoot\system32\drivers\amdsbs.sys C:\windows\System32\drivers\amdsbs.sys 194128 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:52 Company: AMD Technologies Inc. ---------- Key: amdxata ImagePath: system32\drivers\amdxata.sys C:\windows\System32\drivers\amdxata.sys 27008 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Advanced Micro Devices ---------- Key: AntiVirSchedulerService ImagePath: "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 86224 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: AntiVirService ImagePath: "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 110032 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: AppID ImagePath: \SystemRoot\system32\drivers\appid.sys C:\windows\System32\drivers\appid.sys 61440 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Apple Mobile Device ImagePath: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 55184 bytes Created: 24.05.2012 13:28 Modified: 24.05.2012 13:28 Company: Apple Inc. ---------- Key: arc ImagePath: \SystemRoot\system32\drivers\arc.sys C:\windows\System32\drivers\arc.sys 87632 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: arcsas ImagePath: \SystemRoot\system32\drivers\arcsas.sys C:\windows\System32\drivers\arcsas.sys 97856 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:52 Company: Adaptec, Inc. ---------- Key: AsyncMac ImagePath: system32\DRIVERS\asyncmac.sys C:\windows\System32\DRIVERS\asyncmac.sys 23040 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: atapi ImagePath: system32\drivers\atapi.sys C:\windows\System32\drivers\atapi.sys 24128 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: avgntflt ImagePath: system32\DRIVERS\avgntflt.sys C:\windows\System32\DRIVERS\avgntflt.sys 98848 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira GmbH ---------- Key: avipbb ImagePath: system32\DRIVERS\avipbb.sys C:\windows\System32\DRIVERS\avipbb.sys 132832 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira GmbH ---------- Key: avkmgr ImagePath: system32\DRIVERS\avkmgr.sys C:\windows\System32\DRIVERS\avkmgr.sys 27760 bytes Created: 08.03.2012 19:27 Modified: 16.09.2011 17:08 Company: Avira GmbH ---------- Key: b06bdrv ImagePath: \SystemRoot\system32\drivers\bxvbda.sys C:\windows\System32\drivers\bxvbda.sys 468480 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: b57nd60a ImagePath: system32\DRIVERS\b57nd60a.sys C:\windows\System32\DRIVERS\b57nd60a.sys 270848 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: blbdrive ImagePath: system32\DRIVERS\blbdrive.sys C:\windows\System32\DRIVERS\blbdrive.sys 45056 bytes Created: 14.07.2009 01:35 Modified: 14.07.2009 01:35 Company: Microsoft Corporation ---------- Key: Bonjour Service ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Program Files\Bonjour\mDNSResponder.exe 462184 bytes Created: 30.08.2011 23:05 Modified: 30.08.2011 23:05 Company: Apple Inc. ---------- Key: bowser ImagePath: system32\DRIVERS\bowser.sys C:\windows\System32\DRIVERS\bowser.sys 90624 bytes Created: 09.06.2011 08:41 Modified: 23.02.2011 06:55 Company: Microsoft Corporation ---------- Key: BrFiltLo ImagePath: \SystemRoot\system32\drivers\BrFiltLo.sys C:\windows\System32\drivers\BrFiltLo.sys 18432 bytes Created: 14.07.2009 03:19 Modified: 10.06.2009 22:41 Company: Brother Industries, Ltd. ---------- Key: BrFiltUp ImagePath: \SystemRoot\system32\drivers\BrFiltUp.sys C:\windows\System32\drivers\BrFiltUp.sys 8704 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries, Ltd. ---------- Key: Brserid ImagePath: \SystemRoot\System32\Drivers\Brserid.sys C:\windows\System32\Drivers\Brserid.sys 286720 bytes Created: 14.07.2009 03:19 Modified: 14.07.2009 03:19 Company: Brother Industries Ltd. ---------- Key: BrSerWdm ImagePath: \SystemRoot\System32\Drivers\BrSerWdm.sys C:\windows\System32\Drivers\BrSerWdm.sys 47104 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BrUsbMdm ImagePath: \SystemRoot\System32\Drivers\BrUsbMdm.sys C:\windows\System32\Drivers\BrUsbMdm.sys 14976 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BrUsbSer ImagePath: \SystemRoot\System32\Drivers\BrUsbSer.sys C:\windows\System32\Drivers\BrUsbSer.sys 14720 bytes Created: 14.07.2009 03:20 Modified: 10.06.2009 22:41 Company: Brother Industries Ltd. ---------- Key: BthEnum ImagePath: \SystemRoot\system32\drivers\BthEnum.sys C:\windows\System32\drivers\BthEnum.sys 41984 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: BTHMODEM ImagePath: \SystemRoot\system32\drivers\bthmodem.sys C:\windows\System32\drivers\bthmodem.sys 72192 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: BthPan ImagePath: system32\DRIVERS\bthpan.sys C:\windows\System32\DRIVERS\bthpan.sys 118784 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: BTHPORT ImagePath: \SystemRoot\System32\Drivers\BTHport.sys C:\windows\System32\Drivers\BTHport.sys 552960 bytes Created: 15.08.2012 21:47 Modified: 06.07.2012 22:07 Company: Microsoft Corporation ---------- Key: BTHUSB ImagePath: \SystemRoot\System32\Drivers\BTHUSB.sys C:\windows\System32\Drivers\BTHUSB.sys 80384 bytes Created: 31.08.2011 16:13 Modified: 28.04.2011 05:54 Company: Microsoft Corporation ---------- Key: cdfs ImagePath: system32\DRIVERS\cdfs.sys C:\windows\System32\DRIVERS\cdfs.sys 92160 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: cdrom ImagePath: system32\DRIVERS\cdrom.sys C:\windows\System32\DRIVERS\cdrom.sys 147456 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: circlass ImagePath: \SystemRoot\system32\drivers\circlass.sys C:\windows\System32\drivers\circlass.sys 45568 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: CLFS ImagePath: System32\CLFS.sys C:\windows\System32\CLFS.sys 367696 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: clr_optimization_v2.0.50727_32 ImagePath: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 66384 bytes Created: 13.07.2009 22:46 Modified: 10.06.2009 23:23 Company: Microsoft Corporation ---------- Key: clr_optimization_v2.0.50727_64 ImagePath: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 89920 bytes Created: 13.07.2009 22:37 Modified: 10.06.2009 22:39 Company: Microsoft Corporation ---------- Key: clr_optimization_v4.0.30319_32 ImagePath: C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 130384 bytes Created: 18.03.2010 13:16 Modified: 18.03.2010 13:16 Company: Microsoft Corporation ---------- Key: clr_optimization_v4.0.30319_64 ImagePath: C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 138576 bytes Created: 18.03.2010 14:27 Modified: 18.03.2010 14:27 Company: Microsoft Corporation ---------- Key: clwvd ImagePath: system32\DRIVERS\clwvd.sys C:\windows\System32\DRIVERS\clwvd.sys 31088 bytes Created: 10.11.2010 01:04 Modified: 10.11.2010 01:04 Company: CyberLink Corporation ---------- Key: CmBatt ImagePath: system32\DRIVERS\CmBatt.sys C:\windows\System32\DRIVERS\CmBatt.sys 17664 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: cmdide ImagePath: \SystemRoot\system32\drivers\cmdide.sys C:\windows\System32\drivers\cmdide.sys 17488 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:52 Company: CMD Technology, Inc. ---------- Key: CNG ImagePath: System32\Drivers\cng.sys C:\windows\System32\Drivers\cng.sys 458704 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:50 Company: Microsoft Corporation ---------- Key: Compbatt ImagePath: system32\DRIVERS\compbatt.sys C:\windows\System32\DRIVERS\compbatt.sys 21584 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:52 Company: Microsoft Corporation ---------- Key: CompositeBus ImagePath: system32\DRIVERS\CompositeBus.sys C:\windows\System32\DRIVERS\CompositeBus.sys 38912 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: COMSysApp ImagePath: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} C:\windows\System32\dllhost.exe 9728 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: crcdisk ImagePath: \SystemRoot\system32\drivers\crcdisk.sys C:\windows\System32\drivers\crcdisk.sys 24144 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: cvhsvc ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 822624 bytes Created: 04.01.2012 15:22 Modified: 04.01.2012 15:22 Company: Microsoft Corporation ---------- Key: DfsC ImagePath: System32\Drivers\dfsc.sys C:\windows\System32\Drivers\dfsc.sys 102400 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: discache ImagePath: System32\drivers\discache.sys C:\windows\System32\drivers\discache.sys 40448 bytes Created: 14.07.2009 01:37 Modified: 14.07.2009 01:37 Company: Microsoft Corporation ---------- Key: Disk ImagePath: system32\drivers\disk.sys C:\windows\System32\drivers\disk.sys 73280 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: drmkaud ImagePath: system32\drivers\drmkaud.sys C:\windows\System32\drivers\drmkaud.sys 5632 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: DXGKrnl ImagePath: \SystemRoot\System32\drivers\dxgkrnl.sys C:\windows\System32\drivers\dxgkrnl.sys 982912 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ebdrv ImagePath: \SystemRoot\system32\drivers\evbda.sys C:\windows\System32\drivers\evbda.sys 3286016 bytes Created: 10.06.2009 22:34 Modified: 10.06.2009 22:34 Company: Broadcom Corporation ---------- Key: EFS ImagePath: %SystemRoot%\System32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: ehRecvr ImagePath: %systemroot%\ehome\ehRecvr.exe C:\windows\ehome\ehRecvr.exe 696832 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ehSched ImagePath: %systemroot%\ehome\ehsched.exe C:\windows\ehome\ehsched.exe 127488 bytes Created: 14.07.2009 02:24 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: elxstor ImagePath: \SystemRoot\system32\drivers\elxstor.sys C:\windows\System32\drivers\elxstor.sys 530496 bytes Created: 10.06.2009 22:36 Modified: 14.07.2009 03:47 Company: Emulex ---------- Key: ErrDev ImagePath: \SystemRoot\system32\drivers\errdev.sys C:\windows\System32\drivers\errdev.sys 9728 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: ETD ImagePath: system32\DRIVERS\ETD.sys C:\windows\System32\DRIVERS\ETD.sys 258896 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. ---------- Key: Fax ImagePath: %systemroot%\system32\fxssvc.exe C:\windows\System32\fxssvc.exe 689152 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: fdc ImagePath: \SystemRoot\system32\drivers\fdc.sys C:\windows\System32\drivers\fdc.sys 29696 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: FileInfo ImagePath: system32\drivers\fileinfo.sys C:\windows\System32\drivers\fileinfo.sys 70224 bytes Created: 14.07.2009 01:34 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: Filetrace ImagePath: system32\drivers\filetrace.sys C:\windows\System32\drivers\filetrace.sys 34304 bytes Created: 14.07.2009 01:25 Modified: 14.07.2009 01:25 Company: Microsoft Corporation ---------- Key: flpydisk ImagePath: \SystemRoot\system32\drivers\flpydisk.sys C:\windows\System32\drivers\flpydisk.sys 24576 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: FltMgr ImagePath: system32\drivers\fltmgr.sys C:\windows\System32\drivers\fltmgr.sys 289664 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: FontCache3.0.0.0 ImagePath: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 42856 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: FsDepends ImagePath: System32\drivers\FsDepends.sys C:\windows\System32\drivers\FsDepends.sys 55376 bytes Created: 14.07.2009 01:26 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: fvevol ImagePath: System32\DRIVERS\fvevol.sys C:\windows\System32\DRIVERS\fvevol.sys 223248 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: gagp30kx ImagePath: \SystemRoot\system32\drivers\gagp30kx.sys C:\windows\System32\drivers\gagp30kx.sys 65088 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:47 Company: Microsoft Corporation ---------- Key: GameConsoleService ImagePath: "C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe" C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe 246520 bytes Created: 03.06.2010 19:48 Modified: 03.06.2010 19:48 Company: WildTangent, Inc. ---------- Key: GEARAspiWDM ImagePath: system32\DRIVERS\GEARAspiWDM.sys C:\windows\System32\DRIVERS\GEARAspiWDM.sys 34152 bytes Created: 14.08.2012 23:12 Modified: 18.05.2009 13:17 Company: GEAR Software Inc. ---------- Key: hcw85cir ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys C:\windows\System32\drivers\hcw85cir.sys 31232 bytes Created: 14.07.2009 00:53 Modified: 10.06.2009 22:31 Company: Hauppauge Computer Works, Inc. ---------- Key: HdAudAddService ImagePath: system32\drivers\HdAudio.sys C:\windows\System32\drivers\HdAudio.sys 350208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HDAudBus ImagePath: system32\DRIVERS\HDAudBus.sys C:\windows\System32\DRIVERS\HDAudBus.sys 122368 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HidBatt ImagePath: \SystemRoot\system32\drivers\HidBatt.sys C:\windows\System32\drivers\HidBatt.sys 26624 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: HidBth ImagePath: \SystemRoot\system32\drivers\hidbth.sys C:\windows\System32\drivers\hidbth.sys 100864 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: HidIr ImagePath: \SystemRoot\system32\drivers\hidir.sys C:\windows\System32\drivers\hidir.sys 46592 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: HidUsb ImagePath: system32\DRIVERS\hidusb.sys C:\windows\System32\DRIVERS\hidusb.sys 30208 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: HpSAMD ImagePath: \SystemRoot\system32\drivers\HpSAMD.sys C:\windows\System32\drivers\HpSAMD.sys 78720 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Hewlett-Packard Company ---------- Key: HTTP ImagePath: system32\drivers\HTTP.sys C:\windows\System32\drivers\HTTP.sys 753664 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: hwpolicy ImagePath: System32\drivers\hwpolicy.sys C:\windows\System32\drivers\hwpolicy.sys 14720 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: i8042prt ImagePath: system32\DRIVERS\i8042prt.sys C:\windows\System32\DRIVERS\i8042prt.sys 105472 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: iaStor ImagePath: system32\DRIVERS\iaStor.sys C:\windows\System32\DRIVERS\iaStor.sys 437272 bytes Created: 09.06.2011 08:05 Modified: 13.09.2010 11:24 Company: Intel Corporation ---------- Key: iaStorV ImagePath: \SystemRoot\system32\drivers\iaStorV.sys C:\windows\System32\drivers\iaStorV.sys 410496 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: Intel Corporation ---------- Key: idsvc ImagePath: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 856400 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: igfx ImagePath: system32\DRIVERS\igdkmd64.sys C:\windows\System32\DRIVERS\igdkmd64.sys 12311904 bytes Created: 10.01.2012 14:28 Modified: 10.01.2012 14:28 Company: Intel Corporation ---------- Key: iirsp ImagePath: \SystemRoot\system32\drivers\iirsp.sys C:\windows\System32\drivers\iirsp.sys 44112 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: Intel Corp./ICP vortex GmbH ---------- Key: IntcAzAudAddService ImagePath: system32\drivers\RTKVHD64.sys C:\windows\System32\drivers\RTKVHD64.sys 2881256 bytes Created: 09.06.2011 08:08 Modified: 25.05.2011 06:34 Company: Realtek Semiconductor Corp. ---------- Key: IntcDAud ImagePath: system32\DRIVERS\IntcDAud.sys C:\windows\System32\DRIVERS\IntcDAud.sys 317440 bytes Created: 23.08.2011 05:12 Modified: 23.08.2011 05:12 Company: Intel(R) Corporation ---------- Key: intelide ImagePath: \SystemRoot\system32\drivers\intelide.sys C:\windows\System32\drivers\intelide.sys 16960 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: intelppm ImagePath: system32\DRIVERS\intelppm.sys C:\windows\System32\DRIVERS\intelppm.sys 62464 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: IpFilterDriver ImagePath: system32\DRIVERS\ipfltdrv.sys C:\windows\System32\DRIVERS\ipfltdrv.sys 82944 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: IPMIDRV ImagePath: \SystemRoot\system32\drivers\IPMIDrv.sys C:\windows\System32\drivers\IPMIDrv.sys 78848 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: IPNAT ImagePath: System32\drivers\ipnat.sys C:\windows\System32\drivers\ipnat.sys 116224 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: iPod Service ImagePath: "C:\Program Files\iPod\bin\iPodService.exe" C:\Program Files\iPod\bin\iPodService.exe 936848 bytes Created: 07.06.2012 19:33 Modified: 07.06.2012 19:33 Company: Apple Inc. ---------- Key: IRENUM ImagePath: system32\drivers\irenum.sys C:\windows\System32\drivers\irenum.sys 17920 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: isapnp ImagePath: \SystemRoot\system32\drivers\isapnp.sys C:\windows\System32\drivers\isapnp.sys 20544 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: iScsiPrt ImagePath: \SystemRoot\system32\drivers\msiscsi.sys C:\windows\System32\drivers\msiscsi.sys 273792 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: IT9135BDA ImagePath: System32\Drivers\IT9135BDA.sys C:\windows\System32\Drivers\IT9135BDA.sys 113280 bytes Created: 03.02.2010 10:05 Modified: 03.02.2010 10:05 Company: ITE ---------- Key: kbdclass ImagePath: system32\DRIVERS\kbdclass.sys C:\windows\System32\DRIVERS\kbdclass.sys 50768 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: kbdhid ImagePath: \SystemRoot\system32\drivers\kbdhid.sys C:\windows\System32\drivers\kbdhid.sys 33280 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: KeyIso ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: KSecDD ImagePath: System32\Drivers\ksecdd.sys C:\windows\System32\Drivers\ksecdd.sys 95600 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:48 Company: Microsoft Corporation ---------- Key: KSecPkg ImagePath: System32\Drivers\ksecpkg.sys C:\windows\System32\Drivers\ksecpkg.sys 151920 bytes Created: 10.07.2012 21:35 Modified: 02.06.2012 07:48 Company: Microsoft Corporation ---------- Key: ksthunk ImagePath: \SystemRoot\system32\drivers\ksthunk.sys C:\windows\System32\drivers\ksthunk.sys 20992 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: lltdio ImagePath: system32\DRIVERS\lltdio.sys C:\windows\System32\DRIVERS\lltdio.sys 60928 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: LMS ImagePath: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 326424 bytes Created: 09.06.2011 08:05 Modified: 05.05.2011 14:44 Company: Intel Corporation ---------- Key: LSI_FC ImagePath: \SystemRoot\system32\drivers\lsi_fc.sys C:\windows\System32\drivers\lsi_fc.sys 114752 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SAS ImagePath: \SystemRoot\system32\drivers\lsi_sas.sys C:\windows\System32\drivers\lsi_sas.sys 106560 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SAS2 ImagePath: \SystemRoot\system32\drivers\lsi_sas2.sys C:\windows\System32\drivers\lsi_sas2.sys 65600 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: LSI_SCSI ImagePath: \SystemRoot\system32\drivers\lsi_scsi.sys C:\windows\System32\drivers\lsi_scsi.sys 115776 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: luafv ImagePath: \SystemRoot\system32\drivers\luafv.sys C:\windows\System32\drivers\luafv.sys 113152 bytes Created: 14.07.2009 01:26 Modified: 14.07.2009 01:26 Company: Microsoft Corporation ---------- Key: MBAMProtector ImagePath: \??\C:\windows\system32\drivers\mbam.sys C:\windows\System32\drivers\mbam.sys 25928 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: MBAMScheduler ImagePath: "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 399432 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: MBAMService ImagePath: "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 676936 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation ---------- Key: McComponentHostService ImagePath: "C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe" C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe 237008 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. ---------- Key: megasas ImagePath: \SystemRoot\system32\drivers\megasas.sys C:\windows\System32\drivers\megasas.sys 35392 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:48 Company: LSI Corporation ---------- Key: MegaSR ImagePath: \SystemRoot\system32\drivers\MegaSR.sys C:\windows\System32\drivers\MegaSR.sys 284736 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: LSI Corporation, Inc. ---------- Key: MEIx64 ImagePath: system32\DRIVERS\HECIx64.sys C:\windows\System32\DRIVERS\HECIx64.sys 56344 bytes Created: 09.06.2011 23:17 Modified: 20.10.2010 18:34 Company: Intel Corporation ---------- Key: Modem ImagePath: system32\drivers\modem.sys C:\windows\System32\drivers\modem.sys 40448 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: monitor ImagePath: system32\DRIVERS\monitor.sys C:\windows\System32\DRIVERS\monitor.sys 30208 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: mouclass ImagePath: system32\DRIVERS\mouclass.sys C:\windows\System32\DRIVERS\mouclass.sys 49216 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: mouhid ImagePath: system32\DRIVERS\mouhid.sys C:\windows\System32\DRIVERS\mouhid.sys 31232 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: mountmgr ImagePath: System32\drivers\mountmgr.sys C:\windows\System32\drivers\mountmgr.sys 94592 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: MozillaMaintenance ImagePath: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 114144 bytes Created: 14.09.2012 00:20 Modified: 06.09.2012 03:25 Company: Mozilla Foundation ---------- Key: mpio ImagePath: \SystemRoot\system32\drivers\mpio.sys C:\windows\System32\drivers\mpio.sys 155008 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: mpsdrv ImagePath: System32\drivers\mpsdrv.sys C:\windows\System32\drivers\mpsdrv.sys 77312 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: MRxDAV ImagePath: \SystemRoot\system32\drivers\mrxdav.sys C:\windows\System32\drivers\mrxdav.sys 140800 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: mrxsmb ImagePath: system32\DRIVERS\mrxsmb.sys C:\windows\System32\DRIVERS\mrxsmb.sys 158208 bytes Created: 30.08.2011 17:47 Modified: 27.04.2011 04:40 Company: Microsoft Corporation ---------- Key: mrxsmb10 ImagePath: system32\DRIVERS\mrxsmb10.sys C:\windows\System32\DRIVERS\mrxsmb10.sys 288768 bytes Created: 30.08.2011 17:47 Modified: 09.07.2011 04:46 Company: Microsoft Corporation ---------- Key: mrxsmb20 ImagePath: system32\DRIVERS\mrxsmb20.sys C:\windows\System32\DRIVERS\mrxsmb20.sys 128000 bytes Created: 30.08.2011 17:47 Modified: 27.04.2011 04:39 Company: Microsoft Corporation ---------- Key: msahci ImagePath: system32\drivers\msahci.sys C:\windows\System32\drivers\msahci.sys 31104 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: msdsm ImagePath: \SystemRoot\system32\drivers\msdsm.sys C:\windows\System32\drivers\msdsm.sys 140672 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: MSDTC ImagePath: %SystemRoot%\System32\msdtc.exe C:\windows\System32\msdtc.exe 141824 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: mshidkmdf ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys C:\windows\System32\drivers\mshidkmdf.sys 8192 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: msisadrv ImagePath: system32\drivers\msisadrv.sys C:\windows\System32\drivers\msisadrv.sys 15424 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: msiserver ImagePath: %systemroot%\system32\msiexec.exe /V C:\windows\System32\msiexec.exe 128000 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: MSKSSRV ImagePath: system32\drivers\MSKSSRV.sys C:\windows\System32\drivers\MSKSSRV.sys 11136 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MSPCLOCK ImagePath: system32\drivers\MSPCLOCK.sys C:\windows\System32\drivers\MSPCLOCK.sys 7168 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MSPQM ImagePath: system32\drivers\MSPQM.sys C:\windows\System32\drivers\MSPQM.sys 6784 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: mssmbios ImagePath: system32\DRIVERS\mssmbios.sys C:\windows\System32\DRIVERS\mssmbios.sys 32320 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: MSTEE ImagePath: system32\drivers\MSTEE.sys C:\windows\System32\drivers\MSTEE.sys 8064 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: MTConfig ImagePath: \SystemRoot\system32\drivers\MTConfig.sys C:\windows\System32\drivers\MTConfig.sys 15360 bytes Created: 14.07.2009 02:02 Modified: 14.07.2009 02:02 Company: Microsoft Corporation ---------- Key: Mup ImagePath: System32\Drivers\mup.sys C:\windows\System32\Drivers\mup.sys 60496 bytes Created: 14.07.2009 01:23 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: NativeWifiP ImagePath: system32\DRIVERS\nwifi.sys C:\windows\System32\DRIVERS\nwifi.sys 318976 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: NDIS ImagePath: system32\drivers\ndis.sys C:\windows\System32\drivers\ndis.sys 950128 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: NdisCap ImagePath: system32\DRIVERS\ndiscap.sys C:\windows\System32\DRIVERS\ndiscap.sys 35328 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: NdisTapi ImagePath: system32\DRIVERS\ndistapi.sys C:\windows\System32\DRIVERS\ndistapi.sys 24064 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: Ndisuio ImagePath: system32\DRIVERS\ndisuio.sys C:\windows\System32\DRIVERS\ndisuio.sys 56832 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: NdisWan ImagePath: system32\DRIVERS\ndiswan.sys C:\windows\System32\DRIVERS\ndiswan.sys 164352 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: NetBIOS ImagePath: system32\DRIVERS\netbios.sys C:\windows\System32\DRIVERS\netbios.sys 44544 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: NetBT ImagePath: System32\DRIVERS\netbt.sys C:\windows\System32\DRIVERS\netbt.sys 261632 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: Netlogon ImagePath: %systemroot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: NETwNs64 ImagePath: system32\DRIVERS\NETwNs64.sys C:\windows\System32\DRIVERS\NETwNs64.sys 11417088 bytes Created: 01.12.2011 22:51 Modified: 01.12.2011 22:51 Company: Intel Corporation ---------- Key: nfrd960 ImagePath: \SystemRoot\system32\drivers\nfrd960.sys C:\windows\System32\drivers\nfrd960.sys 51264 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:48 Company: IBM Corporation ---------- Key: nmwcd ImagePath: system32\drivers\ccdcmbx64.sys C:\windows\System32\drivers\ccdcmbx64.sys 19968 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: nmwcdc ImagePath: system32\drivers\ccdcmbox64.sys C:\windows\System32\drivers\ccdcmbox64.sys 27136 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: NOBU ImagePath: "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 2804568 bytes Created: 01.06.2010 15:31 Modified: 01.06.2010 15:31 Company: Symantec Corporation ---------- Key: nsiproxy ImagePath: system32\drivers\nsiproxy.sys C:\windows\System32\drivers\nsiproxy.sys 24576 bytes Created: 14.07.2009 01:21 Modified: 14.07.2009 01:21 Company: Microsoft Corporation ---------- Key: nvlddmkm ImagePath: system32\DRIVERS\nvlddmkm.sys C:\windows\System32\DRIVERS\nvlddmkm.sys 13042408 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nvpciflt ImagePath: system32\DRIVERS\nvpciflt.sys C:\windows\System32\DRIVERS\nvpciflt.sys 25960 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nvraid ImagePath: \SystemRoot\system32\drivers\nvraid.sys C:\windows\System32\drivers\nvraid.sys 148352 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: NVIDIA Corporation ---------- Key: nvstor ImagePath: \SystemRoot\system32\drivers\nvstor.sys C:\windows\System32\drivers\nvstor.sys 166272 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 08:41 Company: NVIDIA Corporation ---------- Key: NVSvc ImagePath: %SystemRoot%\system32\nvvsvc.exe C:\windows\System32\nvvsvc.exe 993896 bytes Created: 17.01.2011 04:07 Modified: 17.01.2011 04:07 Company: NVIDIA Corporation ---------- Key: nvUpdatusService ImagePath: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 2009704 bytes Created: 09.06.2011 08:07 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- Key: nv_agp ImagePath: \SystemRoot\system32\drivers\nv_agp.sys C:\windows\System32\drivers\nv_agp.sys 122960 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:48 Company: Microsoft Corporation ---------- Key: ohci1394 ImagePath: \SystemRoot\system32\drivers\ohci1394.sys C:\windows\System32\drivers\ohci1394.sys 72832 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: ose ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 149352 bytes Created: 09.01.2010 21:18 Modified: 09.01.2010 21:18 Company: Microsoft Corporation ---------- Key: osppsvc ImagePath: "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 4925184 bytes Created: 09.01.2010 21:34 Modified: 09.01.2010 21:34 Company: Microsoft Corporation ---------- Key: Parport ImagePath: \SystemRoot\system32\drivers\parport.sys C:\windows\System32\drivers\parport.sys 97280 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: partmgr ImagePath: System32\drivers\partmgr.sys C:\windows\System32\drivers\partmgr.sys 75120 bytes Created: 09.05.2012 19:25 Modified: 17.03.2012 09:58 Company: Microsoft Corporation ---------- Key: pccsmcfd ImagePath: system32\DRIVERS\pccsmcfdx64.sys C:\windows\System32\DRIVERS\pccsmcfdx64.sys 26112 bytes Created: 19.12.2011 23:08 Modified: 27.06.2012 15:18 Company: Nokia ---------- Key: pci ImagePath: system32\drivers\pci.sys C:\windows\System32\drivers\pci.sys 184704 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: pciide ImagePath: \SystemRoot\system32\drivers\pciide.sys C:\windows\System32\drivers\pciide.sys 12352 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: pcmcia ImagePath: \SystemRoot\system32\drivers\pcmcia.sys C:\windows\System32\drivers\pcmcia.sys 220752 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: pcw ImagePath: System32\drivers\pcw.sys C:\windows\System32\drivers\pcw.sys 50768 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: PEAUTH ImagePath: system32\drivers\peauth.sys C:\windows\System32\drivers\peauth.sys 651264 bytes Created: 14.07.2009 01:51 Modified: 14.07.2009 03:01 Company: Microsoft Corporation ---------- Key: PerfHost ImagePath: %SystemRoot%\SysWow64\perfhost.exe C:\windows\SysWow64\perfhost.exe 20992 bytes Created: 14.07.2009 01:11 Modified: 14.07.2009 03:14 Company: Microsoft Corporation ---------- Key: PptpMiniport ImagePath: system32\DRIVERS\raspptp.sys C:\windows\System32\DRIVERS\raspptp.sys 111104 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Processor ImagePath: \SystemRoot\system32\drivers\processr.sys C:\windows\System32\drivers\processr.sys 60416 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 01:19 Company: Microsoft Corporation ---------- Key: ProtectedStorage ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: Psched ImagePath: system32\DRIVERS\pacer.sys C:\windows\System32\DRIVERS\pacer.sys 131584 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: ql2300 ImagePath: \SystemRoot\system32\drivers\ql2300.sys C:\windows\System32\drivers\ql2300.sys 1524816 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: QLogic Corporation ---------- Key: ql40xx ImagePath: \SystemRoot\system32\drivers\ql40xx.sys C:\windows\System32\drivers\ql40xx.sys 128592 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: QLogic Corporation ---------- Key: QWAVEdrv ImagePath: \SystemRoot\system32\drivers\qwavedrv.sys C:\windows\System32\drivers\qwavedrv.sys 46592 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: RasAcd ImagePath: System32\DRIVERS\rasacd.sys C:\windows\System32\DRIVERS\rasacd.sys 14848 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: RasAgileVpn ImagePath: system32\DRIVERS\AgileVpn.sys C:\windows\System32\DRIVERS\AgileVpn.sys 60416 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: Rasl2tp ImagePath: system32\DRIVERS\rasl2tp.sys C:\windows\System32\DRIVERS\rasl2tp.sys 129536 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: RasPppoe ImagePath: system32\DRIVERS\raspppoe.sys C:\windows\System32\DRIVERS\raspppoe.sys 92672 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: RasSstp ImagePath: system32\DRIVERS\rassstp.sys C:\windows\System32\DRIVERS\rassstp.sys 83968 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: rdbss ImagePath: system32\DRIVERS\rdbss.sys C:\windows\System32\DRIVERS\rdbss.sys 309248 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: rdpbus ImagePath: \SystemRoot\system32\drivers\rdpbus.sys C:\windows\System32\drivers\rdpbus.sys 24064 bytes Created: 14.07.2009 02:17 Modified: 14.07.2009 02:17 Company: Microsoft Corporation ---------- Key: RDPCDD ImagePath: System32\DRIVERS\RDPCDD.sys C:\windows\System32\DRIVERS\RDPCDD.sys 7680 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: RDPENCDD ImagePath: system32\drivers\rdpencdd.sys C:\windows\System32\drivers\rdpencdd.sys 7680 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: RDPREFMP ImagePath: system32\drivers\rdprefmp.sys C:\windows\System32\drivers\rdprefmp.sys 8192 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: rdyboost ImagePath: System32\drivers\rdyboost.sys C:\windows\System32\drivers\rdyboost.sys 213888 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: RFCOMM ImagePath: system32\DRIVERS\rfcomm.sys C:\windows\System32\DRIVERS\rfcomm.sys 158720 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: RichVideo ImagePath: "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 244904 bytes Created: 09.06.2011 08:27 Modified: 01.12.2009 09:21 Company: ---------- Key: RpcLocator ImagePath: %SystemRoot%\system32\locator.exe C:\windows\System32\locator.exe 10240 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: rspndr ImagePath: system32\DRIVERS\rspndr.sys C:\windows\System32\DRIVERS\rspndr.sys 76800 bytes Created: 14.07.2009 02:08 Modified: 14.07.2009 02:08 Company: Microsoft Corporation ---------- Key: RTL8167 ImagePath: system32\DRIVERS\Rt64win7.sys C:\windows\System32\DRIVERS\Rt64win7.sys 471144 bytes Created: 09.06.2011 08:09 Modified: 22.04.2011 12:17 Company: Realtek ---------- Key: rtport ImagePath: \??\C:\windows\SysWOW64\drivers\rtport.sys C:\windows\SysWOW64\drivers\rtport.sys 15144 bytes Created: 28.07.2011 03:48 Modified: 28.07.2011 03:48 Company: Windows (R) 2003 DDK 3790 provider ---------- Key: SABI ImagePath: \??\C:\windows\system32\Drivers\SABI.sys C:\windows\System32\Drivers\SABI.sys 13824 bytes Created: 09.06.2011 08:12 Modified: 28.05.2009 08:38 Company: SAMSUNG ELECTRONICS ---------- Key: SamSs ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: Samsung UPD Service ImagePath: "C:\windows\System32\SUPDSvc.exe" C:\windows\System32\SUPDSvc.exe 166704 bytes Created: 09.06.2011 23:20 Modified: 09.08.2010 21:04 Company: Samsung Electronics CO., LTD. ---------- Key: sbp2port ImagePath: \SystemRoot\system32\drivers\sbp2port.sys C:\windows\System32\drivers\sbp2port.sys 103808 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: SBSDWSCService ImagePath: C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 1153368 bytes Created: 29.08.2011 18:34 Modified: 26.01.2009 15:31 Company: Safer Networking Ltd. ---------- Key: scfilter ImagePath: System32\DRIVERS\scfilter.sys C:\windows\System32\DRIVERS\scfilter.sys 29696 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Serenum ImagePath: \SystemRoot\system32\drivers\serenum.sys C:\windows\System32\drivers\serenum.sys 23552 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: Serial ImagePath: \SystemRoot\system32\drivers\serial.sys C:\windows\System32\drivers\serial.sys 94208 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: sermouse ImagePath: \SystemRoot\system32\drivers\sermouse.sys C:\windows\System32\drivers\sermouse.sys 26624 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 02:00 Company: Microsoft Corporation ---------- Key: ServiceLayer ImagePath: "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 724888 bytes Created: 01.08.2012 16:07 Modified: 01.08.2012 16:07 Company: Nokia ---------- Key: sffdisk ImagePath: \SystemRoot\system32\drivers\sffdisk.sys C:\windows\System32\drivers\sffdisk.sys 14336 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: sffp_mmc ImagePath: \SystemRoot\system32\drivers\sffp_mmc.sys C:\windows\System32\drivers\sffp_mmc.sys 13824 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: sffp_sd ImagePath: \SystemRoot\system32\drivers\sffp_sd.sys C:\windows\System32\drivers\sffp_sd.sys 14336 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: sfloppy ImagePath: \SystemRoot\system32\drivers\sfloppy.sys C:\windows\System32\drivers\sfloppy.sys 16896 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 02:01 Company: Microsoft Corporation ---------- Key: Sftfs ImagePath: system32\DRIVERS\Sftfslh.sys C:\windows\System32\DRIVERS\Sftfslh.sys 764264 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: sftlist ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 508776 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftplay ImagePath: system32\DRIVERS\Sftplaylh.sys C:\windows\System32\DRIVERS\Sftplaylh.sys 268648 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftredir ImagePath: system32\DRIVERS\Sftredirlh.sys C:\windows\System32\DRIVERS\Sftredirlh.sys 25960 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: Sftvol ImagePath: system32\DRIVERS\Sftvollh.sys C:\windows\System32\DRIVERS\Sftvollh.sys 22376 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: sftvsa ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 219496 bytes Created: 01.10.2011 09:30 Modified: 01.10.2011 09:30 Company: Microsoft Corporation ---------- Key: SiSRaid2 ImagePath: \SystemRoot\system32\drivers\SiSRaid2.sys C:\windows\System32\drivers\SiSRaid2.sys 43584 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: Silicon Integrated Systems Corp. ---------- Key: SiSRaid4 ImagePath: \SystemRoot\system32\drivers\sisraid4.sys C:\windows\System32\drivers\sisraid4.sys 80464 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: Silicon Integrated Systems ---------- Key: SkypeUpdate ImagePath: "C:\Program Files (x86)\Skype\Updater\Updater.exe" C:\Program Files (x86)\Skype\Updater\Updater.exe -R- 160944 bytes Created: 13.07.2012 13:28 Modified: 13.07.2012 13:28 Company: Skype Technologies ---------- Key: Smb ImagePath: system32\DRIVERS\smb.sys C:\windows\System32\DRIVERS\smb.sys 93184 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: SNMPTRAP ImagePath: %SystemRoot%\System32\snmptrap.exe C:\windows\System32\snmptrap.exe 14336 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: Spooler ImagePath: %SystemRoot%\System32\spoolsv.exe C:\windows\System32\spoolsv.exe 559104 bytes Created: 15.08.2012 18:11 Modified: 11.02.2012 08:36 Company: Microsoft Corporation ---------- Key: sppsvc ImagePath: %SystemRoot%\system32\sppsvc.exe C:\windows\System32\sppsvc.exe 3524608 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: srv ImagePath: System32\DRIVERS\srv.sys C:\windows\System32\DRIVERS\srv.sys 467456 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:06 Company: Microsoft Corporation ---------- Key: srv2 ImagePath: System32\DRIVERS\srv2.sys C:\windows\System32\DRIVERS\srv2.sys 410112 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:05 Company: Microsoft Corporation ---------- Key: srvnet ImagePath: System32\DRIVERS\srvnet.sys C:\windows\System32\DRIVERS\srvnet.sys 168448 bytes Created: 30.08.2011 17:47 Modified: 29.04.2011 05:05 Company: Microsoft Corporation ---------- Key: stexstor ImagePath: \SystemRoot\system32\drivers\stexstor.sys C:\windows\System32\drivers\stexstor.sys 24656 bytes Created: 13.07.2009 23:59 Modified: 14.07.2009 03:45 Company: Promise Technology ---------- Key: StillCam ImagePath: system32\DRIVERS\serscan.sys C:\windows\System32\DRIVERS\serscan.sys 12288 bytes Created: 14.07.2009 02:35 Modified: 14.07.2009 02:35 Company: Microsoft Corporation ---------- Key: swenum ImagePath: system32\DRIVERS\swenum.sys C:\windows\System32\DRIVERS\swenum.sys 12496 bytes Created: 14.07.2009 02:00 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: Tcpip ImagePath: System32\drivers\tcpip.sys C:\windows\System32\drivers\tcpip.sys 1913200 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: TCPIP6 ImagePath: system32\DRIVERS\tcpip.sys C:\windows\System32\DRIVERS\tcpip.sys 1913200 bytes Created: 11.09.2012 20:59 Modified: 22.08.2012 20:12 Company: Microsoft Corporation ---------- Key: tcpipreg ImagePath: System32\drivers\tcpipreg.sys C:\windows\System32\drivers\tcpipreg.sys 45056 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TDPIPE ImagePath: system32\drivers\tdpipe.sys C:\windows\System32\drivers\tdpipe.sys 15872 bytes Created: 14.07.2009 02:16 Modified: 14.07.2009 02:16 Company: Microsoft Corporation ---------- Key: TDTCP ImagePath: system32\drivers\tdtcp.sys C:\windows\System32\drivers\tdtcp.sys 23552 bytes Created: 14.03.2012 19:26 Modified: 17.02.2012 06:57 Company: Microsoft Corporation ---------- Key: tdx ImagePath: system32\DRIVERS\tdx.sys C:\windows\System32\DRIVERS\tdx.sys 119296 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TermDD ImagePath: system32\DRIVERS\termdd.sys C:\windows\System32\DRIVERS\termdd.sys 63360 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TrustedInstaller ImagePath: %SystemRoot%\servicing\TrustedInstaller.exe C:\windows\servicing\TrustedInstaller.exe 194048 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: tssecsrv ImagePath: System32\DRIVERS\tssecsrv.sys C:\windows\System32\DRIVERS\tssecsrv.sys 39424 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: TsUsbFlt ImagePath: system32\drivers\tsusbflt.sys C:\windows\System32\drivers\tsusbflt.sys 59392 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TsUsbGD ImagePath: \SystemRoot\system32\drivers\TsUsbGD.sys C:\windows\System32\drivers\TsUsbGD.sys 31232 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: tunnel ImagePath: system32\DRIVERS\tunnel.sys C:\windows\System32\DRIVERS\tunnel.sys 125440 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: TurboB ImagePath: system32\DRIVERS\TurboB.sys C:\windows\System32\DRIVERS\TurboB.sys 19192 bytes Created: 08.10.2010 02:23 Modified: 08.10.2010 02:23 Company: Intel(R) Corporation ---------- Key: TurboBoost ImagePath: "C:\Program Files\Intel\TurboBoost\TurboBoost.exe" C:\Program Files\Intel\TurboBoost\TurboBoost.exe 150016 bytes Created: 08.10.2010 02:24 Modified: 08.10.2010 02:24 Company: Intel(R) Corporation ---------- Key: uagp35 ImagePath: \SystemRoot\system32\drivers\uagp35.sys C:\windows\System32\drivers\uagp35.sys 64080 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: udfs ImagePath: system32\DRIVERS\udfs.sys C:\windows\System32\DRIVERS\udfs.sys 328192 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UI0Detect ImagePath: %SystemRoot%\system32\UI0Detect.exe C:\windows\System32\UI0Detect.exe 40960 bytes Created: 14.07.2009 01:52 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: uliagpkx ImagePath: \SystemRoot\system32\drivers\uliagpkx.sys C:\windows\System32\drivers\uliagpkx.sys 64592 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: umbus ImagePath: system32\DRIVERS\umbus.sys C:\windows\System32\DRIVERS\umbus.sys 48640 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UmPass ImagePath: \SystemRoot\system32\drivers\umpass.sys C:\windows\System32\drivers\umpass.sys 9728 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: UNS ImagePath: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 2656536 bytes Created: 09.06.2011 08:05 Modified: 05.05.2011 14:44 Company: Intel Corporation ---------- Key: upperdev ImagePath: system32\DRIVERS\usbser_lowerfltx64.sys C:\windows\System32\DRIVERS\usbser_lowerfltx64.sys 9216 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: USBAAPL64 ImagePath: System32\Drivers\usbaapl64.sys C:\windows\System32\Drivers\usbaapl64.sys 52736 bytes Created: 25.04.2012 12:11 Modified: 25.04.2012 12:11 Company: Apple, Inc. ---------- Key: usbccgp ImagePath: system32\DRIVERS\usbccgp.sys C:\windows\System32\DRIVERS\usbccgp.sys 98816 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbcir ImagePath: \SystemRoot\system32\drivers\usbcir.sys C:\windows\System32\drivers\usbcir.sys 100352 bytes Created: 14.07.2009 02:06 Modified: 14.07.2009 02:06 Company: Microsoft Corporation ---------- Key: usbehci ImagePath: \SystemRoot\system32\drivers\usbehci.sys C:\windows\System32\drivers\usbehci.sys 52736 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbhub ImagePath: system32\DRIVERS\usbhub.sys C:\windows\System32\DRIVERS\usbhub.sys 343040 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbohci ImagePath: \SystemRoot\system32\drivers\usbohci.sys C:\windows\System32\drivers\usbohci.sys 25600 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbprint ImagePath: system32\DRIVERS\usbprint.sys C:\windows\System32\DRIVERS\usbprint.sys 25088 bytes Created: 14.07.2009 02:38 Modified: 14.07.2009 02:38 Company: Microsoft Corporation ---------- Key: usbscan ImagePath: system32\DRIVERS\usbscan.sys C:\windows\System32\DRIVERS\usbscan.sys 41984 bytes Created: 14.07.2009 02:35 Modified: 14.07.2009 02:35 Company: Microsoft Corporation ---------- Key: usbser ImagePath: system32\drivers\usbser.sys C:\windows\System32\drivers\usbser.sys 32768 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: UsbserFilt ImagePath: system32\DRIVERS\usbser_lowerfltjx64.sys C:\windows\System32\DRIVERS\usbser_lowerfltjx64.sys 9216 bytes Created: 09.01.2012 17:28 Modified: 09.01.2012 17:28 Company: Nokia ---------- Key: USBSTOR ImagePath: system32\DRIVERS\USBSTOR.SYS C:\windows\System32\DRIVERS\USBSTOR.SYS 91648 bytes Created: 31.08.2011 16:13 Modified: 11.03.2011 06:37 Company: Microsoft Corporation ---------- Key: usbuhci ImagePath: \SystemRoot\system32\drivers\usbuhci.sys C:\windows\System32\drivers\usbuhci.sys 30720 bytes Created: 31.08.2011 16:13 Modified: 25.03.2011 05:29 Company: Microsoft Corporation ---------- Key: usbvideo ImagePath: System32\Drivers\usbvideo.sys C:\windows\System32\Drivers\usbvideo.sys 184960 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: VaultSvc ImagePath: %SystemRoot%\system32\lsass.exe C:\windows\System32\lsass.exe 31232 bytes Created: 21.01.2012 23:27 Modified: 17.11.2011 08:33 Company: Microsoft Corporation ---------- Key: vdrvroot ImagePath: system32\drivers\vdrvroot.sys C:\windows\System32\drivers\vdrvroot.sys 36432 bytes Created: 14.07.2009 02:01 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: vds ImagePath: %SystemRoot%\System32\vds.exe C:\windows\System32\vds.exe 533504 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vga ImagePath: system32\DRIVERS\vgapnp.sys C:\windows\System32\DRIVERS\vgapnp.sys 29184 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: VgaSave ImagePath: \SystemRoot\System32\drivers\vga.sys C:\windows\System32\drivers\vga.sys 29184 bytes Created: 14.07.2009 01:38 Modified: 14.07.2009 01:38 Company: Microsoft Corporation ---------- Key: vhdmp ImagePath: \SystemRoot\system32\drivers\vhdmp.sys C:\windows\System32\drivers\vhdmp.sys 215936 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: viaide ImagePath: \SystemRoot\system32\drivers\viaide.sys C:\windows\System32\drivers\viaide.sys 17488 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: VIA Technologies, Inc. ---------- Key: volmgr ImagePath: system32\drivers\volmgr.sys C:\windows\System32\drivers\volmgr.sys 71552 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: volmgrx ImagePath: System32\drivers\volmgrx.sys C:\windows\System32\drivers\volmgrx.sys 363392 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: volsnap ImagePath: system32\drivers\volsnap.sys C:\windows\System32\drivers\volsnap.sys 295808 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vsmraid ImagePath: \SystemRoot\system32\drivers\vsmraid.sys C:\windows\System32\drivers\vsmraid.sys 161872 bytes Created: 10.06.2009 22:37 Modified: 14.07.2009 03:45 Company: VIA Technologies Inc.,Ltd ---------- Key: VSS ImagePath: %systemroot%\system32\vssvc.exe C:\windows\System32\vssvc.exe 1600512 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: vwifibus ImagePath: system32\DRIVERS\vwifibus.sys C:\windows\System32\DRIVERS\vwifibus.sys 24576 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 02:07 Company: Microsoft Corporation ---------- Key: vwififlt ImagePath: system32\DRIVERS\vwififlt.sys C:\windows\System32\DRIVERS\vwififlt.sys 60416 bytes Created: 09.06.2011 08:42 Modified: 25.01.2011 11:34 Company: Microsoft Corporation ---------- Key: vwifimp ImagePath: system32\DRIVERS\vwifimp.sys C:\windows\System32\DRIVERS\vwifimp.sys 18432 bytes Created: 09.06.2011 08:42 Modified: 25.01.2011 11:34 Company: Microsoft Corporation ---------- Key: WacomPen ImagePath: \SystemRoot\system32\drivers\wacompen.sys C:\windows\System32\drivers\wacompen.sys 27776 bytes Created: 14.07.2009 02:02 Modified: 14.07.2009 02:02 Company: Microsoft Corporation ---------- Key: WANARP ImagePath: system32\DRIVERS\wanarp.sys C:\windows\System32\DRIVERS\wanarp.sys 88576 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: Wanarpv6 ImagePath: system32\DRIVERS\wanarp.sys C:\windows\System32\DRIVERS\wanarp.sys 88576 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation ---------- Key: wbengine ImagePath: "%systemroot%\system32\wbengine.exe" C:\windows\System32\wbengine.exe 1504256 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: Wd ImagePath: \SystemRoot\system32\drivers\wd.sys C:\windows\System32\drivers\wd.sys 21056 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: Wdf01000 ImagePath: system32\drivers\Wdf01000.sys C:\windows\System32\drivers\Wdf01000.sys 654928 bytes Created: 14.07.2009 01:22 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: WfpLwf ImagePath: system32\DRIVERS\wfplwf.sys C:\windows\System32\DRIVERS\wfplwf.sys 12800 bytes Created: 14.07.2009 02:09 Modified: 14.07.2009 02:09 Company: Microsoft Corporation ---------- Key: WIMMount ImagePath: system32\drivers\wimmount.sys C:\windows\System32\drivers\wimmount.sys 22096 bytes Created: 14.07.2009 01:29 Modified: 14.07.2009 03:45 Company: Microsoft Corporation ---------- Key: WinUsb ImagePath: system32\DRIVERS\WinUsb.sys C:\windows\System32\DRIVERS\WinUsb.sys 41984 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: wlcrasvc ImagePath: "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 57184 bytes Created: 22.09.2010 11:10 Modified: 22.09.2010 11:10 Company: Microsoft Corporation ---------- Key: wlidsvc ImagePath: "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2286976 bytes Created: 21.09.2010 07:49 Modified: 21.09.2010 07:49 Company: Microsoft Corp. ---------- Key: WmiAcpi ImagePath: system32\DRIVERS\wmiacpi.sys C:\windows\System32\DRIVERS\wmiacpi.sys 14336 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 01:31 Company: Microsoft Corporation ---------- Key: wmiApSrv ImagePath: %systemroot%\system32\wbem\WmiApSrv.exe C:\windows\System32\wbem\WmiApSrv.exe 203264 bytes Created: 14.07.2009 01:47 Modified: 14.07.2009 03:39 Company: Microsoft Corporation ---------- Key: WMPNetworkSvc ImagePath: "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" C:\Program Files\Windows Media Player\wmpnetwk.exe 1525248 bytes Created: 21.11.2010 05:25 Modified: 21.11.2010 05:25 Company: Microsoft Corporation ---------- Key: ws2ifsl ImagePath: \SystemRoot\system32\drivers\ws2ifsl.sys C:\windows\System32\drivers\ws2ifsl.sys 21504 bytes Created: 14.07.2009 02:10 Modified: 14.07.2009 02:10 Company: Microsoft Corporation ---------- Key: WSearch ImagePath: %systemroot%\system32\SearchIndexer.exe /Embedding C:\windows\System32\SearchIndexer.exe 591872 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation ---------- Key: WudfPf ImagePath: system32\drivers\WudfPf.sys C:\windows\System32\drivers\WudfPf.sys 112128 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- Key: WUDFRd ImagePath: system32\DRIVERS\WUDFRd.sys C:\windows\System32\DRIVERS\WUDFRd.sys 172544 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation ---------- ************************************************************ 17:56:19: Scanning -----VXD ENTRIES----- ************************************************************ 17:56:19: Scanning ----- WINLOGON\NOTIFY DLLS ----- No WINLOGON\NOTIFY DLLs found to scan Rootkit scan of Winlogon\Notify key not possible [key may not exist] ************************************************************ 17:56:19: Scanning ----- CONTEXTMENUHANDLERS ----- Key: 7-Zip CLSID: {23170F69-40C1-278A-1000-000100020000} Path: C:\Program Files (x86)\7-Zip\7-zip.dll C:\Program Files (x86)\7-Zip\7-zip.dll 55808 bytes Created: 18.11.2010 18:08 Modified: 18.11.2010 18:08 Company: Igor Pavlov ---------- Key: Shell Extension for Malware scanning CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A} Path: C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll 2292176 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG ---------- Key: WinRAR CLSID: {B41DB860-64E4-11D2-9906-E49FADC173CA} Path: C:\Program Files (x86)\WinRAR\rarext64.dll C:\Program Files (x86)\WinRAR\rarext64.dll 164864 bytes Created: 08.09.2011 22:01 Modified: 28.05.2011 22:05 Company: Alexander Roshal ---------- Key: WinRAR32 CLSID: {B41DB860-8EE4-11D2-9906-E49FADC173CA} Path: C:\Program Files (x86)\WinRAR\rarext.dll C:\Program Files (x86)\WinRAR\rarext.dll 140288 bytes Created: 08.09.2011 22:01 Modified: 28.05.2011 22:04 Company: Alexander Roshal ---------- ************************************************************ 17:56:20: Scanning ----- FOLDER\COLUMNHANDLERS ----- Key: {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} File: C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll - [file not found to scan] ---------- Key: {F9DB5320-233E-11D1-9F84-707F02C10627} File: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll 394168 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems, Inc. ---------- ************************************************************ 17:56:20: Scanning ----- BROWSER HELPER OBJECTS ----- Key: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} BHO: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 63944 bytes Created: 27.07.2012 22:51 Modified: 27.07.2012 22:51 Company: Adobe Systems Incorporated ---------- Key: {53707962-6F74-2D53-2644-206D7942484F} BHO: C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll 1879896 bytes Created: 29.08.2011 18:34 Modified: 26.01.2009 15:31 Company: Safer Networking Limited ---------- Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} BHO: C:\Program Files (x86)\Java\jre7\bin\ssv.dll C:\Program Files (x86)\Java\jre7\bin\ssv.dll 449512 bytes Created: 04.09.2012 18:04 Modified: 04.09.2012 18:04 Company: Oracle Corporation ---------- Key: {9030D464-4C02-4ABF-8ECC-5164760863C6} BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 529280 bytes Created: 21.09.2010 07:54 Modified: 21.09.2010 07:54 Company: Microsoft Corp. ---------- Key: {AA609D72-8482-4076-8991-8CDAE5B93BCB} BHO: C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll 1973760 bytes Created: 09.06.2011 08:38 Modified: 25.10.2010 14:44 Company: Samsung Electronics Co., Ltd. ---------- Key: {DBC80044-A445-435b-BC74-9C25C1C588A9} BHO: C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll 157672 bytes Created: 04.09.2012 18:04 Modified: 04.09.2012 18:04 Company: Oracle Corporation ---------- ************************************************************ 17:56:21: Scanning ----- SHELLSERVICEOBJECTS ----- ************************************************************ 17:56:21: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----- No SharedTaskScheduler entries found to scan ************************************************************ 17:56:22: Scanning ----- IMAGEFILE DEBUGGERS ----- No "Debugger" entries found. ************************************************************ 17:56:22: Scanning ----- APPINIT_DLLS ----- AppInitDLLs entry = [C:\windows\SysWOW64\nvinit.dll] File: C:\windows\SysWOW64\nvinit.dll C:\windows\SysWOW64\nvinit.dll 192616 bytes Created: 09.06.2011 08:06 Modified: 04.05.2011 23:01 Company: NVIDIA Corporation ---------- ************************************************************ 17:56:22: Scanning ----- SECURITY PROVIDER DLLS ----- ************************************************************ 17:56:22: Scanning ------ COMMON STARTUP GROUP ------ [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup] The Common Startup Group attempts to load the following file(s) at boot time: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -HS- 174 bytes Created: 14.07.2009 06:54 Modified: 14.07.2009 06:54 Company: [no info] -------------------- McAfee Security Scan Plus.lnk - links to C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE 272528 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. -------------------- ************************************************************ 17:56:22: Scanning ----- USER STARTUP GROUPS ----- Checking Startup Group for: fabo [C:\Users\fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup] C:\Users\fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -HS- 174 bytes Created: 29.08.2011 16:24 Modified: 11.07.2012 20:55 Company: [no info] ---------- OpenOffice.org 3.4.lnk - links to C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE 1199104 bytes Created: 19.04.2012 07:41 Modified: 19.04.2012 07:41 Company: [no info] ---------- Tintenwarnungen überwachen - HP Deskjet 3070 B611 series.lnk - links to gram Files\HP\HP Deskjet 3070 B611 series\bin\HPStatusBL.dll [file not found to scan] C:\Users\fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3070 B611 series.lnk - this links to gram Files\HP\HP Deskjet 3070 B611 series\bin\HPStatusBL.dll - this Shortcut has been removed ---------- -------------------- ************************************************************ 17:56:41: Scanning ----- SCHEDULED TASKS ----- Taskname: Adobe Flash Player Updater File: C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 250288 bytes Created: 25.06.2012 21:23 Modified: 29.09.2012 21:21 Company: Adobe Systems Incorporated Schedule: At 01:21:00 every day Next Run Time: 30.09.2012 18:21:00 Status: Ready Creator: Adobe Systems Incorporated Comments: Mit diesem Task ist Ihre Flash Player-Installation immer aktuell und verwendet die neuesten Verbesserungen und Sicherheits-Fixes. Wenn dieser Task deaktiviert oder entfernt wird, kann Adobe Flash Player Ihren Computer nicht automatisch mit den neuesten Sicherheits-Fixes sichern. ---------- Taskname: advSRS5 File: C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe 4387632 bytes Created: 09.06.2011 08:35 Modified: 17.11.2010 10:24 Company: SEC Schedule: At logon Next Run Time: Status: Running Creator: SEC Comments: Samsung Recovery Solution 5 Scheduler ---------- Taskname: BatteryLifeExtender File: C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe 6619648 bytes Created: 18.12.2010 01:47 Modified: 18.12.2010 01:47 Company: Samsung Electronics. Co. Ltd. Parameters: /2 Schedule: At logon Next Run Time: Status: Ready Creator: sec Comments: ---------- Taskname: EasyBatteryManager File: C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe 362352 bytes Created: 09.06.2011 08:11 Modified: 20.07.2010 06:55 Company: SAMSUNG Electronics co., LTD. Schedule: At logon Next Run Time: Status: Ready Creator: Administrator Comments: ---------- Taskname: EasyDisplayMgr File: C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe 945232 bytes Created: 09.06.2011 08:37 Modified: 23.12.2010 08:07 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: EasyPartitionManager File: C:\Windows\MSetup\BA46-12225A02\EPM.exe Schedule: At logon Next Run Time: Status: Disabled Creator: Administrator Comments: C:\Windows\MSetup\BA46-12225A02\EPM.exe - [file not found to scan] ---------- Taskname: EasySpeedUpManager File: Multiple Parameters: /s Schedule: At logon Next Run Time: Status: Running Creator: Administrators Comments: Easy SpeedUp Manager Multiple - [file not found to scan] ---------- Taskname: HP Photo Creations Messager File: C:\ProgramData\HP Photo Creations\MessageCheck.exe C:\ProgramData\HP Photo Creations\MessageCheck.exe 153768 bytes Created: 15.02.2011 12:11 Modified: 15.02.2011 12:11 Company: [no info] Schedule: At 01:01:00 every day Next Run Time: 30.09.2012 18:01:00 Status: Ready Creator: fabo Comments: ---------- Taskname: HPCustParticipation HP Deskjet 3070 B611 series File: C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe 4238184 bytes Created: 08.06.2011 18:34 Modified: 08.06.2011 18:34 Company: Hewlett-Packard Co. Parameters: /UA 9.5 /DDV 0x0905 Schedule: At 22:27:00 on 25.04.2012 Next Run Time: 30.09.2012 18:27:00 Status: Ready Creator: fabo Comments: ---------- Taskname: hpUrlLauncher.exe_{A3CCEABE-12A2-4928-956D-02C9B3D94E36} File: C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\utils\hpUrlLauncher.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\utils\hpUrlLauncher.exe 199528 bytes Created: 08.06.2011 23:49 Modified: 08.06.2011 23:49 Company: Hewlett-Packard Co. Parameters: https://h30495.www3.hp.com/printers/add?jumpID=in_instKarnak5%2F&cc=de&modelName=HP%20Deskjet%203070%20B611%20series&serialNo=CN1AL470R5&serialNo_Extra=05MQ&modelID=CQ191B&serviceID=2211 2&invitation=no Schedule: Task not scheduled Next Run Time: Status: Ready Creator: Comments: ---------- Taskname: MirageAgent File: C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe 136488 bytes Created: 10.11.2010 01:03 Modified: 10.11.2010 01:03 Company: CyberLink Schedule: At logon Next Run Time: Status: Running Creator: CyberLink Comments: ---------- Taskname: MovieColorEnhancer File: C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe 775848 bytes Created: 09.06.2011 08:20 Modified: 29.11.2010 07:42 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: SamsungSupportCenter File: C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe 3398736 bytes Created: 04.09.2011 12:45 Modified: 04.09.2011 12:45 Company: SAMSUNG Electronics Schedule: At logon Next Run Time: Status: Running Creator: Administrators Comments: SamsungSupportCenter ---------- Taskname: SmartRestarter File: C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe 2996592 bytes Created: 09.06.2011 08:12 Modified: 05.08.2010 07:12 Company: Samsung Electronics Co., Ltd. Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: SUPBackground File: C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe 2783312 bytes Created: 09.06.2011 08:37 Modified: 20.12.2011 15:52 Company: Samsung Electronics Schedule: At logon Next Run Time: Status: Running Creator: Administrator Comments: ---------- Taskname: WifiManager File: C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe 7060560 bytes Created: 09.06.2011 08:37 Modified: 04.01.2011 15:06 Company: Samsung Electronics Co., Ltd. Parameters: hide Schedule: At logon Next Run Time: Status: Running Creator: ctype-PC\ctype Comments: ---------- ************************************************************ 17:56:45: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----- Key: SharingPrivate CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235} File: %SystemRoot%\system32\ntshrui.dll C:\windows\System32\ntshrui.dll 509952 bytes Created: 16.02.2012 23:34 Modified: 04.01.2012 12:44 Company: Microsoft Corporation ---------- ************************************************************ 17:56:46: Scanning ----- DEVICE DRIVER ENTRIES ----- Value: msacm.l3acm File: C:\Windows\SysWOW64\l3codeca.acm C:\Windows\SysWOW64\l3codeca.acm 64000 bytes Created: 14.07.2009 02:07 Modified: 14.07.2009 03:14 Company: Fraunhofer Institut Integrierte Schaltungen IIS ---------- Value: vidc.cvid File: iccvid.dll iccvid.dll - [file not found to scan] ---------- Value: msacm.siren File: sirenacm.dll sirenacm.dll - [file not found to scan] ---------- ************************************************************ 17:56:47: ----- ADDITIONAL CHECKS ----- Heuristic checks for hidden files/drivers completed ---------- Layered Service Provider entries checks completed ---------- Windows Explorer Policies checks completed ---------- Desktop Wallpaper: C:\Users\fabo\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp C:\Users\fabo\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp 5242934 bytes Created: 29.08.2011 19:16 Modified: 23.08.2012 08:49 Company: [no info] ---------- Web Desktop Wallpaper entry is blank ---------- Checks for rogue DNS NameServers completed ---------- Checks for Backdoor.ZeroAccess completed ---------- Additional checks completed ************************************************************ 17:57:03: Scanning ----- RUNNING PROCESSES ----- C:\windows\System32\smss.exe 112640 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\csrss.exe 7680 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\wininit.exe 129024 bytes Created: 14.07.2009 01:52 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\services.exe 328704 bytes Created: 14.07.2009 01:19 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\lsm.exe 343040 bytes Created: 21.11.2010 05:23 Modified: 21.11.2010 05:23 Company: Microsoft Corporation -------------------- C:\windows\System32\winlogon.exe 390656 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\windows\System32\svchost.exe 27136 bytes Created: 14.07.2009 01:31 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 1196648 bytes Created: 17.01.2011 04:07 Modified: 17.01.2011 04:07 Company: NVIDIA Corporation -------------------- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe 248784 bytes Created: 08.03.2012 19:27 Modified: 08.05.2012 15:58 Company: Avira Operations GmbH & Co. KG -------------------- C:\windows\System32\conhost.exe 338432 bytes Created: 30.08.2011 17:47 Modified: 24.06.2011 07:25 Company: Microsoft Corporation -------------------- C:\windows\System32\taskhost.exe 69120 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 766536 bytes Created: 13.09.2012 19:39 Modified: 07.09.2012 17:04 Company: Malwarebytes Corporation -------------------- C:\windows\System32\rundll32.exe 45568 bytes Created: 14.07.2009 01:57 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\windows\System32\dwm.exe 120320 bytes Created: 14.07.2009 01:37 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe 272528 bytes Created: 17.06.2011 19:33 Modified: 17.06.2011 19:33 Company: McAfee, Inc. -------------------- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe 10376704 bytes Created: 19.04.2012 08:57 Modified: 19.04.2012 08:57 Company: OpenOffice.org -------------------- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin 10368512 bytes Created: 19.04.2012 08:57 Modified: 19.04.2012 08:57 Company: OpenOffice.org -------------------- C:\windows\System32\SearchIndexer.exe 591872 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation -------------------- C:\Program Files\Elantech\ETDCtrlHelper.exe 2247504 bytes Created: 25.04.2012 04:42 Modified: 25.04.2012 04:42 Company: ELAN Microelectronics Corp. -------------------- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe 220568 bytes Created: 01.08.2012 16:07 Modified: 01.08.2012 16:07 Company: Nokia -------------------- C:\windows\System32\taskeng.exe 464384 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\windows\System32\igfxext.exe 239896 bytes Created: 02.02.2012 22:00 Modified: 02.02.2012 22:00 Company: Intel Corporation -------------------- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe 148888 bytes Created: 01.08.2012 16:06 Modified: 01.08.2012 16:06 Company: Nokia -------------------- C:\windows\System32\dllhost.exe 9728 bytes Created: 14.07.2009 01:59 Modified: 14.07.2009 03:39 Company: Microsoft Corporation -------------------- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 222592 bytes Created: 21.09.2010 07:49 Modified: 21.09.2010 07:49 Company: Microsoft Corp. -------------------- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe 103720 bytes Created: 02.11.2009 07:21 Modified: 02.11.2009 07:21 Company: CyberLink -------------------- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe 87336 bytes Created: 20.09.2010 05:24 Modified: 20.09.2010 05:24 Company: CyberLink Corp. -------------------- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe 719360 bytes Created: 09.06.2011 08:23 Modified: 11.01.2011 08:31 Company: Samsung Electronics Co., Ltd. -------------------- C:\windows\System32\wbem\WmiPrvSE.exe 372736 bytes Created: 21.11.2010 05:24 Modified: 21.11.2010 05:24 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 917984 bytes Created: 14.09.2012 00:20 Modified: 06.09.2012 03:24 Company: Mozilla Corporation -------------------- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe 16864 bytes Created: 14.09.2012 00:20 Modified: 06.09.2012 03:25 Company: Mozilla Corporation -------------------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe 1807560 bytes Created: 23.08.2012 12:23 Modified: 23.08.2012 12:23 Company: Adobe Systems, Inc. -------------------- C:\windows\System32\SearchProtocolHost.exe 249856 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation -------------------- C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe FileSize: 4766968 [This is a Trojan Remover component] -------------------- -------------------- C:\windows\System32\SearchFilterHost.exe 113664 bytes Created: 30.08.2011 17:48 Modified: 04.05.2011 07:19 Company: Microsoft Corporation -------------------- ************************************************************ 17:57:49: Checking HOSTS file No malicious entries were found in the HOSTS file ************************************************************ ------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------ HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page": ChatZum Search HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page": C:\Windows\SysWOW64\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page": Bing HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL": MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL": Bing HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page": HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page": C:\windows\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page": This value is blank HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL": MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN ************************************************************ === CHANGES WERE MADE TO A USER'S STARTUP GROUP === Scan completed at: 17:57:49 30 Sep 2012 Total Scan time: 00:02:44 ************************************************************ Trojan.FakeAlert Displays fake Spyware/Virus alerts to encourage the user to visit an anti-spyware website and purchase their product. Can modify the Windows Desktop Wallpaper, and also add registry keys to prevent the Desktop Wallpaper from being manually changed. |
|
| Themen zu JS/TrojanDownloader.Iframe.NKE trojan/HTML/Fraud.BG trojan |
| .html, bitte um hilfe, js/trojandownloader.iframe.nke, laptop, link, viren |
Linear-Darstellung
