| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Desktop schwarz, Startmenü leer, HDD angeblich kaputtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.06.2011, 19:52
| #1 |
| |  Desktop schwarz, Startmenü leer, HDD angeblich kaputt Hallo, ich hab denke ich das gleiche Problem wie Axl1984. Ich fang aber mal ganz am anfang an, ich war am surfen und plötzlich sollte ich Acrobat oder sowas (weiß ich nicht mehr genau) aktualisiern. Hab das natürlich gemacht. danach gab es dann sofort Probleme und Avira hat einen Trojaner gefunden, den hab ich löschen lassen und mir nicht weiter angesehen. Dann gab es noch ein paar Fehlermeldungen vonwegen das die Festplatte kaput ist. Nach einem Neustart war dann der Desktop schwarz und sogut wie nichts mehr im Startmenü. Dann öffnete sich Automatisch: Windows 7 Recovery und hat einige fehler gefunden. Ein paar konnte er nicht beheben: Read time of hard drive clusters less than 500ms - Critical Error 34% of HDD space is unreadable - Critical Error Bad sectors on hard drive or damaged file allocation table - Critical Error Boot sector of the hard disk is damaged - Critical Error Hard drive doesn´t respond to system commands - Critical Error Ich hab dann mal ein bissel probiert und herrausgefunden, dass die Datein auf dem Desktop nur Versteckt sind, das heißt, Ordneroptionen alles sichtbar und ich konnte die wichtigsten Daten retten!!!! Danach eine Systemwiederherstellung hat nicht geklappt. Danach hab ich Malwarebytes drüberlaufen lassen und 5 Datein gelöscht (das ging aber nur mit Hilfe von OTH). Nach einem Neustart war der Windows 7 Recovery zwar nicht mehr da aber trotzdem im Startmenü nichts zu finden! Ich hab jetzt mal OTL und GMER drüberlaufen lassen und hoffe ihr könnt mir weiter helfen! Mit besten Grüßen Magnus |
|
05.06.2011, 20:30
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Desktop schwarz, Startmenü leer, HDD angeblich kaputt Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Code:
ATTFilter :OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - E:\autoexec.bat -- [ FAT32 ]
O33 - MountPoints2\{d9654568-d5ae-11de-b2f2-001f1621718c}\Shell - "" = AutoRun
O33 - MountPoints2\{d9654568-d5ae-11de-b2f2-001f1621718c}\Shell\AutoRun\command - "" = H:\Autorun.exe
[2011.06.03 17:03:09 | 000,000,000 | -H-D | C] -- C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011.06.03 17:06:03 | 000,000,400 | ---- | M] () -- C:\ProgramData\26468088
[2011.06.03 17:03:10 | 000,000,635 | -H-- | M] () -- C:\Users\Maggi\Desktop\Windows 7 Recovery.lnk
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:569CEE83
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:6BF0805F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ |
|
05.06.2011, 22:18
| #3 |
| | Desktop schwarz, Startmenü leer, HDD angeblich kaputt hab es gemacht, hier das Logfile
__________________ |
|
06.06.2011, 11:05
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, Startmenü leer, HDD angeblich kaputt Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.06.2011, 13:11
| #5 |
| | Desktop schwarz, Startmenü leer, HDD angeblich kaputt hab ich gemacht: Code:
ATTFilter 2011/06/06 13:54:46.0290 2104 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/06/06 13:54:46.0305 2104 ================================================================================
2011/06/06 13:54:46.0305 2104 SystemInfo:
2011/06/06 13:54:46.0305 2104
2011/06/06 13:54:46.0305 2104 OS Version: 6.1.7600 ServicePack: 0.0
2011/06/06 13:54:46.0305 2104 Product type: Workstation
2011/06/06 13:54:46.0305 2104 ComputerName: MAGGI-PC
2011/06/06 13:54:46.0305 2104 UserName: Maggi
2011/06/06 13:54:46.0305 2104 Windows directory: C:\Windows
2011/06/06 13:54:46.0305 2104 System windows directory: C:\Windows
2011/06/06 13:54:46.0305 2104 Processor architecture: Intel x86
2011/06/06 13:54:46.0305 2104 Number of processors: 2
2011/06/06 13:54:46.0305 2104 Page size: 0x1000
2011/06/06 13:54:46.0305 2104 Boot type: Normal boot
2011/06/06 13:54:46.0305 2104 ================================================================================
2011/06/06 13:54:52.0202 2104 Initialize success
2011/06/06 13:54:58.0037 0732 ================================================================================
2011/06/06 13:54:58.0037 0732 Scan started
2011/06/06 13:54:58.0037 0732 Mode: Manual;
2011/06/06 13:54:58.0037 0732 ================================================================================
2011/06/06 13:55:03.0762 0732 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/06 13:55:04.0011 0732 acedrv10 (553ba53445795cbc0d4f9fa37eb855a6) C:\Windows\system32\drivers\acedrv10.sys
2011/06/06 13:55:04.0245 0732 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
2011/06/06 13:55:04.0386 0732 acehlp10 (8ce00b6a46962a1808b19cd1dae5170c) C:\Windows\system32\drivers\acehlp10.sys
2011/06/06 13:55:04.0542 0732 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/06 13:55:04.0745 0732 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/06 13:55:04.0947 0732 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/06 13:55:05.0181 0732 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/06 13:55:05.0244 0732 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/06 13:55:05.0493 0732 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/06/06 13:55:05.0712 0732 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/06 13:55:05.0821 0732 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/06/06 13:55:05.0899 0732 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/06 13:55:05.0946 0732 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/06/06 13:55:06.0039 0732 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/06 13:55:06.0086 0732 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/06 13:55:06.0164 0732 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/06 13:55:06.0539 0732 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
2011/06/06 13:55:06.0679 0732 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/06 13:55:06.0757 0732 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
2011/06/06 13:55:06.0819 0732 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/06/06 13:55:06.0929 0732 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/06/06 13:55:07.0085 0732 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/06 13:55:07.0241 0732 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/06 13:55:07.0350 0732 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/06 13:55:07.0553 0732 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/06/06 13:55:07.0927 0732 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/06/06 13:55:08.0099 0732 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/06 13:55:08.0348 0732 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/06 13:55:08.0645 0732 AVSUSB1 (b88fad538d4cb5e1af692b5ad9a4e21c) C:\Windows\system32\Drivers\AVSUSB1.SYS
2011/06/06 13:55:09.0035 0732 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/06/06 13:55:09.0191 0732 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/06/06 13:55:09.0347 0732 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/06/06 13:55:09.0659 0732 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/06 13:55:09.0924 0732 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/06 13:55:10.0095 0732 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/06 13:55:10.0236 0732 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/06 13:55:10.0376 0732 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/06/06 13:55:10.0532 0732 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/06 13:55:10.0657 0732 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/06 13:55:11.0219 0732 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/06 13:55:11.0265 0732 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/06 13:55:11.0343 0732 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/06 13:55:11.0421 0732 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/06 13:55:11.0499 0732 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/06 13:55:11.0655 0732 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/06/06 13:55:11.0889 0732 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/06 13:55:12.0061 0732 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/06 13:55:12.0155 0732 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/06/06 13:55:12.0279 0732 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/06 13:55:12.0326 0732 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/06 13:55:12.0435 0732 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/06 13:55:12.0591 0732 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2011/06/06 13:55:12.0794 0732 cvintdrv (dbd89bc0dbe00dcd245be8f61dbee291) C:\Windows\system32\drivers\cvintdrv.sys
2011/06/06 13:55:12.0981 0732 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
2011/06/06 13:55:13.0293 0732 CVPNDRVA (9eb103820665563ed4f5d1d50e2205d3) C:\Windows\system32\Drivers\CVPNDRVA.sys
2011/06/06 13:55:13.0590 0732 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/06/06 13:55:13.0871 0732 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/06/06 13:55:14.0011 0732 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/06/06 13:55:14.0120 0732 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys
2011/06/06 13:55:14.0401 0732 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/06/06 13:55:14.0775 0732 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/06 13:55:15.0025 0732 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/06/06 13:55:15.0399 0732 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/06 13:55:15.0665 0732 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/06 13:55:15.0805 0732 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/06/06 13:55:15.0977 0732 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/06/06 13:55:16.0101 0732 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/06 13:55:16.0351 0732 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/06/06 13:55:16.0554 0732 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/06/06 13:55:16.0757 0732 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/06 13:55:16.0897 0732 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/06/06 13:55:17.0100 0732 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/06/06 13:55:17.0474 0732 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/06/06 13:55:17.0599 0732 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/06 13:55:17.0833 0732 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/06 13:55:17.0958 0732 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/06 13:55:18.0301 0732 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/06 13:55:18.0488 0732 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/06/06 13:55:18.0847 0732 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/06 13:55:18.0972 0732 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/06 13:55:19.0159 0732 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/06 13:55:19.0518 0732 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/06 13:55:19.0861 0732 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/06 13:55:20.0048 0732 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/06 13:55:20.0360 0732 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/06/06 13:55:20.0501 0732 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/06 13:55:20.0735 0732 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/06 13:55:21.0047 0732 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
2011/06/06 13:55:21.0421 0732 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/06 13:55:21.0733 0732 IntcAzAudAddService (56ac584fe02e0c1d5924892562cbd572) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/06 13:55:22.0014 0732 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/06 13:55:22.0107 0732 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/06 13:55:22.0279 0732 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/06 13:55:22.0388 0732 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/06/06 13:55:22.0560 0732 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/06/06 13:55:22.0731 0732 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/06 13:55:22.0934 0732 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/06 13:55:23.0184 0732 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/06 13:55:23.0449 0732 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/06 13:55:23.0589 0732 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/06 13:55:23.0792 0732 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/06 13:55:24.0042 0732 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/06/06 13:55:24.0213 0732 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/06 13:55:24.0369 0732 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/06 13:55:24.0588 0732 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/06 13:55:24.0744 0732 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/06 13:55:24.0869 0732 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/06 13:55:25.0071 0732 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/06/06 13:55:25.0368 0732 lvalarmk (bad54f937b43f0e75db242c1f40c2dcf) C:\Windows\system32\drivers\lvalarmk.sys
2011/06/06 13:55:25.0664 0732 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\Windows\system32\drivers\mbamswissarmy.sys
2011/06/06 13:55:25.0945 0732 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/06 13:55:26.0070 0732 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/06 13:55:26.0413 0732 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/06/06 13:55:26.0663 0732 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/06 13:55:26.0803 0732 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/06 13:55:26.0928 0732 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/06 13:55:27.0131 0732 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/06/06 13:55:27.0411 0732 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/06 13:55:27.0645 0732 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/06 13:55:27.0833 0732 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/06/06 13:55:28.0082 0732 mrxsmb (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/06 13:55:28.0285 0732 mrxsmb10 (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/06 13:55:28.0535 0732 mrxsmb20 (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/06 13:55:28.0706 0732 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/06 13:55:28.0831 0732 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/06 13:55:29.0003 0732 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/06/06 13:55:29.0096 0732 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/06 13:55:29.0689 0732 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/06 13:55:29.0845 0732 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/06 13:55:29.0970 0732 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/06 13:55:30.0110 0732 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/06/06 13:55:30.0251 0732 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/06/06 13:55:30.0578 0732 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/06 13:55:30.0687 0732 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/06/06 13:55:30.0812 0732 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/06 13:55:31.0140 0732 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/06/06 13:55:31.0779 0732 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/06 13:55:31.0998 0732 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/06/06 13:55:32.0185 0732 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/06 13:55:32.0372 0732 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/06 13:55:32.0669 0732 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/06 13:55:32.0825 0732 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/06 13:55:32.0981 0732 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/06/06 13:55:33.0636 0732 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/06 13:55:33.0901 0732 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/06 13:55:34.0057 0732 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/06 13:55:34.0275 0732 ni1006k (2ad3c955a4b2a0c82c1906f61cb297f8) C:\Windows\system32\drivers\ni1006k.sys
2011/06/06 13:55:34.0572 0732 ni1045k (f965ee798882b6ccf8de95af3dd18b7c) C:\Windows\system32\drivers\ni1045kl.sys
2011/06/06 13:55:34.0775 0732 ni1065k (a5cd3acbac593859ad03ed957b443760) C:\Windows\system32\drivers\ni1065k.sys
2011/06/06 13:55:35.0055 0732 nicdrk (6039f84cac8253bdf29192f6f97d9e9f) C:\Windows\system32\drivers\nicdrkl.sys
2011/06/06 13:55:35.0211 0732 nicsrk (c45d7b300c0ee6e6a2947beebbccfb6e) C:\Windows\system32\drivers\nicsrkl.sys
2011/06/06 13:55:35.0945 0732 nidimk (ce49187b110490df57605ced0912608c) C:\Windows\system32\drivers\nidimkl.sys
2011/06/06 13:55:36.0210 0732 nidmxfk (78170e069c6bb72ddb49fe0deb364030) C:\Windows\system32\drivers\nidmxfkl.sys
2011/06/06 13:55:36.0475 0732 nidsark (9091349fcb0728a7f8642635b209a422) C:\Windows\system32\drivers\nidsarkl.sys
2011/06/06 13:55:36.0615 0732 niemrk (5735b60fafa099e021bcd9ab1f76caf4) C:\Windows\system32\drivers\niemrkl.sys
2011/06/06 13:55:36.0787 0732 niesrk (9b0ed36a6148a933bc475db13e4369db) C:\Windows\system32\drivers\niesrkl.sys
2011/06/06 13:55:37.0052 0732 nifslk (af8207d298e06c2d3d3242dd8dad196d) C:\Windows\system32\drivers\nifslkl.sys
2011/06/06 13:55:37.0489 0732 nimdbgk (fc83df410bb8c09608a9e86c28a70825) C:\Windows\system32\drivers\nimdbgkl.sys
2011/06/06 13:55:37.0895 0732 nimru2k (bb6378f6f0582b4cb0d898e6af0d3849) C:\Windows\system32\drivers\nimru2kl.sys
2011/06/06 13:55:38.0144 0732 nimsdrk (d7af65cc84bfc2ad9f6502706563588c) C:\Windows\system32\drivers\nimsdrkl.sys
2011/06/06 13:55:38.0597 0732 nimstsk (049af1ff82db027a6dadf6c8587d6bd5) C:\Windows\system32\drivers\nimstskl.sys
2011/06/06 13:55:38.0815 0732 nimxdfk (2567d0feb6cb457b8625484c15fd2c46) C:\Windows\system32\drivers\nimxdfkl.sys
2011/06/06 13:55:38.0987 0732 nimxpk (bc5ce2c29cfbfa4303fc59f8dab5e97a) C:\Windows\system32\drivers\nimxpkl.sys
2011/06/06 13:55:39.0174 0732 ninshsdk (0de79f7eb245bbf2c087457c4edb7538) C:\Windows\system32\drivers\ninshsdkl.sys
2011/06/06 13:55:39.0673 0732 niorbk (2ee2631f636f2cceb8f054bee79ad6c4) C:\Windows\system32\drivers\niorbkl.sys
2011/06/06 13:55:39.0876 0732 nipalfwedl (b164168b4b1a1f0c6e66ef3225a00832) C:\Windows\system32\drivers\nipalfwedl.sys
2011/06/06 13:55:40.0063 0732 NIPALK (10933c80f3eeab90652701bad0c5e74a) C:\Windows\system32\drivers\nipalk.sys
2011/06/06 13:55:40.0375 0732 nipalusbedl (b7a4abcfdaf414bcaac9f198a44eb336) C:\Windows\system32\drivers\nipalusbedl.sys
2011/06/06 13:55:40.0781 0732 nipbcfk (2ddb15147e226bf2b6272fd3d5384008) C:\Windows\system32\drivers\nipbcfk.sys
2011/06/06 13:55:41.0093 0732 nipxigpk (1912641a3f404fbedf597e27c675b2dd) C:\Windows\system32\drivers\nipxigpk.sys
2011/06/06 13:55:41.0639 0732 nipxirmk (6e1642d565d952c2bed08287c7c27726) C:\Windows\system32\drivers\nipxirmkl.sys
2011/06/06 13:55:41.0873 0732 niscdk (e4389a95e110ad9cfebf85fc9ba8388e) C:\Windows\system32\drivers\niscdkl.sys
2011/06/06 13:55:42.0029 0732 nisdigk (3b89552892fb2daa5ddd126adbbd117b) C:\Windows\system32\drivers\nisdigkl.sys
2011/06/06 13:55:42.0294 0732 nisftk (0ccd6e717df1838b53e2e2daca235fd3) C:\Windows\system32\drivers\nisftkl.sys
2011/06/06 13:55:42.0465 0732 nispdk (3cad0833c60bedf03d17fd6e740bb178) C:\Windows\system32\drivers\nispdkl.sys
2011/06/06 13:55:42.0621 0732 nissrk (6f1f3ac5ac7235c15328b057088e6c2c) C:\Windows\system32\drivers\nissrkl.sys
2011/06/06 13:55:42.0855 0732 nistc2k (f3e81b7b92dd962e674018c810a3025e) C:\Windows\system32\drivers\nistc2kl.sys
2011/06/06 13:55:42.0996 0732 nistcrk (0a24b2f6179db04d7373df141bfa1e03) C:\Windows\system32\drivers\nistcrkl.sys
2011/06/06 13:55:43.0199 0732 niswdk (ddb620d7d781e2dfb75d082ddef795f8) C:\Windows\system32\drivers\niswdkl.sys
2011/06/06 13:55:43.0573 0732 nitiork (5c78b83500319b05722d29b46030d8ad) C:\Windows\system32\drivers\nitiorkl.sys
2011/06/06 13:55:43.0838 0732 niufurk (ff8ae034cd17ea4b4e2d332937ca0d7c) C:\Windows\system32\drivers\niufurkl.sys
2011/06/06 13:55:44.0088 0732 NiViFWK (1c6ca16957bad7a11a990904cea8598d) C:\Windows\system32\drivers\NiViFWKl.sys
2011/06/06 13:55:44.0353 0732 NiViPciK (26fd31288feef016a5462b24a3d50e65) C:\Windows\system32\drivers\NiViPciKl.sys
2011/06/06 13:55:44.0587 0732 NiViPxiK (0844525334d794480ca493a4c7d0193b) C:\Windows\system32\drivers\NiViPxiKl.sys
2011/06/06 13:55:44.0727 0732 niwfrk (5d31050aaf214a036957bc7959099979) C:\Windows\system32\drivers\niwfrkl.sys
2011/06/06 13:55:44.0837 0732 nixsrk (2d9b64519309d2d7d1044b8092301c7b) C:\Windows\system32\drivers\nixsrkl.sys
2011/06/06 13:55:45.0102 0732 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/06/06 13:55:45.0585 0732 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/06 13:55:45.0819 0732 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
2011/06/06 13:55:46.0131 0732 ntiomin (8a2788ff5aa0fe75d7231417200406ff) C:\Windows\system32\drivers\ntiomin.sys
2011/06/06 13:55:46.0365 0732 ntiopnp (5850c28057ddea04390b88f8cc482504) C:\Windows\system32\drivers\ntiopnp.sys
2011/06/06 13:55:46.0475 0732 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/06/06 13:55:46.0740 0732 NVHDA (b4f70fac4ea61cf150823aa063a39ff9) C:\Windows\system32\drivers\nvhda32v.sys
2011/06/06 13:55:47.0239 0732 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/06 13:55:47.0847 0732 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
2011/06/06 13:55:48.0019 0732 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
2011/06/06 13:55:48.0159 0732 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/06 13:55:48.0300 0732 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/06 13:55:48.0518 0732 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/06/06 13:55:48.0705 0732 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/06/06 13:55:48.0815 0732 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/06/06 13:55:49.0002 0732 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/06/06 13:55:49.0548 0732 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/06/06 13:55:49.0735 0732 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/06 13:55:49.0860 0732 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/06 13:55:50.0094 0732 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/06/06 13:55:50.0281 0732 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/06/06 13:55:50.0609 0732 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/06 13:55:50.0811 0732 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/06/06 13:55:50.0952 0732 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/06 13:55:51.0123 0732 pwdrvio (6a14e4f798baeee7562b3140167de1d8) C:\Windows\system32\pwdrvio.sys
2011/06/06 13:55:51.0732 0732 pwdspio (411b933d8f4518d62e6662ddf9dc6cb2) C:\Windows\system32\pwdspio.sys
2011/06/06 13:55:51.0872 0732 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/06 13:55:52.0247 0732 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/06 13:55:52.0387 0732 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/06 13:55:52.0605 0732 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/06 13:55:52.0761 0732 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/06 13:55:52.0886 0732 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/06 13:55:53.0058 0732 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/06 13:55:53.0635 0732 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/06 13:55:53.0838 0732 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/06 13:55:54.0056 0732 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/06 13:55:54.0165 0732 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/06 13:55:54.0290 0732 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2011/06/06 13:55:54.0399 0732 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/06 13:55:54.0524 0732 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/06 13:55:54.0743 0732 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/06/06 13:55:54.0852 0732 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/06/06 13:55:55.0055 0732 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/06 13:55:55.0429 0732 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/06/06 13:55:55.0632 0732 rtl8192se (a02744dcd46c3c11e44256e912a7d4ac) C:\Windows\system32\DRIVERS\rtl8192se.sys
2011/06/06 13:55:55.0803 0732 RTSTOR (4501c8fe11df3192fb68d0d595ea94cc) C:\Windows\system32\drivers\RTSTOR.SYS
2011/06/06 13:55:55.0959 0732 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/06/06 13:55:56.0147 0732 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/06 13:55:56.0271 0732 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/06 13:55:56.0381 0732 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/06 13:55:56.0537 0732 Ser2pl (a59e73bcb63f4f30183cf0a22c29faf5) C:\Windows\system32\DRIVERS\ser2pl.sys
2011/06/06 13:55:56.0708 0732 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/06 13:55:56.0864 0732 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/06/06 13:55:57.0051 0732 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/06 13:55:57.0769 0732 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/06 13:55:57.0909 0732 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/06 13:55:58.0034 0732 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/06 13:55:58.0128 0732 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/06 13:55:58.0315 0732 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/06/06 13:55:58.0440 0732 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/06 13:55:58.0596 0732 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/06 13:55:58.0752 0732 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/06/06 13:55:58.0908 0732 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/06/06 13:55:59.0579 0732 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
2011/06/06 13:56:00.0156 0732 srv (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys
2011/06/06 13:56:00.0405 0732 srv2 (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/06 13:56:00.0608 0732 srvnet (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/06 13:56:00.0780 0732 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\Windows\system32\DRIVERS\sscdbus.sys
2011/06/06 13:56:01.0185 0732 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\Windows\system32\DRIVERS\sscdmdfl.sys
2011/06/06 13:56:01.0763 0732 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\Windows\system32\DRIVERS\sscdmdm.sys
2011/06/06 13:56:01.0934 0732 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/06 13:56:02.0199 0732 ss_bus (5a1d0ca8a5f1e7b4ec50b9d76c001f0e) C:\Windows\system32\DRIVERS\ss_bus.sys
2011/06/06 13:56:02.0309 0732 ss_mdfl (f0a85580e36a3a85059037d39a9cf079) C:\Windows\system32\DRIVERS\ss_mdfl.sys
2011/06/06 13:56:02.0574 0732 ss_mdm (84c3dbfd1bfa4adc0a950b3d5506cb00) C:\Windows\system32\DRIVERS\ss_mdm.sys
2011/06/06 13:56:02.0839 0732 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/06 13:56:03.0026 0732 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/06/06 13:56:03.0151 0732 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2011/06/06 13:56:03.0666 0732 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/06 13:56:03.0931 0732 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\Windows\system32\DRIVERS\tap0901t.sys
2011/06/06 13:56:04.0165 0732 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/06/06 13:56:04.0539 0732 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/06 13:56:04.0711 0732 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/06 13:56:04.0914 0732 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/06/06 13:56:05.0148 0732 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/06 13:56:05.0647 0732 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/06 13:56:05.0756 0732 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/06 13:56:06.0053 0732 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/06 13:56:06.0287 0732 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/06 13:56:06.0521 0732 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/06 13:56:06.0723 0732 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/06 13:56:06.0864 0732 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/06 13:56:07.0644 0732 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/06 13:56:07.0800 0732 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/06 13:56:08.0658 0732 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/06/06 13:56:09.0734 0732 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/06 13:56:09.0875 0732 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/06 13:56:10.0140 0732 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/06/06 13:56:10.0327 0732 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\drivers\usbehci.sys
2011/06/06 13:56:10.0452 0732 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/06 13:56:11.0154 0732 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/06/06 13:56:11.0388 0732 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
2011/06/06 13:56:11.0544 0732 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/06 13:56:11.0809 0732 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/06 13:56:11.0996 0732 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS
2011/06/06 13:56:12.0277 0732 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
2011/06/06 13:56:12.0605 0732 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
2011/06/06 13:56:12.0729 0732 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/06 13:56:12.0839 0732 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/06 13:56:13.0057 0732 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/06/06 13:56:13.0151 0732 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/06 13:56:13.0603 0732 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/06/06 13:56:13.0806 0732 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/06/06 13:56:13.0931 0732 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/06 13:56:14.0087 0732 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2011/06/06 13:56:14.0196 0732 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/06/06 13:56:14.0336 0732 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/06 13:56:14.0477 0732 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/06/06 13:56:14.0664 0732 volsnap (7c28b63e4c9e5c3be7ffe53789593619) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/06 13:56:14.0711 0732 Suspicious file (Forged): C:\Windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd
2011/06/06 13:56:14.0726 0732 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
2011/06/06 13:56:14.0882 0732 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/06 13:56:14.0991 0732 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/06/06 13:56:15.0647 0732 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/06/06 13:56:15.0818 0732 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/06 13:56:15.0927 0732 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/06 13:56:15.0959 0732 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/06 13:56:16.0099 0732 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/06/06 13:56:16.0239 0732 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/06 13:56:16.0411 0732 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/06 13:56:16.0520 0732 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/06/06 13:56:16.0910 0732 WinDriver6 (451f905bc7bff9e1cff2e7ae76196b2c) C:\Windows\system32\drivers\windrvr6.sys
2011/06/06 13:56:17.0082 0732 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/06 13:56:17.0581 0732 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/06 13:56:17.0799 0732 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/06/06 13:56:17.0924 0732 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/06 13:56:18.0267 0732 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/06 13:56:18.0283 0732 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR1
2011/06/06 13:56:19.0063 0732 ================================================================================
2011/06/06 13:56:19.0063 0732 Scan finished
2011/06/06 13:56:19.0063 0732 ================================================================================
2011/06/06 13:56:19.0079 1284 Detected object count: 1
2011/06/06 13:56:19.0079 1284 Actual detected object count: 1
2011/06/06 13:56:44.0522 1284 volsnap (7c28b63e4c9e5c3be7ffe53789593619) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/06 13:56:44.0522 1284 Suspicious file (Forged): C:\Windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd
2011/06/06 13:56:50.0045 1284 Backup copy found, using it..
2011/06/06 13:56:50.0060 1284 C:\Windows\system32\DRIVERS\volsnap.sys - will be cured after reboot
2011/06/06 13:56:50.0060 1284 Rootkit.Win32.TDSS.tdl3(volsnap) - User select action: Cure
|
|
06.06.2011, 14:28
| #6 |
| | Desktop schwarz, Startmenü leer, HDD angeblich kaputt Vielleich sollte ich noch dazu sagen, dass ich mich Hilfe von unhide.exe alle datein wieder bekommen habe und auch alle Programme im Startmenü sind. was mir nur noch fehlt ist der Papierkorp auf dem desktop... |
|
06.06.2011, 15:19
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, Startmenü leer, HDD angeblich kaputt TDSS wurde erkannt und entfernt. Bitte Windows neu starten und zur Kontrolle ein neues Log mit dem Kaspersky-TDSS-Killer machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.06.2011, 16:00
| #8 |
| | Desktop schwarz, Startmenü leer, HDD angeblich kaputt das hört sich gut an und den Papierkorb hab ich auch wieder, google ist dein freund  Code:
ATTFilter 2011/06/06 16:57:39.0619 3708 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/06/06 16:57:41.0114 3708 ================================================================================
2011/06/06 16:57:41.0114 3708 SystemInfo:
2011/06/06 16:57:41.0114 3708
2011/06/06 16:57:41.0114 3708 OS Version: 6.1.7600 ServicePack: 0.0
2011/06/06 16:57:41.0114 3708 Product type: Workstation
2011/06/06 16:57:41.0114 3708 ComputerName: MAGGI-PC
2011/06/06 16:57:41.0115 3708 UserName: Maggi
2011/06/06 16:57:41.0115 3708 Windows directory: C:\Windows
2011/06/06 16:57:41.0115 3708 System windows directory: C:\Windows
2011/06/06 16:57:41.0115 3708 Processor architecture: Intel x86
2011/06/06 16:57:41.0115 3708 Number of processors: 2
2011/06/06 16:57:41.0115 3708 Page size: 0x1000
2011/06/06 16:57:41.0115 3708 Boot type: Normal boot
2011/06/06 16:57:41.0115 3708 ================================================================================
2011/06/06 16:57:42.0629 3708 Initialize success
2011/06/06 16:58:24.0662 5136 ================================================================================
2011/06/06 16:58:24.0662 5136 Scan started
2011/06/06 16:58:24.0662 5136 Mode: Manual;
2011/06/06 16:58:24.0662 5136 ================================================================================
2011/06/06 16:58:26.0037 5136 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/06 16:58:26.0151 5136 acedrv10 (553ba53445795cbc0d4f9fa37eb855a6) C:\Windows\system32\drivers\acedrv10.sys
2011/06/06 16:58:26.0299 5136 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
2011/06/06 16:58:26.0425 5136 acehlp10 (8ce00b6a46962a1808b19cd1dae5170c) C:\Windows\system32\drivers\acehlp10.sys
2011/06/06 16:58:26.0536 5136 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/06 16:58:26.0572 5136 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/06 16:58:26.0612 5136 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/06 16:58:26.0660 5136 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/06 16:58:26.0687 5136 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/06 16:58:26.0811 5136 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/06/06 16:58:26.0871 5136 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/06 16:58:26.0897 5136 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/06/06 16:58:26.0926 5136 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/06 16:58:26.0953 5136 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/06/06 16:58:26.0982 5136 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/06 16:58:27.0005 5136 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/06 16:58:27.0033 5136 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/06 16:58:27.0092 5136 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
2011/06/06 16:58:27.0118 5136 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/06 16:58:27.0147 5136 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
2011/06/06 16:58:27.0184 5136 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/06/06 16:58:27.0232 5136 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/06/06 16:58:27.0256 5136 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/06 16:58:27.0325 5136 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/06 16:58:27.0361 5136 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/06 16:58:27.0436 5136 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/06/06 16:58:27.0601 5136 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/06/06 16:58:27.0686 5136 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/06 16:58:27.0754 5136 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/06 16:58:27.0852 5136 AVSUSB1 (b88fad538d4cb5e1af692b5ad9a4e21c) C:\Windows\system32\Drivers\AVSUSB1.SYS
2011/06/06 16:58:27.0938 5136 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/06/06 16:58:27.0987 5136 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/06/06 16:58:28.0051 5136 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/06/06 16:58:28.0134 5136 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/06 16:58:28.0240 5136 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/06 16:58:28.0290 5136 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/06 16:58:28.0320 5136 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/06 16:58:28.0369 5136 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/06/06 16:58:28.0400 5136 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/06 16:58:28.0429 5136 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/06 16:58:28.0449 5136 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/06 16:58:28.0494 5136 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/06 16:58:28.0549 5136 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/06 16:58:28.0576 5136 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/06 16:58:28.0622 5136 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/06 16:58:28.0694 5136 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/06/06 16:58:28.0811 5136 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/06 16:58:28.0851 5136 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/06 16:58:28.0904 5136 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/06/06 16:58:28.0936 5136 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/06 16:58:28.0975 5136 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/06 16:58:29.0060 5136 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/06 16:58:29.0141 5136 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2011/06/06 16:58:29.0239 5136 cvintdrv (dbd89bc0dbe00dcd245be8f61dbee291) C:\Windows\system32\drivers\cvintdrv.sys
2011/06/06 16:58:29.0296 5136 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
2011/06/06 16:58:29.0396 5136 CVPNDRVA (9eb103820665563ed4f5d1d50e2205d3) C:\Windows\system32\Drivers\CVPNDRVA.sys
2011/06/06 16:58:29.0478 5136 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/06/06 16:58:29.0562 5136 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/06/06 16:58:29.0649 5136 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/06/06 16:58:29.0718 5136 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys
2011/06/06 16:58:29.0793 5136 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/06/06 16:58:29.0910 5136 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/06 16:58:30.0065 5136 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/06/06 16:58:30.0271 5136 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/06 16:58:30.0351 5136 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/06 16:58:30.0415 5136 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/06/06 16:58:30.0489 5136 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/06/06 16:58:30.0530 5136 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/06 16:58:30.0572 5136 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/06/06 16:58:30.0602 5136 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/06/06 16:58:30.0656 5136 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/06 16:58:30.0714 5136 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/06/06 16:58:30.0789 5136 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/06/06 16:58:30.0882 5136 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/06/06 16:58:30.0933 5136 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/06 16:58:31.0023 5136 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/06 16:58:31.0058 5136 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/06 16:58:31.0131 5136 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/06 16:58:31.0202 5136 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/06/06 16:58:31.0259 5136 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/06 16:58:31.0284 5136 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/06 16:58:31.0346 5136 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/06 16:58:31.0390 5136 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/06 16:58:31.0451 5136 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/06 16:58:31.0539 5136 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/06 16:58:31.0615 5136 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/06/06 16:58:31.0681 5136 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/06 16:58:31.0724 5136 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/06 16:58:31.0837 5136 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
2011/06/06 16:58:31.0917 5136 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/06 16:58:32.0074 5136 IntcAzAudAddService (56ac584fe02e0c1d5924892562cbd572) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/06 16:58:32.0234 5136 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/06 16:58:32.0298 5136 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/06 16:58:32.0334 5136 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/06 16:58:32.0393 5136 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/06/06 16:58:32.0424 5136 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/06/06 16:58:32.0456 5136 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/06 16:58:32.0497 5136 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/06 16:58:32.0638 5136 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/06 16:58:32.0688 5136 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/06 16:58:32.0757 5136 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/06 16:58:32.0826 5136 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/06 16:58:32.0920 5136 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/06/06 16:58:33.0003 5136 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/06 16:58:33.0068 5136 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/06 16:58:33.0095 5136 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/06 16:58:33.0152 5136 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/06 16:58:33.0190 5136 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/06 16:58:33.0295 5136 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/06/06 16:58:33.0381 5136 lvalarmk (bad54f937b43f0e75db242c1f40c2dcf) C:\Windows\system32\drivers\lvalarmk.sys
2011/06/06 16:58:33.0459 5136 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\Windows\system32\drivers\mbam.sys
2011/06/06 16:58:33.0564 5136 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/06 16:58:33.0629 5136 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/06 16:58:33.0699 5136 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/06/06 16:58:33.0750 5136 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/06 16:58:33.0774 5136 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/06 16:58:33.0826 5136 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/06 16:58:33.0868 5136 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/06/06 16:58:33.0896 5136 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/06 16:58:33.0952 5136 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/06 16:58:34.0019 5136 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/06/06 16:58:34.0091 5136 mrxsmb (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/06 16:58:34.0201 5136 mrxsmb10 (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/06 16:58:34.0275 5136 mrxsmb20 (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/06 16:58:34.0312 5136 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/06 16:58:34.0375 5136 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/06 16:58:34.0442 5136 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/06/06 16:58:34.0492 5136 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/06 16:58:34.0529 5136 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/06 16:58:34.0563 5136 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/06 16:58:34.0598 5136 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/06 16:58:34.0652 5136 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/06/06 16:58:34.0702 5136 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/06/06 16:58:34.0803 5136 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/06 16:58:34.0842 5136 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/06/06 16:58:34.0892 5136 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/06 16:58:34.0946 5136 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/06/06 16:58:34.0990 5136 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/06 16:58:35.0067 5136 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/06/06 16:58:35.0094 5136 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/06 16:58:35.0132 5136 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/06 16:58:35.0182 5136 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/06 16:58:35.0262 5136 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/06 16:58:35.0285 5136 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/06/06 16:58:35.0326 5136 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/06 16:58:35.0414 5136 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/06 16:58:35.0515 5136 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/06 16:58:35.0570 5136 ni1006k (2ad3c955a4b2a0c82c1906f61cb297f8) C:\Windows\system32\drivers\ni1006k.sys
2011/06/06 16:58:35.0643 5136 ni1045k (f965ee798882b6ccf8de95af3dd18b7c) C:\Windows\system32\drivers\ni1045kl.sys
2011/06/06 16:58:35.0686 5136 ni1065k (a5cd3acbac593859ad03ed957b443760) C:\Windows\system32\drivers\ni1065k.sys
2011/06/06 16:58:35.0749 5136 nicdrk (6039f84cac8253bdf29192f6f97d9e9f) C:\Windows\system32\drivers\nicdrkl.sys
2011/06/06 16:58:35.0793 5136 nicsrk (c45d7b300c0ee6e6a2947beebbccfb6e) C:\Windows\system32\drivers\nicsrkl.sys
2011/06/06 16:58:35.0918 5136 nidimk (ce49187b110490df57605ced0912608c) C:\Windows\system32\drivers\nidimkl.sys
2011/06/06 16:58:35.0987 5136 nidmxfk (78170e069c6bb72ddb49fe0deb364030) C:\Windows\system32\drivers\nidmxfkl.sys
2011/06/06 16:58:36.0085 5136 nidsark (9091349fcb0728a7f8642635b209a422) C:\Windows\system32\drivers\nidsarkl.sys
2011/06/06 16:58:36.0137 5136 niemrk (5735b60fafa099e021bcd9ab1f76caf4) C:\Windows\system32\drivers\niemrkl.sys
2011/06/06 16:58:36.0179 5136 niesrk (9b0ed36a6148a933bc475db13e4369db) C:\Windows\system32\drivers\niesrkl.sys
2011/06/06 16:58:36.0231 5136 nifslk (af8207d298e06c2d3d3242dd8dad196d) C:\Windows\system32\drivers\nifslkl.sys
2011/06/06 16:58:36.0326 5136 nimdbgk (fc83df410bb8c09608a9e86c28a70825) C:\Windows\system32\drivers\nimdbgkl.sys
2011/06/06 16:58:36.0380 5136 nimru2k (bb6378f6f0582b4cb0d898e6af0d3849) C:\Windows\system32\drivers\nimru2kl.sys
2011/06/06 16:58:36.0436 5136 nimsdrk (d7af65cc84bfc2ad9f6502706563588c) C:\Windows\system32\drivers\nimsdrkl.sys
2011/06/06 16:58:36.0526 5136 nimstsk (049af1ff82db027a6dadf6c8587d6bd5) C:\Windows\system32\drivers\nimstskl.sys
2011/06/06 16:58:36.0576 5136 nimxdfk (2567d0feb6cb457b8625484c15fd2c46) C:\Windows\system32\drivers\nimxdfkl.sys
2011/06/06 16:58:36.0616 5136 nimxpk (bc5ce2c29cfbfa4303fc59f8dab5e97a) C:\Windows\system32\drivers\nimxpkl.sys
2011/06/06 16:58:36.0663 5136 ninshsdk (0de79f7eb245bbf2c087457c4edb7538) C:\Windows\system32\drivers\ninshsdkl.sys
2011/06/06 16:58:36.0723 5136 niorbk (2ee2631f636f2cceb8f054bee79ad6c4) C:\Windows\system32\drivers\niorbkl.sys
2011/06/06 16:58:36.0771 5136 nipalfwedl (b164168b4b1a1f0c6e66ef3225a00832) C:\Windows\system32\drivers\nipalfwedl.sys
2011/06/06 16:58:36.0847 5136 NIPALK (10933c80f3eeab90652701bad0c5e74a) C:\Windows\system32\drivers\nipalk.sys
2011/06/06 16:58:36.0898 5136 nipalusbedl (b7a4abcfdaf414bcaac9f198a44eb336) C:\Windows\system32\drivers\nipalusbedl.sys
2011/06/06 16:58:36.0958 5136 nipbcfk (2ddb15147e226bf2b6272fd3d5384008) C:\Windows\system32\drivers\nipbcfk.sys
2011/06/06 16:58:36.0984 5136 nipxigpk (1912641a3f404fbedf597e27c675b2dd) C:\Windows\system32\drivers\nipxigpk.sys
2011/06/06 16:58:37.0051 5136 nipxirmk (6e1642d565d952c2bed08287c7c27726) C:\Windows\system32\drivers\nipxirmkl.sys
2011/06/06 16:58:37.0108 5136 niscdk (e4389a95e110ad9cfebf85fc9ba8388e) C:\Windows\system32\drivers\niscdkl.sys
2011/06/06 16:58:37.0159 5136 nisdigk (3b89552892fb2daa5ddd126adbbd117b) C:\Windows\system32\drivers\nisdigkl.sys
2011/06/06 16:58:37.0219 5136 nisftk (0ccd6e717df1838b53e2e2daca235fd3) C:\Windows\system32\drivers\nisftkl.sys
2011/06/06 16:58:37.0255 5136 nispdk (3cad0833c60bedf03d17fd6e740bb178) C:\Windows\system32\drivers\nispdkl.sys
2011/06/06 16:58:37.0275 5136 nissrk (6f1f3ac5ac7235c15328b057088e6c2c) C:\Windows\system32\drivers\nissrkl.sys
2011/06/06 16:58:37.0307 5136 nistc2k (f3e81b7b92dd962e674018c810a3025e) C:\Windows\system32\drivers\nistc2kl.sys
2011/06/06 16:58:37.0340 5136 nistcrk (0a24b2f6179db04d7373df141bfa1e03) C:\Windows\system32\drivers\nistcrkl.sys
2011/06/06 16:58:37.0456 5136 niswdk (ddb620d7d781e2dfb75d082ddef795f8) C:\Windows\system32\drivers\niswdkl.sys
2011/06/06 16:58:37.0519 5136 nitiork (5c78b83500319b05722d29b46030d8ad) C:\Windows\system32\drivers\nitiorkl.sys
2011/06/06 16:58:37.0551 5136 niufurk (ff8ae034cd17ea4b4e2d332937ca0d7c) C:\Windows\system32\drivers\niufurkl.sys
2011/06/06 16:58:37.0605 5136 NiViFWK (1c6ca16957bad7a11a990904cea8598d) C:\Windows\system32\drivers\NiViFWKl.sys
2011/06/06 16:58:37.0684 5136 NiViPciK (26fd31288feef016a5462b24a3d50e65) C:\Windows\system32\drivers\NiViPciKl.sys
2011/06/06 16:58:37.0742 5136 NiViPxiK (0844525334d794480ca493a4c7d0193b) C:\Windows\system32\drivers\NiViPxiKl.sys
2011/06/06 16:58:37.0800 5136 niwfrk (5d31050aaf214a036957bc7959099979) C:\Windows\system32\drivers\niwfrkl.sys
2011/06/06 16:58:37.0860 5136 nixsrk (2d9b64519309d2d7d1044b8092301c7b) C:\Windows\system32\drivers\nixsrkl.sys
2011/06/06 16:58:37.0914 5136 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/06/06 16:58:38.0005 5136 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/06 16:58:38.0105 5136 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
2011/06/06 16:58:38.0290 5136 ntiomin (8a2788ff5aa0fe75d7231417200406ff) C:\Windows\system32\drivers\ntiomin.sys
2011/06/06 16:58:38.0369 5136 ntiopnp (5850c28057ddea04390b88f8cc482504) C:\Windows\system32\drivers\ntiopnp.sys
2011/06/06 16:58:38.0405 5136 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/06/06 16:58:38.0477 5136 NVHDA (b4f70fac4ea61cf150823aa063a39ff9) C:\Windows\system32\drivers\nvhda32v.sys
2011/06/06 16:58:38.0879 5136 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/06 16:58:39.0408 5136 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
2011/06/06 16:58:39.0505 5136 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
2011/06/06 16:58:39.0593 5136 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/06 16:58:39.0641 5136 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/06 16:58:39.0739 5136 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/06/06 16:58:39.0804 5136 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/06/06 16:58:39.0834 5136 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/06/06 16:58:39.0921 5136 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/06/06 16:58:39.0963 5136 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/06/06 16:58:39.0998 5136 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/06 16:58:40.0056 5136 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/06 16:58:40.0124 5136 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/06/06 16:58:40.0185 5136 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/06/06 16:58:40.0357 5136 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/06 16:58:40.0390 5136 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/06/06 16:58:40.0473 5136 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/06 16:58:40.0520 5136 pwdrvio (6a14e4f798baeee7562b3140167de1d8) C:\Windows\system32\pwdrvio.sys
2011/06/06 16:58:40.0589 5136 pwdspio (411b933d8f4518d62e6662ddf9dc6cb2) C:\Windows\system32\pwdspio.sys
2011/06/06 16:58:40.0665 5136 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/06 16:58:40.0849 5136 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/06 16:58:40.0886 5136 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/06 16:58:40.0914 5136 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/06 16:58:40.0992 5136 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/06 16:58:41.0031 5136 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/06 16:58:41.0090 5136 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/06 16:58:41.0121 5136 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/06 16:58:41.0173 5136 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/06 16:58:41.0239 5136 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/06 16:58:41.0262 5136 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/06 16:58:41.0315 5136 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2011/06/06 16:58:41.0362 5136 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/06 16:58:41.0423 5136 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/06 16:58:41.0470 5136 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/06/06 16:58:41.0506 5136 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/06/06 16:58:41.0596 5136 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/06 16:58:41.0690 5136 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/06/06 16:58:41.0770 5136 rtl8192se (a02744dcd46c3c11e44256e912a7d4ac) C:\Windows\system32\DRIVERS\rtl8192se.sys
2011/06/06 16:58:41.0857 5136 RTSTOR (4501c8fe11df3192fb68d0d595ea94cc) C:\Windows\system32\drivers\RTSTOR.SYS
2011/06/06 16:58:41.0887 5136 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/06/06 16:58:41.0973 5136 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/06 16:58:42.0008 5136 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/06 16:58:42.0054 5136 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/06 16:58:42.0128 5136 Ser2pl (a59e73bcb63f4f30183cf0a22c29faf5) C:\Windows\system32\DRIVERS\ser2pl.sys
2011/06/06 16:58:42.0187 5136 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/06 16:58:42.0225 5136 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/06/06 16:58:42.0265 5136 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/06 16:58:42.0340 5136 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/06 16:58:42.0366 5136 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/06 16:58:42.0421 5136 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/06 16:58:42.0478 5136 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/06 16:58:42.0539 5136 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/06/06 16:58:42.0568 5136 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/06 16:58:42.0606 5136 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/06 16:58:42.0641 5136 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/06/06 16:58:42.0721 5136 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/06/06 16:58:42.0854 5136 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
2011/06/06 16:58:42.0968 5136 srv (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys
2011/06/06 16:58:43.0090 5136 srv2 (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/06 16:58:43.0177 5136 srvnet (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/06 16:58:43.0238 5136 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\Windows\system32\DRIVERS\sscdbus.sys
2011/06/06 16:58:43.0313 5136 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\Windows\system32\DRIVERS\sscdmdfl.sys
2011/06/06 16:58:43.0381 5136 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\Windows\system32\DRIVERS\sscdmdm.sys
2011/06/06 16:58:43.0447 5136 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/06 16:58:43.0523 5136 ss_bus (5a1d0ca8a5f1e7b4ec50b9d76c001f0e) C:\Windows\system32\DRIVERS\ss_bus.sys
2011/06/06 16:58:43.0601 5136 ss_mdfl (f0a85580e36a3a85059037d39a9cf079) C:\Windows\system32\DRIVERS\ss_mdfl.sys
2011/06/06 16:58:43.0676 5136 ss_mdm (84c3dbfd1bfa4adc0a950b3d5506cb00) C:\Windows\system32\DRIVERS\ss_mdm.sys
2011/06/06 16:58:43.0781 5136 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/06 16:58:43.0841 5136 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/06/06 16:58:43.0883 5136 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2011/06/06 16:58:43.0932 5136 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/06 16:58:44.0008 5136 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\Windows\system32\DRIVERS\tap0901t.sys
2011/06/06 16:58:44.0124 5136 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/06/06 16:58:44.0198 5136 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/06 16:58:44.0256 5136 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/06 16:58:44.0303 5136 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/06/06 16:58:44.0362 5136 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/06 16:58:44.0410 5136 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/06 16:58:44.0448 5136 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/06 16:58:44.0507 5136 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/06 16:58:44.0555 5136 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/06 16:58:44.0602 5136 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/06 16:58:44.0645 5136 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/06 16:58:44.0697 5136 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/06 16:58:44.0740 5136 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/06 16:58:44.0773 5136 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/06 16:58:44.0886 5136 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/06/06 16:58:44.0955 5136 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/06 16:58:44.0986 5136 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/06 16:58:45.0083 5136 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/06/06 16:58:45.0193 5136 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\drivers\usbehci.sys
2011/06/06 16:58:45.0262 5136 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/06 16:58:45.0365 5136 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/06/06 16:58:45.0431 5136 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
2011/06/06 16:58:45.0488 5136 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/06 16:58:45.0607 5136 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/06 16:58:45.0672 5136 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS
2011/06/06 16:58:45.0731 5136 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
2011/06/06 16:58:45.0816 5136 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
2011/06/06 16:58:45.0901 5136 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/06 16:58:45.0932 5136 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/06 16:58:46.0001 5136 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/06/06 16:58:46.0043 5136 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/06 16:58:46.0103 5136 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/06/06 16:58:46.0136 5136 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/06/06 16:58:46.0171 5136 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/06 16:58:46.0410 5136 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2011/06/06 16:58:46.0470 5136 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/06/06 16:58:46.0504 5136 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/06 16:58:46.0546 5136 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/06/06 16:58:46.0586 5136 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/06 16:58:46.0620 5136 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/06 16:58:46.0666 5136 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/06/06 16:58:46.0715 5136 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/06/06 16:58:46.0758 5136 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/06 16:58:46.0811 5136 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/06 16:58:46.0828 5136 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/06 16:58:46.0884 5136 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/06/06 16:58:46.0951 5136 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/06 16:58:47.0017 5136 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/06 16:58:47.0052 5136 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/06/06 16:58:47.0128 5136 WinDriver6 (451f905bc7bff9e1cff2e7ae76196b2c) C:\Windows\system32\drivers\windrvr6.sys
2011/06/06 16:58:47.0235 5136 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/06 16:58:47.0308 5136 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/06 16:58:47.0393 5136 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/06/06 16:58:47.0445 5136 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/06 16:58:47.0561 5136 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/06 16:58:47.0574 5136 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR1
2011/06/06 16:58:48.0359 5136 ================================================================================
2011/06/06 16:58:48.0360 5136 Scan finished
2011/06/06 16:58:48.0360 5136 ================================================================================
2011/06/06 16:58:48.0375 5128 Detected object count: 0
2011/06/06 16:58:48.0375 5128 Actual detected object count: 0
|
|
06.06.2011, 16:01
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, Startmenü leer, HDD angeblich kaputt Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.06.2011, 16:28
| #10 |
| | Desktop schwarz, Startmenü leer, HDD angeblich kaputt hab ich gemacht: Code:
ATTFilter ComboFix 11-06-05.06 - Maggi 06.06.2011 17:06:48.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.49.1031.18.3067.2082 [GMT 2:00]
ausgeführt von:: c:\users\Maggi\Desktop\cofi.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Windows Defender
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-05-06 bis 2011-06-06 ))))))))))))))))))))))))))))))
.
.
2011-06-06 15:15 . 2011-06-06 15:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-06 13:13 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-06 13:13 . 2011-06-06 13:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-06 13:13 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-05 21:09 . 2011-06-05 21:09 -------- d-----w- C:\_OTL
2011-06-03 11:34 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{80695B86-DBFD-47A2-BECC-5863F1DDC8E3}\mpengine.dll
2011-06-02 08:29 . 2011-06-02 08:29 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-25 15:33 . 2011-04-22 19:36 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-24 15:23 . 2011-05-24 15:26 -------- d-----w- c:\program files\ICQ7.5
2011-05-24 09:36 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-19 19:34 . 2011-05-19 19:35 -------- d-----w- c:\program files\Tunngle
2011-05-13 09:40 . 2011-05-13 09:40 -------- d---a-w- C:\PADS_ES_Evaluation
2011-05-13 09:38 . 2011-05-13 09:38 -------- d-----w- c:\windows\Downloaded Installations
2011-05-11 16:49 . 2007-01-04 10:15 9336 ----a-w- c:\windows\system32\WinIo.sys
2011-05-11 07:28 . 2011-03-25 03:06 284160 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 07:28 . 2011-03-25 03:06 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 07:28 . 2011-03-25 03:06 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 07:28 . 2011-03-25 03:06 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 07:28 . 2011-03-25 03:06 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 07:28 . 2011-03-25 03:06 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 07:28 . 2011-03-25 03:06 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 07:28 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 07:28 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-06 11:59 . 2009-07-13 23:11 245328 ----a-w- c:\windows\system32\drivers\volsnap.sys
2011-04-26 20:56 . 2011-04-26 20:56 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-04-26 20:56 . 2011-04-26 20:56 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-03-20 08:59 . 2009-11-04 09:06 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-12 11:31 . 2011-04-28 09:05 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-11 05:44 . 2011-04-28 09:05 146304 ----a-w- c:\windows\system32\drivers\storport.sys
2011-03-11 05:44 . 2011-04-28 09:05 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-03-11 05:44 . 2011-04-28 09:05 1210240 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-03-11 05:44 . 2011-04-28 09:05 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-03-11 05:43 . 2011-04-28 09:05 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-03-11 05:43 . 2011-04-28 09:05 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-03-11 05:43 . 2011-04-28 09:05 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-03-11 05:40 . 2011-04-14 21:17 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-14 21:17 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:39 . 2011-04-28 09:05 1686016 ----a-w- c:\windows\system32\esent.dll
2011-03-11 05:37 . 2011-04-28 09:05 74240 ----a-w- c:\windows\system32\fsutil.exe
2004-03-15 16:51 . 2004-03-15 16:51 114688 ----a-w- c:\program files\internet explorer\plugins\LV71ActiveXControl.dll
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2007-07-24 17:03 . 2007-07-24 17:03 118784 ----a-w- c:\program files\internet explorer\plugins\LV85ActiveXControl.dll
2008-12-10 13:50 . 2008-12-10 13:50 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2009-06-23 18:41 . 2009-06-23 18:41 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll
2011-05-02 09:02 . 2011-03-24 17:28 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-10-31 6609440]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-10-31 1833504]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AVSUSB1;AvaSpec-USB1 driver;c:\windows\system32\Drivers\AVSUSB1.SYS [2006-11-08 45877]
R3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [2008-12-05 20104]
R3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [2009-04-01 26192]
R3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [2009-06-17 11344]
R3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [2009-04-01 22608]
R3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [2009-01-02 11352]
R3 nicsrk;nicsrk;c:\windows\system32\drivers\nicsrkl.sys [2009-05-28 11336]
R3 nidevldu;NI Device Loader;c:\windows\system32\nipalsm.exe [2008-08-21 12696]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [2008-06-13 11360]
R3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [2009-06-17 11336]
R3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [2009-06-17 11344]
R3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [2009-05-28 11336]
R3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [2009-05-28 11336]
R3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [2009-01-06 11352]
R3 niLXIDiscovery;National Instruments LXI Discovery Service;c:\program files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2009-03-05 131704]
R3 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2009-06-04 193648]
R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [2008-11-24 11360]
R3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [2008-12-29 11392]
R3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [x]
R3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [x]
R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [2008-12-29 11360]
R3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [2009-06-16 11368]
R3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [2009-03-30 11360]
R3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [2009-05-26 11904]
R3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [2009-05-26 11896]
R3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [2008-06-25 20568]
R3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [2009-01-05 11376]
R3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [2009-02-05 11352]
R3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [2009-03-30 11344]
R3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [2009-01-05 11376]
R3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [2009-05-28 11336]
R3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [2009-01-02 11312]
R3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [2009-01-02 11360]
R3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [2008-07-28 11336]
R3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [2009-01-02 11360]
R3 niufurk;niufurk;c:\windows\system32\drivers\niufurkl.sys [2009-05-28 11368]
R3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWKl.sys [2009-03-05 11384]
R3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [2009-06-21 11360]
R3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [2009-05-28 11336]
R3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [2009-05-28 11336]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2009-10-23 16456]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2009-10-23 11088]
R3 usb6xxxk;usb6xxxk;c:\windows\system32\drivers\usb6xxxkl.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-11-19 691696]
S0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\System32\drivers\nipbcfk.sys [2008-08-21 15448]
S1 ntiomin;ntiomin; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 acedrv10;acedrv10;c:\windows\system32\drivers\acedrv10.sys [2007-07-27 330144]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2007-07-27 251680]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-07-15 233472]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [2009-06-04 11344]
S2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [2009-06-21 11360]
S2 resetWinService;Reset Reader;c:\program files\Realtek Semiconductor Corp\Realtek USB 2.0 Card Reader\reset.exe [2008-10-29 70656]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-11-22 718072]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-07-15 36608]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-01-29 997408]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - FSUSBEXDISK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 81.173.194.76 81.173.194.69
TCP: Interfaces\{34B33514-5C05-43A7-8A2F-A23262FD8FDF}: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Maggi\AppData\Roaming\Mozilla\Firefox\Profiles\docb55n9.default\
FF - prefs.js: browser.startup.homepage - www.gmx.net
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-NPSStartup - (no file)
HKLM-Run-Malwarebytes' Anti-Malware (reboot) - c:\program files\aaMalwarebytes' Anti-Malware\mbam.exe
SafeBoot-15569176.sys
AddRemove-Nero - Burning Rom!UninstallKey - d:\programme\Nero 7\\nero\uninstall\UNNERO.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1241376093-3597709944-3704505792-1000\Software\SecuROM\License information*]
"datasecu"=hex:c4,86,32,37,7c,88,5f,17,f7,54,13,04,0e,95,a3,6b,bc,81,9e,6b,c7,
9f,d5,3d,80,3b,e5,ee,8f,a6,a8,c8,73,97,a8,ae,51,a2,81,ee,c5,4f,df,4f,26,53,\
"rkeysecu"=hex:a5,a6,49,e1,45,84,b0,e0,e6,02,57,c8,d3,8a,0e,fb
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S30RP1.EXE
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-06-06 17:22:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-06-06 15:22
.
Vor Suchlauf: 18 Verzeichnis(se), 17.429.696.512 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 17.127.968.768 Bytes frei
.
- - End Of File - - 657E1B468657E5806380AF8F88C73AF5
|
|
06.06.2011, 18:19
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, Startmenü leer, HDD angeblich kaputt Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.06.2011, 10:24
| #12 |
| | Desktop schwarz, Startmenü leer, HDD angeblich kaputt hab alles gemacht: GMER: Code:
ATTFilter GMER 1.0.15.15640 - hxxp://www.gmer.net
Rootkit scan 2011-06-07 09:37:50
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200BEVT-00ZCT0 rev.11.01A11
Running: xufofr6q.exe; Driver: C:\Users\Maggi\AppData\Local\Temp\pgloypod.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 83C87569 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 83CAC092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.reloc C:\Windows\system32\drivers\acehlp10.sys section is executable [0x9A37AB80, 0x37FC7, 0xE0000060]
.reloc C:\Windows\system32\drivers\acedrv10.sys section is executable [0xA088F000, 0x459C1, 0xE0000060]
.vmp2 C:\Windows\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0xA08FC69D]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA0901300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA09D4300, 0x1BEE, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Tunngle\TnglCtrl.exe[404] ntdll.dll!DbgBreakPoint 778D3370 1 Byte [90]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74232494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74215624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [742156E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7423250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74228573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74224D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742250CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [742251A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [742266D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [742282CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74228819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7422907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7422E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2404] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74224C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x85 0x3B 0x54 0x84 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xB5 0xDB 0xC5 0x2A ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x33 0xBB 0x7A 0xCD ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD2 0xAB 0x17 0x47 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x36 0x51 0xAF 0x55 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xF7 0xA3 0xDA 0x14 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x85 0x3B 0x54 0x84 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xB5 0xDB 0xC5 0x2A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x33 0xBB 0x7A 0xCD ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD2 0xAB 0x17 0x47 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x36 0x51 0xAF 0x55 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xF7 0xA3 0xDA 0x14 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x85 0x3B 0x54 0x84 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xB5 0xDB 0xC5 0x2A ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x33 0xBB 0x7A 0xCD ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD2 0xAB 0x17 0x47 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x36 0x51 0xAF 0x55 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xF7 0xA3 0xDA 0x14 ...
---- Files - GMER 1.0.15 ----
File C:\Users\Maggi\Documents\BÜCHER STUDIUM\BÜCHER von Claus!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\Handbuch der Mess- und Automatisierungstechnik im Automobil\Teil C - Bauelemente für die Signalverarbeitung mit elektrischer und nichtelektrischer Hilfsenergie\02 Nichtelektrische Hilfsenergie.pdf 310945 bytes
File C:\Users\Maggi\Documents\BÜCHER STUDIUM\BÜCHER von Claus!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\Handbuch der Mess- und Automatisierungstechnik im Automobil\Teil C - Bauelemente für die Signalverarbeitung mit elektrischer und nichtelektrischer Hilfsenergie\Elektrische Hilfsenergie.pdf 2504510 bytes
---- EOF - GMER 1.0.15 ----
OSAM: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 11:20:07 on 07.06.2011 OS: Windows 7 (Build 7600), 32-bit Default Browser: Mozilla Corporation Firefox 4.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\MLCFG32.CPL "Nero BurnRights" - ? - D:\Programme\Nero 7\Nero Toolkit\NeroBurnRights.cpl (File not found) [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "acedrv10" (acedrv10) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv10.sys "acedrv11" (acedrv11) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv11.sys "acehlp10" (acehlp10) - "Protect Software GmbH" - C:\Windows\system32\drivers\acehlp10.sys "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "AvaSpec-USB1 driver" (AVSUSB1) - "Avantes" - C:\Windows\System32\Drivers\AVSUSB1.SYS "avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "catchme" (catchme) - ? - C:\Users\Maggi\AppData\Local\Temp\catchme.sys (File not found) "Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\Windows\system32\Drivers\CVPNDRVA.sys "cvintdrv" (cvintdrv) - ? - C:\Windows\system32\drivers\cvintdrv.sys (File found, but it contains no detailed information) "FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS (File found, but it contains no detailed information) "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "lvalarmk" (lvalarmk) - "National Instruments Corporation" - C:\Windows\system32\drivers\lvalarmk.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "National Instruments Class Upper Filter Driver" (nipbcfk) - "National Instruments Corporation" - C:\Windows\System32\drivers\nipbcfk.sys "NI PXI Generic Chassis Pilot" (nipxigpk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nipxigpk.sys "NI PXI-1006 Chassis Pilot" (ni1006k) - "National Instruments Corporation" - C:\Windows\system32\drivers\ni1006k.sys "NI PXI-1045 Chassis Pilot" (ni1045k) - "National Instruments Corporation" - C:\Windows\system32\drivers\ni1045kl.sys "NI PXIe-1065 Chassis Pilot" (ni1065k) - "National Instruments Corporation" - C:\Windows\system32\drivers\ni1065k.sys "NI-VISA FireWire Driver" (NiViFWK) - "National Instruments Corporation" - C:\Windows\System32\drivers\NiViFWKl.sys "NI-VISA PCI Driver" (NiViPciK) - "National Instruments Corporation" - C:\Windows\System32\drivers\NiViPciKl.sys "NI-VISA PXI Driver" (NiViPxiK) - "National Instruments Corporation" - C:\Windows\System32\drivers\NiViPxiKl.sys "nicdrk" (nicdrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nicdrkl.sys "nicsrk" (nicsrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nicsrkl.sys "nidimk" (nidimk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nidimkl.sys "nidmxfk" (nidmxfk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nidmxfkl.sys "nidsark" (nidsark) - "National Instruments Corporation" - C:\Windows\system32\drivers\nidsarkl.sys "niemrk" (niemrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\niemrkl.sys "niesrk" (niesrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\niesrkl.sys "nifslk" (nifslk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nifslkl.sys "nimdbgk" (nimdbgk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nimdbgkl.sys "nimru2k" (nimru2k) - "National Instruments Corporation" - C:\Windows\system32\drivers\nimru2kl.sys "nimsdrk" (nimsdrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nimsdrkl.sys "nimslk" (nimslk) - ? - C:\Windows\system32\drivers\nimslk.dll (File not found) "nimsrlk" (nimsrlk) - ? - C:\Windows\system32\drivers\nimsrlk.dll (File not found) "nimstsk" (nimstsk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nimstskl.sys "nimxdfk" (nimxdfk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nimxdfkl.sys "nimxpk" (nimxpk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nimxpkl.sys "ninshsdk" (ninshsdk) - "National Instruments Corporation" - C:\Windows\system32\drivers\ninshsdkl.sys "niorbk" (niorbk) - "National Instruments Corporation" - C:\Windows\system32\drivers\niorbkl.sys "nipalfwedl" (nipalfwedl) - "National Instruments Corporation" - C:\Windows\System32\drivers\nipalfwedl.sys "NIPALK" (NIPALK) - "National Instruments Corporation" - C:\Windows\System32\drivers\nipalk.sys "nipalusbedl" (nipalusbedl) - "National Instruments Corporation" - C:\Windows\System32\drivers\nipalusbedl.sys "nipxirmk" (nipxirmk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nipxirmkl.sys "niscdk" (niscdk) - "National Instruments Corporation" - C:\Windows\system32\drivers\niscdkl.sys "nisdigk" (nisdigk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nisdigkl.sys "nisftk" (nisftk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nisftkl.sys "nispdk" (nispdk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nispdkl.sys "nissrk" (nissrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nissrkl.sys "nistc2k" (nistc2k) - "National Instruments Corporation" - C:\Windows\system32\drivers\nistc2kl.sys "nistcrk" (nistcrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nistcrkl.sys "niswdk" (niswdk) - "National Instruments Corporation" - C:\Windows\system32\drivers\niswdkl.sys "nitiork" (nitiork) - "National Instruments Corporation" - C:\Windows\system32\drivers\nitiorkl.sys "niufurk" (niufurk) - "National Instruments Corporation" - C:\Windows\system32\drivers\niufurkl.sys "niwfrk" (niwfrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\niwfrkl.sys "nixsrk" (nixsrk) - "National Instruments Corporation" - C:\Windows\system32\drivers\nixsrkl.sys "ntiomin" (ntiomin) - ? - C:\Windows\system32\drivers\ntiomin.sys "ntiopnp" (ntiopnp) - ? - C:\Windows\system32\drivers\ntiopnp.sys "Prolific Serial port driver" (Ser2pl) - "Prolific Technology Inc." - C:\Windows\System32\DRIVERS\ser2pl.sys "pwdrvio" (pwdrvio) - ? - C:\Windows\system32\pwdrvio.sys (File found, but it contains no detailed information) "pwdspio" (pwdspio) - ? - C:\Windows\system32\pwdspio.sys (File found, but it contains no detailed information) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "usb6xxxk" (usb6xxxk) - ? - C:\Windows\system32\drivers\usb6xxxkl.sys (File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\Open Office\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} "DIALux 2.0 ArchivProtocol Class" - ? - D:\Programme\DIALux\DLXToolBox.dll (File not found) {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\VISSHE.DLL {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - ? - D:\Programme\Nero 7\Nero CoverDesigner\CoverEdExtension.dll (File not found) {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\Open Office\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\Open Office\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\Open Office\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\Open Office\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\OLKFSTUB.DLL {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll DIALux Doc ShellExtension "{7889C2D5-D128-43e2-A8D8-A7590A12C8B3}" - ? - (File not found | COM-object registry key not found) DIALux LumFile ShellExtension "{7EFFF3DD-71B3-11D4-A25E-005056DCFB89}" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "{472734EA-242A-422B-ADF8-83D1E48CC825}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10c.ocx / hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll "ICQ7.5" - "ICQ, LLC." - C:\Program Files\ICQ7.5\ICQ.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} "DIALux 3.1 ULDBrowserHelper Class" - ? - D:\Programme\DIALux\DLXShellExtension.dll (File not found) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe "CPUCooLServer Service" (CPUCooLServer) - ? - C:\Program Files\CPUCooL\CooLSrv.exe (File not found) "FsUsbExService" (FsUsbExService) - "Teruten" - C:\Windows\system32\FsUsbExService.Exe "Google Updater Service" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Lookout Citadel Server" (LkCitadelServer) - "National Instruments, Inc." - C:\Windows\system32\lkcitdl.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe "National Instruments Domain Service" (NIDomainService) - "National Instruments Corporation" - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe "National Instruments LXI Discovery Service" (niLXIDiscovery) - "National Instruments Corporation" - C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe "National Instruments mDNS Responder Service" (nimDNSResponder) - "National Instruments Corporation" - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe "National Instruments PSP Server Locator" (lkClassAds) - "National Instruments Corporation" - C:\Windows\system32\lkads.exe "National Instruments Time Synchronization" (lkTimeSync) - "National Instruments Corporation" - C:\Windows\system32\lktsrv.exe "National Instruments Variable Engine" (NITaggerService) - "National Instruments Corporation" - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe "NBService" (NBService) - ? - D:\Programme\Nero 7\Nero BackItUp\NBService.exe (File not found) "NI Configuration Manager" (mxssvr) - "National Instruments Corporation" - C:\Program Files\National Instruments\MAX\nimxs.exe "NI Device Loader" (nidevldu) - "National Instruments Corporation" - C:\Windows\system32\nipalsm.exe "NI PXI Resource Manager" (nipxirmu) - "National Instruments Corporation" - C:\Windows\system32\nipalsm.exe "NI Service Locator" (niSvcLoc) - "National Instruments Corporation" - C:\Windows\system32\nisvcloc.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "OpcEnum" (OpcEnum) - "OPC Foundation" - C:\Windows\system32\OpcEnum.exe "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe (File found, but it contains no detailed information) "Reset Reader" (resetWinService) - ? - C:\Program Files\Realtek Semiconductor Corp\Realtek USB 2.0 Card Reader\reset.exe (File found, but it contains no detailed information) "ServiceLayer" (ServiceLayer) - "Nokia." - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe "StarWind AE Service" (StarWindServiceAE) - "Rocket Division Software" - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe "TunngleService" (TunngleService) - "Tunngle.net GmbH" - C:\Program Files\Tunngle\TnglCtrl.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "nimdnsNSP" - "National Instruments Corporation" - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Professional
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: MEDION
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: MEDION
System Product Name: P6620
Logical Drives Mask: 0x0000023c
Kernel Drivers (total 181):
0x83C08000 \SystemRoot\system32\ntkrnlpa.exe
0x84018000 \SystemRoot\system32\halmacpi.dll
0x80BA6000 \SystemRoot\system32\kdcom.dll
0x8421C000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x84294000 \SystemRoot\system32\PSHED.dll
0x842A5000 \SystemRoot\system32\BOOTVID.dll
0x842AD000 \SystemRoot\system32\CLFS.SYS
0x842EF000 \SystemRoot\system32\CI.dll
0x8C23C000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8C2AD000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8C2BB000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8C303000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x8C30C000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8C314000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8C31F000 \SystemRoot\system32\DRIVERS\pci.sys
0x8C349000 \SystemRoot\System32\drivers\partmgr.sys
0x8C35A000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8C362000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8C36D000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8C37D000 \SystemRoot\System32\drivers\volmgrx.sys
0x8C3C8000 \SystemRoot\System32\drivers\mountmgr.sys
0x8C3DE000 \SystemRoot\System32\drivers\nipbcfk.sys
0x8C3E6000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8C200000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8C223000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8C22D000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8C3EF000 \SystemRoot\system32\drivers\amdxata.sys
0x8439A000 \SystemRoot\system32\drivers\fltmgr.sys
0x843CE000 \SystemRoot\system32\drivers\fileinfo.sys
0x8C42D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8C55C000 \SystemRoot\System32\Drivers\msrpc.sys
0x8C587000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8C59A000 \SystemRoot\System32\Drivers\cng.sys
0x8C400000 \SystemRoot\System32\drivers\pcw.sys
0x8C40E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8C603000 \SystemRoot\system32\drivers\ndis.sys
0x8C6BA000 \SystemRoot\system32\drivers\NETIO.SYS
0x8C6F8000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8C816000 \SystemRoot\System32\drivers\tcpip.sys
0x8C95F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8C990000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8C999000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8C9D8000 \SystemRoot\System32\Drivers\spldr.sys
0x8C71D000 \SystemRoot\System32\drivers\rdyboost.sys
0x8C74A000 \SystemRoot\System32\drivers\nipalk.sys
0x8C9E0000 \SystemRoot\System32\drivers\TDI.SYS
0x8C9EB000 \SystemRoot\System32\Drivers\mup.sys
0x8C800000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8CA0C000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8CA3E000 \SystemRoot\system32\DRIVERS\disk.sys
0x8CA4F000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8CAA7000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8CAC6000 \SystemRoot\System32\Drivers\Null.SYS
0x8CACD000 \SystemRoot\System32\Drivers\Beep.SYS
0x8CAD4000 \SystemRoot\System32\drivers\vga.sys
0x8CAE0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8CB01000 \SystemRoot\System32\drivers\watchdog.sys
0x8CB0E000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8CB16000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8CB1E000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8CB26000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8CB31000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8CB3F000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8CB56000 \SystemRoot\system32\drivers\afd.sys
0x8CBB0000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8CBE2000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x843DF000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8CBE9000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8C808000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8CBFA000 \SystemRoot\System32\Drivers\ntiomin.SYS
0x8CA00000 \SystemRoot\System32\Drivers\ntiopnp.SYS
0x8C7E8000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8C417000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8C427000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x92037000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x92078000 \SystemRoot\system32\drivers\nsiproxy.sys
0x92082000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x9208C000 \SystemRoot\System32\drivers\discache.sys
0x92098000 \SystemRoot\system32\drivers\csc.sys
0x920FC000 \SystemRoot\System32\Drivers\dfsc.sys
0x92114000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x92122000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x92148000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x9214A000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x9216B000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x93801000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x9427F000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x94281000 \SystemRoot\System32\Drivers\fastfat.SYS
0x942AB000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x94362000 \SystemRoot\System32\drivers\dxgmms1.sys
0x9439B000 \SystemRoot\system32\drivers\usbuhci.sys
0x943A6000 \SystemRoot\system32\drivers\USBPORT.SYS
0x943F1000 \SystemRoot\system32\drivers\usbehci.sys
0x92174000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x93019000 \SystemRoot\system32\DRIVERS\rtl8192se.sys
0x9312A000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x93134000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x93159000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x9315D000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x93175000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x93182000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x9318F000 \??\C:\Windows\system32\drivers\acehlp10.sys
0x931CB000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x931DD000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x92193000 \SystemRoot\system32\DRIVERS\dne2000.sys
0x921B2000 \SystemRoot\system32\drivers\windrvr6.sys
0x931EA000 \SystemRoot\system32\drivers\USBD.SYS
0x931EC000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x93000000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x921E2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x92000000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x84200000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x93427000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x9343E000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x93455000 \SystemRoot\system32\DRIVERS\tap0901t.sys
0x93460000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x9346A000 \SystemRoot\system32\DRIVERS\swenum.sys
0x9346C000 \SystemRoot\system32\DRIVERS\ks.sys
0x934A0000 \SystemRoot\system32\DRIVERS\umbus.sys
0x934AE000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x934F2000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x9AA10000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x9AC30000 \SystemRoot\system32\drivers\portcls.sys
0x9AC5F000 \SystemRoot\system32\drivers\drmk.sys
0x9AC78000 \SystemRoot\system32\drivers\nvhda32v.sys
0x9C0D0000 \SystemRoot\System32\win32k.sys
0x9AC95000 \SystemRoot\System32\drivers\Dxapi.sys
0x9AC9F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x9ACB6000 \SystemRoot\System32\Drivers\usbvideo.sys
0x9ACDA000 \SystemRoot\system32\drivers\RTSTOR.SYS
0x9ACED000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x9ACF8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x9AD0B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9AD29000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x9AD34000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9AD3F000 \SystemRoot\System32\Drivers\crashdmp.sys
0x9AD4C000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x9AD57000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x9AD61000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x9C330000 \SystemRoot\System32\TSDDD.dll
0x9C360000 \SystemRoot\System32\cdd.dll
0x9AD72000 \SystemRoot\system32\drivers\luafv.sys
0x9AD8D000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x9ADA2000 \SystemRoot\system32\drivers\WudfPf.sys
0x9ADBC000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x93503000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9ADCC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9ADDC000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x93549000 \SystemRoot\system32\drivers\HTTP.sys
0x935CE000 \SystemRoot\system32\DRIVERS\bowser.sys
0x935E7000 \SystemRoot\System32\drivers\mpsdrv.sys
0x93400000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9FC3B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9FC76000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9FCA9000 \SystemRoot\System32\Drivers\cvintdrv.SYS
0x9FCAA000 \??\C:\Windows\system32\drivers\acedrv10.sys
0x9FD00000 \??\C:\Windows\system32\drivers\acedrv11.sys
0x9FD2C000 \SystemRoot\system32\DRIVERS\atksgt.sys
0x9FD6F000 \??\C:\Windows\system32\Drivers\CVPNDRVA.sys
0x9FC00000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0x9FC05000 \??\C:\Windows\system32\drivers\nipxirmkl.sys
0x9FC0B000 \??\C:\Windows\system32\drivers\nipxirmk.dll
0x9FC20000 \??\C:\Windows\system32\drivers\niorbk.dll
0x8CA74000 \??\C:\Windows\system32\drivers\nimdbgk.dll
0x9F42D000 \??\C:\Windows\system32\drivers\nidimk.dll
0x9F458000 \SystemRoot\System32\drivers\NiViPxiKl.sys
0x9F45E000 \SystemRoot\System32\drivers\NiViPxiK.sys
0x9F46B000 \SystemRoot\system32\drivers\peauth.sys
0x9F502000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9F50C000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9F52D000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9F53A000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9F589000 \SystemRoot\System32\DRIVERS\srv.sys
0x9F5DB000 \??\C:\Windows\system32\FsUsbExDisk.SYS
0x9F400000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x9F421000 \??\C:\Windows\system32\drivers\mbam.sys
0xB6C7C000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77BB0000 \Windows\System32\ntdll.dll
0x47B30000 \Windows\System32\smss.exe
0x77DF0000 \Windows\System32\apisetschema.dll
0x002A0000 \Windows\System32\autochk.exe
Processes (total 59):
0 System Idle Process
4 SYSTEM
272 C:\Windows\System32\smss.exe
400 csrss.exe
472 C:\Windows\System32\wininit.exe
480 csrss.exe
520 C:\Windows\System32\services.exe
536 C:\Windows\System32\lsass.exe
544 C:\Windows\System32\lsm.exe
656 C:\Windows\System32\svchost.exe
740 C:\Windows\System32\nvvsvc.exe
780 C:\Windows\System32\svchost.exe
840 C:\Windows\System32\svchost.exe
876 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\svchost.exe
1024 C:\Windows\System32\winlogon.exe
1096 C:\Windows\System32\svchost.exe
1220 C:\Windows\System32\svchost.exe
1464 C:\Windows\System32\nvvsvc.exe
1516 C:\Windows\System32\spoolsv.exe
1552 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1576 C:\Windows\System32\svchost.exe
1776 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1808 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
1856 C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
1884 C:\Windows\System32\svchost.exe
1916 C:\Windows\System32\FsUsbExService.Exe
1956 svchost.exe
1988 C:\Windows\System32\PnkBstrA.exe
2012 C:\Program Files\Realtek Semiconductor Corp\Realtek USB 2.0 Card Reader\reset.exe
432 C:\Windows\System32\svchost.exe
968 C:\Program Files\Tunngle\TnglCtrl.exe
464 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
1008 C:\Windows\System32\conhost.exe
2308 C:\Windows\System32\dwm.exe
2336 C:\Windows\explorer.exe
2344 C:\Windows\System32\taskhost.exe
2548 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
2568 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
2584 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
2968 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
3012 C:\Program Files\Windows Sidebar\sidebar.exe
3028 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
3176 WUDFHost.exe
3260 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
3340 C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
3356 C:\Windows\System32\SearchIndexer.exe
3792 C:\Program Files\Windows Media Player\wmpnetwk.exe
3960 C:\Windows\System32\svchost.exe
3380 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
2076 C:\Windows\System32\svchost.exe
848 C:\Program Files\Mozilla Firefox\firefox.exe
5516 C:\Program Files\Mozilla Firefox\plugin-container.exe
5364 C:\Windows\System32\audiodg.exe
4300 C:\Windows\System32\SearchProtocolHost.exe
5316 C:\Windows\System32\SearchFilterHost.exe
2936 C:\Users\Maggi\Desktop\MBRCheck.exe
5980 C:\Windows\System32\conhost.exe
4440 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x0000002e`41d72e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000043`32e00000 (FAT32)
PhysicalDrive0 Model Number: WDCWD3200BEVT-00ZCT0, Rev: 11.01A11
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
|
|
07.06.2011, 11:28
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, Startmenü leer, HDD angeblich kaputt Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.06.2011, 20:27
| #14 |
| | Desktop schwarz, Startmenü leer, HDD angeblich kaputt hab Malwarebytes durch und bei SUPERAntiSpyware hat mir das zulange gedauert. ich versuche morgen den scan zu machen und den online scan. Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 6796
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
07.06.2011 14:25:31
mbam-log-2011-06-07 (14-25-31).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 427951
Laufzeit: 1 Stunde(n), 16 Minute(n), 26 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
11.06.2011, 16:28
| #15 |
| | Desktop schwarz, Startmenü leer, HDD angeblich kaputt so, hier noch der scan mit SuperAntiSpyware. Da dieser Scan echt lange gedauert hat hab ich nur die haupt platte durchsuchen lassen!!! Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 06/11/2011 at 03:50 PM
Application Version : 4.53.1000
Core Rules Database Version : 7253
Trace Rules Database Version: 5065
Scan type : Complete Scan
Total Scan Time : 02:13:44
Memory items scanned : 378
Memory threats detected : 0
Registry items scanned : 12712
Registry threats detected : 0
File items scanned : 264633
File threats detected : 7
Adware.Tracking Cookie
C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Cookies\maggi@mediaplex[2].txt
C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Cookies\maggi@tradedoubler[1].txt
C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Cookies\maggi@content.yieldmanager[3].txt
C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Cookies\maggi@doubleclick[2].txt
C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Cookies\maggi@content.yieldmanager[2].txt
C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Cookies\maggi@apmebf[1].txt
C:\Users\Maggi\AppData\Roaming\Microsoft\Windows\Cookies\maggi@ad.yieldmanager[2].txt
|
|
| Themen zu Desktop schwarz, Startmenü leer, HDD angeblich kaputt |
| acrobat, anfang, automatisch, avira, datei, daten retten, desktop, fehlermeldungen, festplatte, file, gelöscht, gmer, hard disk, hdd angeblich kaputt, kaputt, leer, löschen, malwarebytes, neustart, nicht mehr, problem, probleme, recovery, sich automatisch, startmenü leer, surfen, system, systemwiederherstellung, trojaner, trojaner gefunden, windows |
Linear-Darstellung
