| |
| |||||||
Log-Analyse und Auswertung: Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner anWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
07.04.2011, 22:20
| #1 |
 |  Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Guten Abend liebes Trojaner-Board Team. Ich habe mit vor einiger Zeit den "Windows Recovery Virus" eingefangen und hab es heute geschafft mich darum zu kümmern. Ich habe euer Windows Recovery entfernen Tool benutzt und denke es war einigermaßen erfolgreich (http://www.trojaner-board.de/96741-w...entfernen.html). Schon einmal danke dazu. Jetzt jedoch zeigt "nur" eine meiner Partitionen der Festplatte keine Ordner mehr an und bin mit meinen Fähigkeiten am Ende. Ich bitte euch hiermit um Hilfe (: (OTL hat mir noch eine Logdatei ausgespuckt die "Extras.Txt heißt. Kenn mich mit dem nicht so aus & hab es mal mit angehangen) Malwarebytes: HTML-Code: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6304 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 07.04.2011 22:16:29 mbam-log-2011-04-07 (22-16-29).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Durchsuchte Objekte: 360948 Laufzeit: 56 Minute(n), 50 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\programdata\45539080.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully. c:\Users\slo\AppData\Local\Temp\0.1830173790576951.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\Users\slo\AppData\Local\Temp\internetexplorerupdate.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully. HTML-Code: OTL logfile created on: 07.04.2011 23:00:12 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\slo\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 63,48 Gb Total Space | 2,15 Gb Free Space | 3,38% Space Free | Partition Type: NTFS Drive E: | 71,75 Gb Total Space | 9,56 Gb Free Space | 13,32% Space Free | Partition Type: NTFS Drive F: | 97,66 Gb Total Space | 53,79 Gb Free Space | 55,08% Space Free | Partition Type: NTFS Drive G: | 978,07 Mb Total Space | 968,50 Mb Free Space | 99,02% Space Free | Partition Type: FAT32 Computer Name: SLO-PC | User Name: slo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\slo\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe () PRC - C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Users\slo\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (LVPrcS64) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH) DRV:[b]64bit:[/b] - (LVUVC64) Logitech Webcam C160(UVC) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys (Logitech Inc.) DRV:[b]64bit:[/b] - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys (Logitech Inc.) DRV:[b]64bit:[/b] - (LVPr2Mon) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:[b]64bit:[/b] - (LVPr2M64) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys () DRV:[b]64bit:[/b] - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH) DRV:[b]64bit:[/b] - (atksgt) -- C:\Windows\SysNative\DRIVERS\atksgt.sys () DRV:[b]64bit:[/b] - (lirsgt) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys () DRV:[b]64bit:[/b] - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:[b]64bit:[/b] - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek ) DRV:[b]64bit:[/b] - (3xHybr64) -- C:\Windows\SysNative\DRIVERS\3xHybr64.sys (Philips Semiconductors GmbH) DRV:[b]64bit:[/b] - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:[b]64bit:[/b] - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof () DRV:[b]64bit:[/b] - (FET5A64) -- C:\Windows\SysNative\DRIVERS\fet5a64.sys (VIA Technologies, Inc. ) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.06 23:27:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.07 22:26:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: K:\Portables Extern\ThunderbirdPortable\App\Thunderbird\components FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: K:\Portables Extern\ThunderbirdPortable\App\Thunderbird\plugins FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.03.21 21:52:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.04.07 22:26:10 | 000,000,000 | ---D | M] [2010.05.19 15:03:58 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\slo\AppData\Roaming\mozilla\Extensions [2010.05.19 15:03:58 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\slo\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.04.07 22:59:44 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\slo\AppData\Roaming\mozilla\Firefox\Profiles\w59t2voi.default\extensions [2010.06.28 23:36:23 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\slo\AppData\Roaming\mozilla\Firefox\Profiles\w59t2voi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.09.04 16:20:30 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\slo\AppData\Roaming\mozilla\Firefox\Profiles\w59t2voi.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.06.23 16:36:07 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\slo\AppData\Roaming\mozilla\Firefox\Profiles\w59t2voi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.06.28 23:36:23 | 000,000,000 | -H-D | M] (DownThemAll!) -- C:\Users\slo\AppData\Roaming\mozilla\Firefox\Profiles\w59t2voi.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.04.11 05:32:35 | 000,000,000 | -H-D | M] (DVDVideoSoft Toolbar) -- C:\Users\slo\AppData\Roaming\mozilla\Firefox\Profiles\w59t2voi.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2010.12.26 17:49:36 | 000,000,000 | -H-D | M] (Battlefield Heroes Updater) -- C:\Users\slo\AppData\Roaming\mozilla\Firefox\Profiles\w59t2voi.default\extensions\battlefieldheroespatcher@ea.com [2010.04.11 11:59:14 | 000,000,873 | -H-- | M] () -- C:\Users\slo\AppData\Roaming\Mozilla\Firefox\Profiles\w59t2voi.default\searchplugins\conduit.xml [2011.04.07 22:59:44 | 000,001,056 | ---- | M] () -- C:\Users\slo\AppData\Roaming\Mozilla\Firefox\Profiles\w59t2voi.default\searchplugins\icqplugin.xml [2009.09.22 19:08:36 | 000,003,915 | -H-- | M] () -- C:\Users\slo\AppData\Roaming\Mozilla\Firefox\Profiles\w59t2voi.default\searchplugins\sweetim.xml [2011.02.01 20:41:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.05.17 08:28:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011.03.06 23:27:06 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.03.06 23:27:06 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.03.06 23:27:06 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.03.06 23:27:07 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.03.06 23:27:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime Alternative\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [ISUSPM Startup] File not found O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) O4 - HKCU..\Run: [phonostarTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\slo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8:[b]64bit:[/b] - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\slo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\slo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\slo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4781247b-290c-11df-ba2b-00261836c606}\Shell - "" = AutoRun O33 - MountPoints2\{4781247b-290c-11df-ba2b-00261836c606}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a O33 - MountPoints2\{ada11677-82a9-11de-87e6-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ada11677-82a9-11de-87e6-806e6f6e6963}\Shell\AutoRun\command - "" = G:\.\Bin\Assetup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011.04.07 22:59:24 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\slo\Desktop\OTL.exe [2011.04.07 21:18:58 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.04.07 21:18:57 | 001,555,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.04.07 21:18:57 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.04.07 21:18:57 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.03.22 23:37:36 | 000,000,000 | -H-D | C] -- C:\Users\slo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery [2011.03.21 21:55:08 | 000,000,000 | -H-D | C] -- C:\Users\slo\AppData\Local\Apple Computer [2011.03.21 21:55:07 | 000,000,000 | -H-D | C] -- C:\Users\slo\AppData\Roaming\Apple Computer [2011.03.21 21:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.03.21 21:54:44 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2011.03.21 21:54:44 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2011.03.21 21:54:44 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2011.03.21 21:54:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.03.21 21:54:04 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.03.21 21:54:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011.03.21 21:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2011.03.21 21:54:02 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.03.21 21:52:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.03.21 21:51:53 | 000,000,000 | -H-D | C] -- C:\Users\slo\AppData\Local\Apple [2011.03.21 21:51:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.03.21 21:49:58 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple [2011.03.21 21:49:39 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2011.03.21 21:49:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011.03.21 21:49:20 | 000,000,000 | -H-D | C] -- C:\ProgramData\Apple [2011.03.21 21:49:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.03.18 20:09:04 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallJammer Registry [2011.03.18 20:08:56 | 000,000,000 | -H-D | C] -- C:\Users\slo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ButtonBeats.com Virtual Piano [2011.03.18 20:08:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ButtonBeats.com Virtual Piano [2011.03.18 20:04:09 | 000,000,000 | -H-D | C] -- C:\Users\slo\AppData\Roaming\Synthesia [2011.03.13 19:24:27 | 000,000,000 | -H-D | C] -- C:\Users\slo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in [2011.03.13 19:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect [2011.03.13 19:24:11 | 000,000,000 | -H-D | C] -- C:\Users\slo\AppData\Roaming\Winamp [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011.04.07 22:59:59 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A08E459A-0FF6-4E1B-9C06-B91F4E4BDE12}.job [2011.04.07 22:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\slo\Desktop\OTL.exe [2011.04.07 22:39:30 | 001,445,116 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.04.07 22:39:30 | 000,628,504 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.04.07 22:39:30 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.04.07 22:39:30 | 000,126,054 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.04.07 22:39:30 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.04.07 22:33:49 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.07 22:33:07 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.07 22:33:06 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.07 22:32:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.07 22:32:40 | 2146,623,488 | -HS- | M] () -- C:\hiberfil.sys [2011.04.07 22:32:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2011.04.07 22:26:10 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.04.07 22:19:02 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.07 21:03:49 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.22 23:39:52 | 000,000,400 | -H-- | M] () -- C:\ProgramData\45539080 [2011.03.22 23:37:38 | 000,000,583 | -H-- | M] () -- C:\Users\slo\Desktop\Windows Recovery.lnk [2011.03.22 23:37:37 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~45539080r [2011.03.22 23:37:37 | 000,000,096 | -H-- | M] () -- C:\ProgramData\~45539080 [2011.03.22 23:37:16 | 000,095,549 | -H-- | M] () -- C:\ProgramData\nvModes.001 [2011.03.22 19:26:57 | 000,095,549 | -H-- | M] () -- C:\ProgramData\nvModes.dat [2011.03.21 21:54:53 | 000,001,694 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.21 21:52:33 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.03.18 20:09:04 | 000,000,966 | -H-- | M] () -- C:\Users\slo\Desktop\ButtonBeats.com Virtual Piano.lnk [2011.03.18 19:54:39 | 000,016,751 | -H-- | M] () -- C:\Users\slo\Desktop\censored.jpg [2011.03.14 21:33:26 | 000,007,168 | -H-- | M] () -- C:\Users\slo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.13 19:24:27 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk [2011.03.13 19:20:16 | 000,013,532 | -H-- | M] () -- C:\Users\slo\Documents\cc_20110313_182013.reg [2011.03.13 19:20:01 | 000,109,416 | -H-- | M] () -- C:\Users\slo\Documents\cc_20110313_181955.reg [2011.03.13 14:22:48 | 000,037,952 | -H-- | M] () -- C:\Users\slo\Desktop\b5ebf973b1.jpeg [2011.03.13 14:22:25 | 000,039,550 | -H-- | M] () -- C:\Users\slo\Desktop\17417caf3e.jpeg [2011.03.13 14:21:51 | 000,023,383 | -H-- | M] () -- C:\Users\slo\Desktop\Unbenannt.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011.04.07 22:26:10 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.04.07 21:03:49 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.22 23:37:38 | 000,000,583 | -H-- | C] () -- C:\Users\slo\Desktop\Windows Recovery.lnk [2011.03.22 23:37:37 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~45539080r [2011.03.22 23:37:37 | 000,000,096 | -H-- | C] () -- C:\ProgramData\~45539080 [2011.03.22 23:37:29 | 000,000,400 | -H-- | C] () -- C:\ProgramData\45539080 [2011.03.21 21:54:53 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.21 21:52:33 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.03.21 21:51:47 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011.03.18 20:09:04 | 000,000,966 | -H-- | C] () -- C:\Users\slo\Desktop\ButtonBeats.com Virtual Piano.lnk [2011.03.18 19:53:56 | 000,016,751 | -H-- | C] () -- C:\Users\slo\Desktop\censored.jpg [2011.03.13 19:24:27 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk [2011.03.13 19:20:14 | 000,013,532 | -H-- | C] () -- C:\Users\slo\Documents\cc_20110313_182013.reg [2011.03.13 19:19:57 | 000,109,416 | -H-- | C] () -- C:\Users\slo\Documents\cc_20110313_181955.reg [2011.03.13 14:22:48 | 000,037,952 | -H-- | C] () -- C:\Users\slo\Desktop\b5ebf973b1.jpeg [2011.03.13 14:22:23 | 000,039,550 | -H-- | C] () -- C:\Users\slo\Desktop\17417caf3e.jpeg [2011.03.13 14:21:51 | 000,023,383 | -H-- | C] () -- C:\Users\slo\Desktop\Unbenannt.jpg [2011.02.25 21:32:05 | 000,019,456 | -H-- | C] () -- C:\Users\slo\AppData\Local\WebpageIcons.db [2011.01.30 18:39:08 | 000,007,168 | -H-- | C] () -- C:\Users\slo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.11.10 04:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2010.11.10 04:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2010.11.10 04:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2010.09.01 17:48:03 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.07.31 15:36:48 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll [2010.07.31 15:36:48 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll [2009.10.23 15:42:15 | 002,407,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe [2009.09.24 15:43:37 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.09.24 15:43:04 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2009.09.24 15:42:36 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.09.01 22:10:45 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2009.08.26 21:32:03 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2009.08.23 14:00:23 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2009.08.20 15:19:11 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.08.18 19:17:29 | 000,270,240 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2009.08.18 19:17:27 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2009.08.18 19:17:25 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2009.08.06 20:50:58 | 000,095,549 | -H-- | C] () -- C:\ProgramData\nvModes.dat [2009.08.06 20:50:58 | 000,095,549 | -H-- | C] () -- C:\ProgramData\nvModes.001 [2009.08.06 20:39:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.08.06 19:45:49 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009.08.06 19:45:49 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2009.08.06 19:45:47 | 002,402,304 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll [2009.08.06 19:45:47 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009.08.06 19:45:47 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.08.06 19:45:45 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.08.06 19:13:00 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2009.08.06 19:12:46 | 000,014,668 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009.08.06 19:12:46 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin < End of report > HTML-Code: OTL Extras logfile created on: 07.04.2011 23:00:12 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\slo\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 63,48 Gb Total Space | 2,15 Gb Free Space | 3,38% Space Free | Partition Type: NTFS Drive E: | 71,75 Gb Total Space | 9,56 Gb Free Space | 13,32% Space Free | Partition Type: NTFS Drive F: | 97,66 Gb Total Space | 53,79 Gb Free Space | 55,08% Space Free | Partition Type: NTFS Drive G: | 978,07 Mb Total Space | 968,50 Mb Free Space | 99,02% Space Free | Partition Type: FAT32 Computer Name: SLO-PC | User Name: slo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l File not found InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 63 C7 55 5F E5 24 CA 01 [binary data] "VistaSp2" = 14 8F 26 22 60 3D CA 01 [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [color=#E56717]========== System Restore Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03ECA569-8865-4C46-B998-BD19A4A793BE}" = protocol=6 | dir=in | app=e:\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{0B22E10D-79AD-415A-BDEC-2ADD26282382}" = protocol=17 | dir=in | app=e:\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{18016EDB-DAA6-4A13-A24E-651C0C1FABCA}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{38F47087-CA6E-46DA-95AE-317B04E9478F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | "{3DA2A22A-F16A-4770-8194-CC266D4F4242}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\srcds.exe | "{46E77B63-0C2E-4030-B6C7-6E9D8F418452}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{4788CFAE-419D-43BE-8EF6-F5820E83D59C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | "{4886136E-1958-4E75-A2D6-3E8AE9355AC2}" = protocol=17 | dir=in | app=e:\ea games\battlefield ii\bf2.exe | "{522CD532-C883-4115-8F7A-5FA2E8F6A7BD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | "{5543B7B1-15D9-4380-AAA2-F2D2B23AD309}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{568FFE77-7AD6-42D8-BDF8-66ADF904BA50}" = protocol=6 | dir=in | app=e:\world of warcraft\wow-3.2.0-dede-downloader.exe | "{592A2239-755D-4680-9AD6-5DDFA83FF024}" = protocol=6 | dir=in | app=e:\steam.exe | "{607B11C6-BB5A-424B-89C6-ED0E395AA3CF}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{71D2FF23-D0EF-432B-898E-AD1DDD31478C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe | "{764E2297-577C-48FC-8E87-73DD88C1A835}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | "{7C94BEFE-44C3-43C4-BC43-E3E66CE3FA92}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{904D8417-AF03-4B62-99DF-00DD4005E918}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe | "{980CAAE7-3D0A-4096-91E5-EE72E893B248}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{9FC9658B-0002-4FA8-AE55-317B57E33077}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\srcds.exe | "{A342370B-38C5-4D82-984B-B424CD3A1E30}" = protocol=17 | dir=in | app=e:\steam.exe | "{A58C0379-BF44-46DB-8DBC-CFDDD5901843}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe | "{A72F83F5-7D10-4B2C-B2E4-E70C69FE4F82}" = protocol=6 | dir=in | app=e:\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "{B39ED5D5-6CF8-4D2E-B1B6-B81CE7BF32B2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{B4E0F196-DF85-464C-A5B2-0F84B315497A}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe | "{B776A719-ED28-48F8-9778-C24E008FD26E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{BBDB4B0C-D5BD-421E-90C9-2AFF685D7885}" = protocol=17 | dir=in | app=e:\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{BCB84077-47CB-4C96-9351-841E1375BAB6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe | "{CEBAA428-8C40-4E1D-A5E2-6D03B376E73D}" = protocol=6 | dir=in | app=e:\ea games\battlefield ii\bf2.exe | "{E7665D2B-97E3-4055-8449-1E5388922266}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe | "{E8113F07-2D1B-43C6-AA74-D3B658284F7F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F5B68E2F-5CAD-415D-A1D1-F31444DA85E8}" = protocol=17 | dir=in | app=e:\world of warcraft\wow-3.2.0-dede-downloader.exe | "{F60E1528-FC23-4B55-A6E0-BBC8ADDFEE35}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{F94C4AA4-DF08-411B-9F46-6723AC0AE57A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe | "{FA83059E-8E24-4C7B-BBC3-CA1DE2763E71}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe | "TCP Query User{1950B244-EA21-4C70-9B0F-14321A5AD8B6}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{1EF3463E-BE86-4CC0-AD2D-2935856652F5}E:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=e:\world of warcraft\launcher.exe | "TCP Query User{423EFC92-6559-450E-890E-9E7FD7CEB68B}E:\clients\icq6.5\icq.exe" = protocol=6 | dir=in | app=e:\clients\icq6.5\icq.exe | "TCP Query User{44E0D118-89DB-4D75-B5BA-7BA208ED00DF}C:\dvdvideosoft\sega\wf.exe" = protocol=6 | dir=in | app=c:\dvdvideosoft\sega\wf.exe | "TCP Query User{59A8C978-112F-4607-8016-614934E03A83}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "TCP Query User{8B10F7DF-78EA-40FA-8E9B-A56205B3891F}E:\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=e:\activision\call of duty 4 - modern warfare\iw3mp.exe | "TCP Query User{95CF6BAB-86B8-47D1-B81F-FB4E5C774329}C:\users\slo\desktop\games\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\users\slo\desktop\games\stronghold crusader\stronghold crusader.exe | "TCP Query User{A80A25EE-B827-404F-978E-A97EEF66665F}C:\program files (x86)\phonostar\ps_olect.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phonostar\ps_olect.exe | "TCP Query User{AC4FAA59-DFB8-48C3-83DD-22DB54B49DF1}C:\program files (x86)\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | "TCP Query User{EBCB900F-3C50-4C84-AEE2-80C7DE67A638}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "UDP Query User{1949A2FA-5DC0-43E1-A6EB-05BFC7ACC19B}C:\program files (x86)\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | "UDP Query User{285D7525-33C1-4912-AB76-B5DC6A108ED2}E:\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=e:\activision\call of duty 4 - modern warfare\iw3mp.exe | "UDP Query User{3B5DA52D-D280-4CFD-A54B-AA1A2FEAAF28}C:\program files (x86)\phonostar\ps_olect.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phonostar\ps_olect.exe | "UDP Query User{40AC65BE-8751-4284-8E48-9FDC212A7807}E:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=e:\world of warcraft\launcher.exe | "UDP Query User{6703F631-B918-479E-BDF9-6E7C73DEECD3}C:\dvdvideosoft\sega\wf.exe" = protocol=17 | dir=in | app=c:\dvdvideosoft\sega\wf.exe | "UDP Query User{8F64A2FF-2381-4AD3-ABBF-770B00BDA8A8}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{A2F6C4DB-8D45-4765-99C8-6334EB8B765D}C:\users\slo\desktop\games\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\users\slo\desktop\games\stronghold crusader\stronghold crusader.exe | "UDP Query User{BEFA60A7-6B43-416D-A580-2A306993664B}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "UDP Query User{DDB45983-8CA6-416E-83B4-40D71BC1B0BA}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "UDP Query User{FC59A852-40C6-46E9-8DD3-CC4B9FCB012B}E:\clients\icq6.5\icq.exe" = protocol=17 | dir=in | app=e:\clients\icq6.5\icq.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support "{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM) "{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 20 "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4 "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed "{8F50EC3D-C482-4445-9E4B-991A766047D5}_is1" = MAESTIA Version 201101 "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "5E025EFD-B619-4240-9C87-818E1CDEE2C1" = ButtonBeats.com Virtual Piano "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner (remove only) "Euro Truck Simulator" = Euro Truck Simulator 1.00 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1 "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.8.0 "Free Studio_is1" = Free Studio version 4.3 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8 "HijackThis" = HijackThis 2.0.2 "ICQToolbar" = ICQ Toolbar "InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch "InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch "InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch "InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.0.0 "LemmingballZ_0" = LemmingballZ 3D 8460 "Logitech Vid" = Logitech Vid HD "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22) "Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4) "NosTale_is1" = Nostale(DE) "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "phonostar3RadioPlayer_is1" = phonostar-Player Version 3.01.7 "PhotoScape" = PhotoScape "PunkBusterSvc" = PunkBuster Services "QuicktimeAlt_is1" = QuickTime Alternative 2.8.0 "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.0.5 "Winamp" = Winamp "WinRAR archiver" = WinRAR [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes "UnityWebPlayer" = Unity Web Player "Winamp Detect" = Winamp Erkennungs-Plug-in [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 21.03.2011 13:23:28 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 21.03.2011 15:41:47 | Computer Name = slo-PC | Source = MsiInstaller | ID = 10005 Description = Error - 22.03.2011 13:26:27 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 22.03.2011 13:26:27 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 22.03.2011 17:47:31 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 22.03.2011 17:47:31 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 07.04.2011 14:57:14 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 07.04.2011 14:57:14 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 07.04.2011 16:19:03 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 07.04.2011 16:19:03 | Computer Name = slo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = [ Media Center Events ] Error - 02.03.2010 15:36:59 | Computer Name = slo-PC | Source = ehRecvr | ID = 4 Description = [ System Events ] Error - 07.04.2011 14:57:14 | Computer Name = slo-PC | Source = Service Control Manager | ID = 7000 Description = Error - 07.04.2011 15:03:47 | Computer Name = slo-PC | Source = Service Control Manager | ID = 7022 Description = Error - 07.04.2011 16:18:52 | Computer Name = slo-PC | Source = Service Control Manager | ID = 7000 Description = Error - 07.04.2011 16:18:52 | Computer Name = slo-PC | Source = Service Control Manager | ID = 7000 Description = Error - 07.04.2011 16:26:09 | Computer Name = slo-PC | Source = DCOM | ID = 10005 Description = Error - 07.04.2011 16:26:09 | Computer Name = slo-PC | Source = Service Control Manager | ID = 7009 Description = Error - 07.04.2011 16:26:09 | Computer Name = slo-PC | Source = Service Control Manager | ID = 7000 Description = Error - 07.04.2011 16:32:53 | Computer Name = slo-PC | Source = volsnap | ID = 393229 Description = Die Schattenkopie von Volume "E:" konnte seinen Schattenkopiespeicher auf Volume "E:" nicht vergrößern. Error - 07.04.2011 16:33:26 | Computer Name = slo-PC | Source = Service Control Manager | ID = 7000 Description = Error - 07.04.2011 16:33:26 | Computer Name = slo-PC | Source = Service Control Manager | ID = 7000 Description = < End of report > |
|
08.04.2011, 05:38
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
__________________ |
|
08.04.2011, 21:29
| #3 |
| | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Ja, gibt es. Diese sind jedoch um einiges älter und sind deshalb auch vor dem "Vorfall" entstanden.
__________________Dennoch die letzteren: HTML-Code: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4149 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 03.10.2010 09:33:59 mbam-log-2010-10-03 (09-33-59).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Durchsuchte Objekte: 297632 Laufzeit: 1 Stunde(n), 2 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) HTML-Code: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4149 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 16.06.2010 20:17:37 mbam-log-2010-06-16 (20-17-37).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Durchsuchte Objekte: 266734 Laufzeit: 59 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
09.04.2011, 14:12
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
[2011.03.22 23:37:38 | 000,000,583 | -H-- | C] () -- C:\Users\slo\Desktop\Windows Recovery.lnk
[2011.03.22 23:37:37 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~45539080r
[2011.03.22 23:37:37 | 000,000,096 | -H-- | C] () -- C:\ProgramData\~45539080
[2011.03.22 23:37:29 | 000,000,400 | -H-- | C] () -- C:\ProgramData\45539080
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4781247b-290c-11df-ba2b-00261836c606}\Shell - "" = AutoRun
O33 - MountPoints2\{4781247b-290c-11df-ba2b-00261836c606}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{ada11677-82a9-11de-87e6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ada11677-82a9-11de-87e6-806e6f6e6963}\Shell\AutoRun\command - "" = G:\.\Bin\Assetup.exe
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Downloade dir danach bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.04.2011, 10:40
| #5 |
| | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner anHTML-Code: All processes killed
========== OTL ==========
C:\Users\slo\Desktop\Windows Recovery.lnk moved successfully.
C:\ProgramData\~45539080r moved successfully.
C:\ProgramData\~45539080 moved successfully.
C:\ProgramData\45539080 moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4781247b-290c-11df-ba2b-00261836c606}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4781247b-290c-11df-ba2b-00261836c606}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4781247b-290c-11df-ba2b-00261836c606}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4781247b-290c-11df-ba2b-00261836c606}\ not found.
File L:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ada11677-82a9-11de-87e6-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ada11677-82a9-11de-87e6-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ada11677-82a9-11de-87e6-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ada11677-82a9-11de-87e6-806e6f6e6963}\ not found.
File G:\.\Bin\Assetup.exe not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Gast
->Temp folder emptied: 52023 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 34778137 bytes
->Flash cache emptied: 649 bytes
User: Mum & Dad
->Temp folder emptied: 6379809 bytes
->Temporary Internet Files folder emptied: 1674979 bytes
->Java cache emptied: 39751 bytes
->FireFox cache emptied: 97618078 bytes
->Flash cache emptied: 43818 bytes
User: Public
User: slo
->Temp folder emptied: 12054487 bytes
->Temporary Internet Files folder emptied: 5448848 bytes
->Java cache emptied: 18299022 bytes
->FireFox cache emptied: 52887194 bytes
->Flash cache emptied: 5433 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 548006 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33109 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 37606146 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 184112599 bytes
Total Files Cleaned = 431,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 04102011_112402
Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Registry entries deleted on Reboot... Vielen dank! darf ich jetzt sicher sein das der Virus "komplett" weg ist? |
|
10.04.2011, 19:17
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ --> Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an |
|
10.04.2011, 20:12
| #7 |
| | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner anHTML-Code: 2011/04/10 21:10:24.0629 3884 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/04/10 21:10:24.0950 3884 ================================================================================ 2011/04/10 21:10:24.0950 3884 SystemInfo: 2011/04/10 21:10:24.0950 3884 2011/04/10 21:10:24.0950 3884 OS Version: 6.0.6002 ServicePack: 2.0 2011/04/10 21:10:24.0950 3884 Product type: Workstation 2011/04/10 21:10:24.0950 3884 ComputerName: SLO-PC 2011/04/10 21:10:24.0950 3884 UserName: slo 2011/04/10 21:10:24.0950 3884 Windows directory: C:\Windows 2011/04/10 21:10:24.0950 3884 System windows directory: C:\Windows 2011/04/10 21:10:24.0950 3884 Running under WOW64 2011/04/10 21:10:24.0950 3884 Processor architecture: Intel x64 2011/04/10 21:10:24.0950 3884 Number of processors: 2 2011/04/10 21:10:24.0950 3884 Page size: 0x1000 2011/04/10 21:10:24.0950 3884 Boot type: Normal boot 2011/04/10 21:10:24.0950 3884 ================================================================================ 2011/04/10 21:10:25.0313 3884 Initialize success 2011/04/10 21:10:30.0347 3112 ================================================================================ 2011/04/10 21:10:30.0347 3112 Scan started 2011/04/10 21:10:30.0347 3112 Mode: Manual; 2011/04/10 21:10:30.0347 3112 ================================================================================ 2011/04/10 21:10:31.0105 3112 3xHybr64 (09c3c8be1385df671dcab548bee7f745) C:\Windows\system32\DRIVERS\3xHybr64.sys 2011/04/10 21:10:31.0189 3112 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 2011/04/10 21:10:31.0258 3112 adp94xx (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys 2011/04/10 21:10:31.0325 3112 adpahci (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys 2011/04/10 21:10:31.0372 3112 adpu160m (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys 2011/04/10 21:10:31.0416 3112 adpu320 (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys 2011/04/10 21:10:31.0480 3112 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys 2011/04/10 21:10:31.0557 3112 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 2011/04/10 21:10:31.0592 3112 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 2011/04/10 21:10:31.0612 3112 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 2011/04/10 21:10:31.0658 3112 AmdK8 (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\drivers\amdk8.sys 2011/04/10 21:10:31.0751 3112 arc (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys 2011/04/10 21:10:31.0780 3112 arcsas (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys 2011/04/10 21:10:31.0822 3112 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/04/10 21:10:31.0857 3112 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 2011/04/10 21:10:31.0902 3112 atksgt (4aef9ec86818375495fb78ca58df4e18) C:\Windows\system32\DRIVERS\atksgt.sys 2011/04/10 21:10:31.0954 3112 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/04/10 21:10:32.0018 3112 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys 2011/04/10 21:10:32.0115 3112 bowser (8b2b19031d0aeade6e1b933df1acba7e) C:\Windows\system32\DRIVERS\bowser.sys 2011/04/10 21:10:32.0167 3112 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 2011/04/10 21:10:32.0187 3112 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 2011/04/10 21:10:32.0230 3112 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 2011/04/10 21:10:32.0262 3112 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 2011/04/10 21:10:32.0284 3112 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 2011/04/10 21:10:32.0313 3112 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 2011/04/10 21:10:32.0348 3112 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 2011/04/10 21:10:32.0376 3112 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 2011/04/10 21:10:32.0425 3112 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 2011/04/10 21:10:32.0457 3112 circlass (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys 2011/04/10 21:10:32.0500 3112 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 2011/04/10 21:10:32.0566 3112 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 2011/04/10 21:10:32.0591 3112 Compbatt (0e77a445640bf310817f60941c50560c) C:\Windows\system32\drivers\compbatt.sys 2011/04/10 21:10:32.0624 3112 crcdisk (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys 2011/04/10 21:10:32.0691 3112 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys 2011/04/10 21:10:32.0778 3112 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 2011/04/10 21:10:32.0830 3112 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 2011/04/10 21:10:32.0896 3112 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 2011/04/10 21:10:32.0983 3112 E1G60 (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys 2011/04/10 21:10:33.0040 3112 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 2011/04/10 21:10:33.0091 3112 elxstor (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys 2011/04/10 21:10:33.0185 3112 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 2011/04/10 21:10:33.0225 3112 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 2011/04/10 21:10:33.0257 3112 fdc (61b6dbd1ad1143f008364d4e9a96b224) C:\Windows\system32\DRIVERS\fdc.sys 2011/04/10 21:10:33.0326 3112 FET5A64 (024f983c976e5d5ce79eb403058899f8) C:\Windows\system32\DRIVERS\fet5a64.sys 2011/04/10 21:10:33.0355 3112 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 2011/04/10 21:10:33.0387 3112 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 2011/04/10 21:10:33.0430 3112 flpydisk (12c3d1b4d0ce49e1ce343ba2f22f15e0) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/04/10 21:10:33.0614 3112 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 2011/04/10 21:10:33.0741 3112 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys 2011/04/10 21:10:33.0847 3112 gagp30kx (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys 2011/04/10 21:10:33.0944 3112 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/04/10 21:10:34.0238 3112 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys 2011/04/10 21:10:34.0507 3112 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/04/10 21:10:35.0338 3112 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 2011/04/10 21:10:35.0395 3112 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 2011/04/10 21:10:35.0433 3112 HidUsb (d02c82cb3a20f391c8aeff94e8e0baa1) C:\Windows\system32\DRIVERS\hidusb.sys 2011/04/10 21:10:35.0476 3112 HpCISSs (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys 2011/04/10 21:10:35.0525 3112 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 2011/04/10 21:10:35.0579 3112 i2omp (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys 2011/04/10 21:10:35.0629 3112 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/04/10 21:10:35.0657 3112 iaStorV (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys 2011/04/10 21:10:35.0707 3112 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 2011/04/10 21:10:35.0824 3112 IntcAzAudAddService (627c6b352718e59df08f02c536e2e0ed) C:\Windows\system32\drivers\RTKVHD64.sys 2011/04/10 21:10:35.0929 3112 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 2011/04/10 21:10:35.0956 3112 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 2011/04/10 21:10:36.0015 3112 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/04/10 21:10:36.0089 3112 IPMIDRV (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys 2011/04/10 21:10:36.0138 3112 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 2011/04/10 21:10:36.0176 3112 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 2011/04/10 21:10:36.0216 3112 isapnp (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys 2011/04/10 21:10:36.0267 3112 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/04/10 21:10:36.0291 3112 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 2011/04/10 21:10:36.0356 3112 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 2011/04/10 21:10:36.0383 3112 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/04/10 21:10:36.0422 3112 kbdhid (2b08052372c1f0dffc31cdd6e5abc4b5) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/04/10 21:10:36.0472 3112 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys 2011/04/10 21:10:36.0574 3112 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 2011/04/10 21:10:36.0677 3112 lirsgt (b658b7076b1acaa5876524595630f183) C:\Windows\system32\DRIVERS\lirsgt.sys 2011/04/10 21:10:36.0725 3112 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 2011/04/10 21:10:36.0775 3112 LSI_FC (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys 2011/04/10 21:10:36.0806 3112 LSI_SAS (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys 2011/04/10 21:10:36.0829 3112 LSI_SCSI (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys 2011/04/10 21:10:36.0859 3112 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 2011/04/10 21:10:36.0897 3112 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys 2011/04/10 21:10:36.0918 3112 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys 2011/04/10 21:10:36.0993 3112 LVRS64 (803085f59ec92b3827cc4d90fcbfd335) C:\Windows\system32\DRIVERS\lvrs64.sys 2011/04/10 21:10:37.0137 3112 LVUVC64 (a8d7c97016e6b76ef472a4c7ab357ee3) C:\Windows\system32\DRIVERS\lvuvc64.sys 2011/04/10 21:10:37.0302 3112 megasas (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys 2011/04/10 21:10:37.0343 3112 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 2011/04/10 21:10:37.0402 3112 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 2011/04/10 21:10:37.0422 3112 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 2011/04/10 21:10:37.0449 3112 mouhid (8b723ed4d5dbbc47a5f54af0515bc245) C:\Windows\system32\DRIVERS\mouhid.sys 2011/04/10 21:10:37.0486 3112 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 2011/04/10 21:10:37.0531 3112 mpio (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys 2011/04/10 21:10:37.0568 3112 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 2011/04/10 21:10:37.0621 3112 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 2011/04/10 21:10:37.0657 3112 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 2011/04/10 21:10:37.0690 3112 mrxsmb (d58d129e26705e83a4deba7177eb7972) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/04/10 21:10:37.0711 3112 mrxsmb10 (d5be5c14e0f1dc489f5bb2a67983f630) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/04/10 21:10:37.0740 3112 mrxsmb20 (09a2990c3b293c212816c9bc0d7c200e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/04/10 21:10:37.0796 3112 msahci (eeadf970795148bfbb1db3abcc89c16b) C:\Windows\system32\drivers\msahci.sys 2011/04/10 21:10:37.0819 3112 msdsm (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys 2011/04/10 21:10:37.0874 3112 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 2011/04/10 21:10:37.0923 3112 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 2011/04/10 21:10:37.0963 3112 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 2011/04/10 21:10:37.0995 3112 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/04/10 21:10:38.0027 3112 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 2011/04/10 21:10:38.0062 3112 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 2011/04/10 21:10:38.0117 3112 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/04/10 21:10:38.0143 3112 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 2011/04/10 21:10:38.0183 3112 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys 2011/04/10 21:10:38.0204 3112 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 2011/04/10 21:10:38.0282 3112 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 2011/04/10 21:10:38.0360 3112 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 2011/04/10 21:10:38.0420 3112 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/04/10 21:10:38.0452 3112 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/04/10 21:10:38.0499 3112 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/04/10 21:10:38.0547 3112 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 2011/04/10 21:10:38.0606 3112 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 2011/04/10 21:10:38.0657 3112 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 2011/04/10 21:10:38.0726 3112 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 2011/04/10 21:10:38.0789 3112 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 2011/04/10 21:10:38.0844 3112 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 2011/04/10 21:10:38.0917 3112 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 2011/04/10 21:10:38.0980 3112 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 2011/04/10 21:10:39.0333 3112 nvlddmkm (aa0828f3223e1a2952f80a8d2047dd40) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/04/10 21:10:39.0665 3112 nvraid (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys 2011/04/10 21:10:39.0710 3112 nvstor (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys 2011/04/10 21:10:39.0759 3112 nv_agp (aa1b6c86a4763502e20b65c025f39bad) C:\Windows\system32\drivers\nv_agp.sys 2011/04/10 21:10:39.0826 3112 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/04/10 21:10:39.0887 3112 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\DRIVERS\parport.sys 2011/04/10 21:10:39.0930 3112 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys 2011/04/10 21:10:39.0964 3112 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 2011/04/10 21:10:39.0991 3112 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys 2011/04/10 21:10:40.0014 3112 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 2011/04/10 21:10:40.0047 3112 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 2011/04/10 21:10:40.0150 3112 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 2011/04/10 21:10:40.0212 3112 Processor (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys 2011/04/10 21:10:40.0297 3112 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 2011/04/10 21:10:40.0373 3112 ql2300 (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys 2011/04/10 21:10:40.0459 3112 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 2011/04/10 21:10:40.0505 3112 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 2011/04/10 21:10:40.0538 3112 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 2011/04/10 21:10:40.0581 3112 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/04/10 21:10:40.0623 3112 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/04/10 21:10:40.0662 3112 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 2011/04/10 21:10:40.0744 3112 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 2011/04/10 21:10:40.0780 3112 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/04/10 21:10:40.0850 3112 rdpdr (2d98dda8edce73df99854bf3692ccc87) C:\Windows\system32\drivers\rdpdr.sys 2011/04/10 21:10:40.0880 3112 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 2011/04/10 21:10:40.0936 3112 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys 2011/04/10 21:10:41.0024 3112 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 2011/04/10 21:10:41.0066 3112 RTL8169 (f657766cdc5e66ab60cb8a7d78526bb5) C:\Windows\system32\DRIVERS\Rtlh64.sys 2011/04/10 21:10:41.0103 3112 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 2011/04/10 21:10:41.0174 3112 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/04/10 21:10:41.0217 3112 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys 2011/04/10 21:10:41.0246 3112 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys 2011/04/10 21:10:41.0329 3112 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 2011/04/10 21:10:41.0379 3112 sffdisk (541b32f8d6b2dcb92ec43bab267e79ea) C:\Windows\system32\drivers\sffdisk.sys 2011/04/10 21:10:41.0409 3112 sffp_mmc (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys 2011/04/10 21:10:41.0454 3112 sffp_sd (67edc221348911e895af51c57d9a3725) C:\Windows\system32\drivers\sffp_sd.sys 2011/04/10 21:10:41.0504 3112 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 2011/04/10 21:10:41.0551 3112 SiSRaid2 (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys 2011/04/10 21:10:41.0579 3112 SiSRaid4 (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys 2011/04/10 21:10:41.0627 3112 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 2011/04/10 21:10:41.0697 3112 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 2011/04/10 21:10:41.0750 3112 srv (8cd33a47ca02c79038b669f31f95bdac) C:\Windows\system32\DRIVERS\srv.sys 2011/04/10 21:10:41.0809 3112 srv2 (1bedf533096c56e70f87e3e3ee02caf5) C:\Windows\system32\DRIVERS\srv2.sys 2011/04/10 21:10:41.0830 3112 srvnet (2b8c340f830c465f514d966f7e6a822f) C:\Windows\system32\DRIVERS\srvnet.sys 2011/04/10 21:10:41.0917 3112 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 2011/04/10 21:10:41.0951 3112 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 2011/04/10 21:10:41.0974 3112 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 2011/04/10 21:10:42.0011 3112 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 2011/04/10 21:10:42.0127 3112 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys 2011/04/10 21:10:42.0223 3112 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys 2011/04/10 21:10:42.0257 3112 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 2011/04/10 21:10:42.0298 3112 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 2011/04/10 21:10:42.0326 3112 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 2011/04/10 21:10:42.0369 3112 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 2011/04/10 21:10:42.0400 3112 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 2011/04/10 21:10:42.0475 3112 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/04/10 21:10:42.0510 3112 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 2011/04/10 21:10:42.0548 3112 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 2011/04/10 21:10:42.0594 3112 uagp35 (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\DRIVERS\uagp35.sys 2011/04/10 21:10:42.0635 3112 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 2011/04/10 21:10:42.0727 3112 uliagpkx (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys 2011/04/10 21:10:42.0767 3112 uliahci (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys 2011/04/10 21:10:42.0795 3112 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 2011/04/10 21:10:42.0822 3112 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 2011/04/10 21:10:42.0865 3112 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 2011/04/10 21:10:42.0907 3112 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys 2011/04/10 21:10:42.0965 3112 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/04/10 21:10:42.0992 3112 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 2011/04/10 21:10:43.0031 3112 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 2011/04/10 21:10:43.0059 3112 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 2011/04/10 21:10:43.0099 3112 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys 2011/04/10 21:10:43.0138 3112 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys 2011/04/10 21:10:43.0193 3112 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys 2011/04/10 21:10:43.0223 3112 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/04/10 21:10:43.0245 3112 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/04/10 21:10:43.0275 3112 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys 2011/04/10 21:10:43.0382 3112 vga (2998dc48905e9b4821ad8fd75b3e070c) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/04/10 21:10:43.0425 3112 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 2011/04/10 21:10:43.0460 3112 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 2011/04/10 21:10:43.0507 3112 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 2011/04/10 21:10:43.0553 3112 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 2011/04/10 21:10:43.0622 3112 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 2011/04/10 21:10:43.0647 3112 vsmraid (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys 2011/04/10 21:10:43.0681 3112 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 2011/04/10 21:10:43.0729 3112 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/10 21:10:43.0740 3112 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/10 21:10:43.0773 3112 Wd (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys 2011/04/10 21:10:43.0825 3112 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 2011/04/10 21:10:44.0011 3112 WmiAcpi (ae34218455d5dc12d1e45de85f160346) C:\Windows\system32\drivers\wmiacpi.sys 2011/04/10 21:10:44.0075 3112 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/04/10 21:10:44.0128 3112 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 2011/04/10 21:10:44.0222 3112 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/04/10 21:10:44.0260 3112 ================================================================================ 2011/04/10 21:10:44.0260 3112 Scan finished 2011/04/10 21:10:44.0260 3112 ================================================================================ |
|
10.04.2011, 20:14
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2011, 18:12
| #9 |
| | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Combofix Logfile: Code:
ATTFilter ComboFix 11-04-10.04 - slo 11.04.2011 18:50:26.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2046.1118 [GMT 2:00]
ausgeführt von:: c:\users\slo\Desktop\cofi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-03-11 bis 2011-04-11 ))))))))))))))))))))))))))))))
.
.
2011-04-10 09:24 . 2011-04-10 09:24 -------- d-----w- C:\_OTL
2011-04-08 20:00 . 2011-03-18 17:56 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-04-08 20:00 . 2011-03-18 17:56 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-04-08 20:00 . 2011-03-18 17:56 728024 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-04-08 20:00 . 2011-03-18 17:56 1975768 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-04-08 20:00 . 2011-03-18 17:56 1893336 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-04-08 20:00 . 2011-03-18 17:56 1874904 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-04-08 20:00 . 2011-03-18 17:56 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-04-08 20:00 . 2011-03-18 17:56 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-04-08 18:47 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B6FAE8F3-BE11-473D-A9AF-92CE2DB43577}\mpengine.dll
2011-04-07 19:18 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-04-07 19:18 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-04-07 19:18 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-07 19:18 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-04-07 19:18 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-03-21 19:55 . 2011-03-21 19:55 -------- d-----w- c:\users\slo\AppData\Local\Apple Computer
2011-03-21 19:55 . 2011-03-21 19:55 -------- d-----w- c:\users\slo\AppData\Roaming\Apple Computer
2011-03-21 19:54 . 2011-03-21 19:54 -------- dc----w- c:\windows\system32\DRVSTORE
2011-03-21 19:54 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-21 19:54 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-03-21 19:54 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-03-21 19:54 . 2011-03-21 19:54 -------- d-----w- c:\program files\iPod
2011-03-21 19:54 . 2011-03-21 19:54 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-03-21 19:54 . 2011-03-21 19:54 -------- d-----w- c:\program files (x86)\iTunes
2011-03-21 19:54 . 2011-03-21 19:54 -------- d-----w- c:\program files\iTunes
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-03-21 19:52 . 2011-03-21 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-03-21 19:51 . 2011-03-21 19:51 -------- d-----w- c:\users\slo\AppData\Local\Apple
2011-03-21 19:51 . 2011-03-21 19:51 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-03-21 19:49 . 2011-03-21 19:49 -------- d-----w- c:\program files\Common Files\Apple
2011-03-21 19:49 . 2011-03-21 19:49 -------- d-----w- c:\program files\Bonjour
2011-03-21 19:49 . 2011-03-21 19:49 -------- d-----w- c:\program files (x86)\Bonjour
2011-03-21 19:49 . 2011-03-21 19:54 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-03-21 19:49 . 2011-03-21 19:49 -------- d-----w- c:\programdata\Apple
2011-03-18 18:09 . 2011-03-18 18:09 -------- d-----w- c:\program files (x86)\InstallJammer Registry
2011-03-18 18:08 . 2011-03-18 18:08 -------- d-----w- c:\program files (x86)\ButtonBeats.com Virtual Piano
2011-03-18 18:04 . 2011-03-18 18:04 -------- d-----w- c:\users\slo\AppData\Roaming\Synthesia
2011-03-13 17:24 . 2011-03-13 17:24 -------- d-----w- c:\program files (x86)\Winamp Detect
2011-03-13 17:24 . 2011-04-10 11:13 -------- d-----w- c:\users\slo\AppData\Roaming\Winamp
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-05 20:47 . 2009-08-18 20:13 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-02-05 20:47 . 2009-08-18 17:17 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-02-05 19:12 . 2009-08-18 17:17 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-02-02 16:11 . 2009-10-03 09:07 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-24 18:09 . 2011-01-24 18:09 53248 ----a-r- c:\users\slo\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-01-20 16:46 . 2011-02-10 16:47 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:17 . 2011-02-10 16:47 366592 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:17 . 2011-02-10 16:47 625152 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:16 . 2011-02-10 16:47 287232 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:16 . 2011-02-10 16:47 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:16 . 2011-02-10 16:47 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:16 . 2011-02-10 16:47 1268224 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:16 . 2011-02-10 16:47 748544 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:16 . 2011-02-10 16:47 47104 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:16 . 2011-02-10 16:47 3548672 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:16 . 2011-02-10 16:47 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:14 . 2011-02-10 16:47 278528 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:14 . 2011-02-10 16:47 195072 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:08 . 2011-02-10 16:47 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
2011-01-20 16:08 . 2011-02-10 16:47 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-10 16:47 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-01-20 16:08 . 2011-02-10 16:47 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
2011-01-20 16:08 . 2011-02-10 16:47 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
2011-01-20 16:07 . 2011-02-10 16:47 258048 ----a-w- c:\windows\SysWow64\winspool.drv
2011-01-20 16:07 . 2011-02-10 16:47 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2011-01-20 16:06 . 2011-02-10 16:47 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2011-01-20 16:04 . 2011-02-10 16:47 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2011-01-20 16:04 . 2011-02-10 16:47 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2011-01-20 15:01 . 2011-02-10 16:47 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 15:01 . 2011-02-10 16:47 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:59 . 2011-02-10 16:47 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:58 . 2011-02-10 16:47 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:57 . 2011-02-10 16:47 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:42 . 2011-02-10 16:47 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:41 . 2011-02-10 16:47 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:40 . 2011-02-10 16:47 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:40 . 2011-02-10 16:47 34304 ----a-w- c:\windows\system32\mfpmp.exe
2011-01-20 14:40 . 2011-02-10 16:47 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:37 . 2011-02-10 16:47 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:35 . 2011-02-10 16:47 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 14:28 . 2011-02-10 16:47 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
2011-01-20 14:27 . 2011-02-10 16:47 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-20 14:25 . 2011-02-10 16:47 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2011-01-20 14:24 . 2011-02-10 16:47 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-10 16:47 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-10 16:47 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-10 16:47 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2011-01-20 14:14 . 2011-02-10 16:47 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-10 16:47 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2011-01-20 14:11 . 2011-02-10 16:47 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2011-01-20 14:06 . 2011-02-10 16:47 834048 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:47 . 2011-02-10 16:47 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-07 281768]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"QuickTime Task"="c:\program files (x86)\QuickTime Alternative\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
c:\users\Mum & Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-17 136176]
R2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
R3 FET5A64;VIA Rhine-Familie-Fast-Ethernet-Adaptertreiberdienst;c:\windows\system32\DRIVERS\fet5a64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-07 135336]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-07-14 239648]
S3 3xHybr64;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybr64.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam C160(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-17 13:04]
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-17 13:04]
.
2011-04-11 c:\windows\Tasks\User_Feed_Synchronization-{A08E459A-0FF6-4E1B-9C06-B91F4E4BDE12}.job
- c:\windows\system32\msfeedssync.exe [2009-08-23 07:33]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-03-30 1833504]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-03-30 7574048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = %SystemRoot%\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3 - c:\program files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
FF - ProfilePath - c:\users\slo\AppData\Roaming\Mozilla\Firefox\Profiles\w59t2voi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Grooveshark
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-Mozilla Thunderbird (2.0.0.22) - k:\portables extern\ThunderbirdPortable\App\Thunderbird\uninstall\helper.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
Zeit der Fertigstellung: 2011-04-11 19:01:53
ComboFix-quarantined-files.txt 2011-04-11 17:01
.
Vor Suchlauf: 5.641.158.656 Bytes frei
Nach Suchlauf: 5.667.450.880 Bytes frei
.
- - End Of File - - E2528E8419D36B56682027AA75B12765
Nachdem die Logdatei erstellt wurde, öffnete sich ein Microsoft Windows Fenster. ''LVPrcSrv Module. funktioniert nicht mehr'' was hat das zu bedeuten? Gruß SharKING |
|
11.04.2011, 18:25
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2011, 19:08
| #11 |
| | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner anHTML-Code: 2011/04/11 20:07:13.0341 4972 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/04/11 20:07:13.0656 4972 ================================================================================ 2011/04/11 20:07:13.0656 4972 SystemInfo: 2011/04/11 20:07:13.0656 4972 2011/04/11 20:07:13.0656 4972 OS Version: 6.0.6002 ServicePack: 2.0 2011/04/11 20:07:13.0656 4972 Product type: Workstation 2011/04/11 20:07:13.0656 4972 ComputerName: SLO-PC 2011/04/11 20:07:13.0657 4972 UserName: slo 2011/04/11 20:07:13.0657 4972 Windows directory: C:\Windows 2011/04/11 20:07:13.0657 4972 System windows directory: C:\Windows 2011/04/11 20:07:13.0657 4972 Running under WOW64 2011/04/11 20:07:13.0657 4972 Processor architecture: Intel x64 2011/04/11 20:07:13.0657 4972 Number of processors: 2 2011/04/11 20:07:13.0657 4972 Page size: 0x1000 2011/04/11 20:07:13.0657 4972 Boot type: Normal boot 2011/04/11 20:07:13.0657 4972 ================================================================================ 2011/04/11 20:07:14.0013 4972 Initialize success 2011/04/11 20:07:16.0767 7532 ================================================================================ 2011/04/11 20:07:16.0767 7532 Scan started 2011/04/11 20:07:16.0767 7532 Mode: Manual; 2011/04/11 20:07:16.0767 7532 ================================================================================ 2011/04/11 20:07:17.0997 7532 3xHybr64 (09c3c8be1385df671dcab548bee7f745) C:\Windows\system32\DRIVERS\3xHybr64.sys 2011/04/11 20:07:18.0074 7532 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 2011/04/11 20:07:18.0126 7532 adp94xx (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys 2011/04/11 20:07:18.0185 7532 adpahci (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys 2011/04/11 20:07:18.0224 7532 adpu160m (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys 2011/04/11 20:07:18.0268 7532 adpu320 (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys 2011/04/11 20:07:18.0332 7532 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys 2011/04/11 20:07:18.0433 7532 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 2011/04/11 20:07:18.0468 7532 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 2011/04/11 20:07:18.0489 7532 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 2011/04/11 20:07:18.0526 7532 AmdK8 (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\drivers\amdk8.sys 2011/04/11 20:07:18.0719 7532 arc (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys 2011/04/11 20:07:18.0748 7532 arcsas (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys 2011/04/11 20:07:18.0799 7532 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/04/11 20:07:18.0833 7532 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 2011/04/11 20:07:18.0878 7532 atksgt (4aef9ec86818375495fb78ca58df4e18) C:\Windows\system32\DRIVERS\atksgt.sys 2011/04/11 20:07:18.0930 7532 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/04/11 20:07:19.0028 7532 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys 2011/04/11 20:07:19.0116 7532 bowser (8b2b19031d0aeade6e1b933df1acba7e) C:\Windows\system32\DRIVERS\bowser.sys 2011/04/11 20:07:19.0143 7532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 2011/04/11 20:07:19.0164 7532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 2011/04/11 20:07:19.0215 7532 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 2011/04/11 20:07:19.0239 7532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 2011/04/11 20:07:19.0261 7532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 2011/04/11 20:07:19.0298 7532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 2011/04/11 20:07:19.0333 7532 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 2011/04/11 20:07:19.0359 7532 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 2011/04/11 20:07:19.0402 7532 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 2011/04/11 20:07:19.0433 7532 circlass (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys 2011/04/11 20:07:19.0485 7532 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 2011/04/11 20:07:19.0609 7532 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 2011/04/11 20:07:19.0634 7532 Compbatt (0e77a445640bf310817f60941c50560c) C:\Windows\system32\drivers\compbatt.sys 2011/04/11 20:07:19.0659 7532 crcdisk (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys 2011/04/11 20:07:19.0709 7532 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys 2011/04/11 20:07:19.0762 7532 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 2011/04/11 20:07:19.0806 7532 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 2011/04/11 20:07:19.0863 7532 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 2011/04/11 20:07:19.0926 7532 E1G60 (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys 2011/04/11 20:07:19.0983 7532 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 2011/04/11 20:07:20.0034 7532 elxstor (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys 2011/04/11 20:07:20.0111 7532 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 2011/04/11 20:07:20.0209 7532 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 2011/04/11 20:07:20.0241 7532 fdc (61b6dbd1ad1143f008364d4e9a96b224) C:\Windows\system32\DRIVERS\fdc.sys 2011/04/11 20:07:20.0285 7532 FET5A64 (024f983c976e5d5ce79eb403058899f8) C:\Windows\system32\DRIVERS\fet5a64.sys 2011/04/11 20:07:20.0323 7532 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 2011/04/11 20:07:20.0355 7532 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 2011/04/11 20:07:20.0367 7532 flpydisk (12c3d1b4d0ce49e1ce343ba2f22f15e0) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/04/11 20:07:20.0411 7532 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 2011/04/11 20:07:20.0484 7532 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys 2011/04/11 20:07:20.0523 7532 gagp30kx (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys 2011/04/11 20:07:20.0554 7532 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/04/11 20:07:20.0606 7532 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys 2011/04/11 20:07:20.0733 7532 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/04/11 20:07:20.0790 7532 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 2011/04/11 20:07:20.0822 7532 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 2011/04/11 20:07:20.0860 7532 HidUsb (d02c82cb3a20f391c8aeff94e8e0baa1) C:\Windows\system32\DRIVERS\hidusb.sys 2011/04/11 20:07:20.0903 7532 HpCISSs (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys 2011/04/11 20:07:20.0952 7532 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 2011/04/11 20:07:21.0006 7532 i2omp (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys 2011/04/11 20:07:21.0056 7532 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/04/11 20:07:21.0092 7532 iaStorV (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys 2011/04/11 20:07:21.0150 7532 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 2011/04/11 20:07:21.0426 7532 IntcAzAudAddService (627c6b352718e59df08f02c536e2e0ed) C:\Windows\system32\drivers\RTKVHD64.sys 2011/04/11 20:07:21.0498 7532 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 2011/04/11 20:07:21.0516 7532 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 2011/04/11 20:07:21.0576 7532 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/04/11 20:07:21.0716 7532 IPMIDRV (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys 2011/04/11 20:07:21.0757 7532 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 2011/04/11 20:07:21.0795 7532 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 2011/04/11 20:07:21.0835 7532 isapnp (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys 2011/04/11 20:07:21.0878 7532 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/04/11 20:07:21.0902 7532 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 2011/04/11 20:07:21.0941 7532 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 2011/04/11 20:07:21.0977 7532 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/04/11 20:07:22.0000 7532 kbdhid (2b08052372c1f0dffc31cdd6e5abc4b5) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/04/11 20:07:22.0049 7532 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys 2011/04/11 20:07:22.0101 7532 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 2011/04/11 20:07:22.0246 7532 lirsgt (b658b7076b1acaa5876524595630f183) C:\Windows\system32\DRIVERS\lirsgt.sys 2011/04/11 20:07:22.0302 7532 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 2011/04/11 20:07:22.0369 7532 LSI_FC (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys 2011/04/11 20:07:22.0400 7532 LSI_SAS (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys 2011/04/11 20:07:22.0423 7532 LSI_SCSI (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys 2011/04/11 20:07:22.0453 7532 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 2011/04/11 20:07:22.0491 7532 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys 2011/04/11 20:07:22.0512 7532 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys 2011/04/11 20:07:22.0562 7532 LVRS64 (803085f59ec92b3827cc4d90fcbfd335) C:\Windows\system32\DRIVERS\lvrs64.sys 2011/04/11 20:07:23.0322 7532 LVUVC64 (a8d7c97016e6b76ef472a4c7ab357ee3) C:\Windows\system32\DRIVERS\lvuvc64.sys 2011/04/11 20:07:23.0520 7532 megasas (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys 2011/04/11 20:07:23.0578 7532 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 2011/04/11 20:07:23.0620 7532 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 2011/04/11 20:07:23.0649 7532 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 2011/04/11 20:07:23.0675 7532 mouhid (8b723ed4d5dbbc47a5f54af0515bc245) C:\Windows\system32\DRIVERS\mouhid.sys 2011/04/11 20:07:23.0721 7532 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 2011/04/11 20:07:23.0775 7532 mpio (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys 2011/04/11 20:07:24.0087 7532 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 2011/04/11 20:07:24.0206 7532 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 2011/04/11 20:07:24.0259 7532 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 2011/04/11 20:07:24.0291 7532 mrxsmb (d58d129e26705e83a4deba7177eb7972) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/04/11 20:07:24.0321 7532 mrxsmb10 (d5be5c14e0f1dc489f5bb2a67983f630) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/04/11 20:07:24.0358 7532 mrxsmb20 (09a2990c3b293c212816c9bc0d7c200e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/04/11 20:07:24.0389 7532 msahci (eeadf970795148bfbb1db3abcc89c16b) C:\Windows\system32\drivers\msahci.sys 2011/04/11 20:07:24.0412 7532 msdsm (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys 2011/04/11 20:07:24.0451 7532 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 2011/04/11 20:07:24.0516 7532 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 2011/04/11 20:07:24.0565 7532 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 2011/04/11 20:07:24.0630 7532 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/04/11 20:07:24.0678 7532 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 2011/04/11 20:07:24.0714 7532 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 2011/04/11 20:07:24.0743 7532 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/04/11 20:07:24.0770 7532 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 2011/04/11 20:07:24.0810 7532 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys 2011/04/11 20:07:24.0830 7532 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 2011/04/11 20:07:24.0884 7532 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 2011/04/11 20:07:24.0945 7532 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 2011/04/11 20:07:25.0047 7532 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/04/11 20:07:25.0086 7532 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/04/11 20:07:25.0178 7532 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/04/11 20:07:25.0223 7532 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 2011/04/11 20:07:25.0241 7532 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 2011/04/11 20:07:25.0284 7532 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 2011/04/11 20:07:25.0345 7532 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 2011/04/11 20:07:25.0390 7532 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 2011/04/11 20:07:25.0445 7532 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 2011/04/11 20:07:25.0566 7532 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 2011/04/11 20:07:25.0657 7532 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 2011/04/11 20:07:26.0328 7532 nvlddmkm (aa0828f3223e1a2952f80a8d2047dd40) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/04/11 20:07:26.0666 7532 nvraid (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys 2011/04/11 20:07:26.0712 7532 nvstor (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys 2011/04/11 20:07:26.0752 7532 nv_agp (aa1b6c86a4763502e20b65c025f39bad) C:\Windows\system32\drivers\nv_agp.sys 2011/04/11 20:07:26.0819 7532 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/04/11 20:07:26.0872 7532 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\DRIVERS\parport.sys 2011/04/11 20:07:26.0907 7532 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys 2011/04/11 20:07:26.0949 7532 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 2011/04/11 20:07:26.0976 7532 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys 2011/04/11 20:07:27.0007 7532 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 2011/04/11 20:07:27.0040 7532 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 2011/04/11 20:07:27.0143 7532 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 2011/04/11 20:07:27.0171 7532 Processor (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys 2011/04/11 20:07:27.0289 7532 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 2011/04/11 20:07:27.0349 7532 ql2300 (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys 2011/04/11 20:07:27.0410 7532 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 2011/04/11 20:07:27.0448 7532 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 2011/04/11 20:07:27.0481 7532 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 2011/04/11 20:07:27.0515 7532 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/04/11 20:07:27.0558 7532 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/04/11 20:07:27.0596 7532 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 2011/04/11 20:07:27.0637 7532 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 2011/04/11 20:07:27.0731 7532 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/04/11 20:07:27.0775 7532 rdpdr (2d98dda8edce73df99854bf3692ccc87) C:\Windows\system32\drivers\rdpdr.sys 2011/04/11 20:07:27.0795 7532 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 2011/04/11 20:07:27.0846 7532 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys 2011/04/11 20:07:27.0900 7532 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 2011/04/11 20:07:27.0942 7532 RTL8169 (f657766cdc5e66ab60cb8a7d78526bb5) C:\Windows\system32\DRIVERS\Rtlh64.sys 2011/04/11 20:07:27.0979 7532 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 2011/04/11 20:07:28.0042 7532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/04/11 20:07:28.0085 7532 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys 2011/04/11 20:07:28.0122 7532 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys 2011/04/11 20:07:28.0155 7532 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 2011/04/11 20:07:28.0188 7532 sffdisk (541b32f8d6b2dcb92ec43bab267e79ea) C:\Windows\system32\drivers\sffdisk.sys 2011/04/11 20:07:28.0336 7532 sffp_mmc (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys 2011/04/11 20:07:28.0372 7532 sffp_sd (67edc221348911e895af51c57d9a3725) C:\Windows\system32\drivers\sffp_sd.sys 2011/04/11 20:07:28.0389 7532 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 2011/04/11 20:07:28.0427 7532 SiSRaid2 (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys 2011/04/11 20:07:28.0463 7532 SiSRaid4 (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys 2011/04/11 20:07:28.0503 7532 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 2011/04/11 20:07:28.0549 7532 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 2011/04/11 20:07:28.0635 7532 srv (8cd33a47ca02c79038b669f31f95bdac) C:\Windows\system32\DRIVERS\srv.sys 2011/04/11 20:07:28.0702 7532 srv2 (1bedf533096c56e70f87e3e3ee02caf5) C:\Windows\system32\DRIVERS\srv2.sys 2011/04/11 20:07:28.0807 7532 srvnet (2b8c340f830c465f514d966f7e6a822f) C:\Windows\system32\DRIVERS\srvnet.sys 2011/04/11 20:07:28.0910 7532 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 2011/04/11 20:07:28.0944 7532 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 2011/04/11 20:07:28.0967 7532 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 2011/04/11 20:07:28.0996 7532 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 2011/04/11 20:07:29.0097 7532 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys 2011/04/11 20:07:29.0180 7532 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys 2011/04/11 20:07:29.0291 7532 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 2011/04/11 20:07:29.0341 7532 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 2011/04/11 20:07:29.0377 7532 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 2011/04/11 20:07:29.0421 7532 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 2011/04/11 20:07:29.0459 7532 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 2011/04/11 20:07:29.0527 7532 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/04/11 20:07:29.0576 7532 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 2011/04/11 20:07:29.0615 7532 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 2011/04/11 20:07:29.0654 7532 uagp35 (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\DRIVERS\uagp35.sys 2011/04/11 20:07:29.0745 7532 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 2011/04/11 20:07:30.0003 7532 uliagpkx (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys 2011/04/11 20:07:30.0043 7532 uliahci (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys 2011/04/11 20:07:30.0071 7532 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 2011/04/11 20:07:30.0098 7532 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 2011/04/11 20:07:30.0141 7532 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 2011/04/11 20:07:30.0208 7532 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys 2011/04/11 20:07:30.0266 7532 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/04/11 20:07:30.0302 7532 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 2011/04/11 20:07:30.0382 7532 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 2011/04/11 20:07:30.0410 7532 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 2011/04/11 20:07:30.0474 7532 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys 2011/04/11 20:07:30.0514 7532 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys 2011/04/11 20:07:30.0561 7532 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys 2011/04/11 20:07:30.0591 7532 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/04/11 20:07:30.0612 7532 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/04/11 20:07:30.0643 7532 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys 2011/04/11 20:07:30.0692 7532 vga (2998dc48905e9b4821ad8fd75b3e070c) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/04/11 20:07:30.0726 7532 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 2011/04/11 20:07:30.0778 7532 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 2011/04/11 20:07:30.0808 7532 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 2011/04/11 20:07:30.0948 7532 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 2011/04/11 20:07:31.0038 7532 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 2011/04/11 20:07:31.0090 7532 vsmraid (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys 2011/04/11 20:07:31.0132 7532 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 2011/04/11 20:07:31.0188 7532 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/11 20:07:31.0202 7532 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/11 20:07:31.0249 7532 Wd (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys 2011/04/11 20:07:31.0326 7532 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 2011/04/11 20:07:31.0453 7532 WmiAcpi (ae34218455d5dc12d1e45de85f160346) C:\Windows\system32\drivers\wmiacpi.sys 2011/04/11 20:07:31.0525 7532 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/04/11 20:07:31.0562 7532 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 2011/04/11 20:07:31.0648 7532 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/04/11 20:07:31.0694 7532 ================================================================================ 2011/04/11 20:07:31.0694 7532 Scan finished 2011/04/11 20:07:31.0694 7532 ================================================================================ |
|
11.04.2011, 19:13
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2011, 19:55
| #13 |
| | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an wenn ich bei OSAM auf "Save Log" klicke, passiert nicht und eine log datei finde ich auch nicht. GMER: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15570 - hxxp://www.gmer.net
Rootkit scan 2011-04-11 20:40:06
Windows 6.0.6002 Service Pack 2
Running: eirp3fbw.exe
---- Registry - GMER 1.0.15 ----
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@F:\Desktop\Kathryn\xb4s Stellenangebote\ps_radio2015.exe 1
---- EOF - GMER 1.0.15 ----
|
|
12.04.2011, 09:13
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Oh, hast ja ein 64-Bit-Win. Hab ich übersehen, da läuft OSAM nicht. Lass es weg. Nur noch das Log von MBRcheck brauch ich.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.04.2011, 19:17
| #15 |
| | Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an Verrate mir dann bitte noch einmal wie ich OSAM sauber wieder los werde (: HTML-Code: MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x000003bc
Kernel Drivers (total 138):
0x0221E000 \SystemRoot\system32\ntoskrnl.exe
0x02736000 \SystemRoot\system32\hal.dll
0x0060E000 \SystemRoot\system32\kdcom.dll
0x00618000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00653000 \SystemRoot\system32\PSHED.dll
0x00667000 \SystemRoot\system32\CLFS.SYS
0x006C4000 \SystemRoot\system32\CI.dll
0x00804000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008DE000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008EC000 \SystemRoot\system32\drivers\acpi.sys
0x00942000 \SystemRoot\system32\drivers\WMILIB.SYS
0x0094B000 \SystemRoot\system32\drivers\msisadrv.sys
0x00955000 \SystemRoot\system32\drivers\pci.sys
0x00985000 \SystemRoot\System32\drivers\partmgr.sys
0x0099A000 \SystemRoot\system32\drivers\volmgr.sys
0x00776000 \SystemRoot\System32\drivers\volmgrx.sys
0x009AE000 \SystemRoot\system32\drivers\intelide.sys
0x009B6000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x009C6000 \SystemRoot\System32\drivers\mountmgr.sys
0x009D9000 \SystemRoot\system32\drivers\atapi.sys
0x007DC000 \SystemRoot\system32\drivers\ataport.SYS
0x00A00000 \SystemRoot\system32\drivers\fltmgr.sys
0x00A47000 \SystemRoot\system32\drivers\fileinfo.sys
0x00A5B000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00C0B000 \SystemRoot\system32\drivers\ndis.sys
0x00AE2000 \SystemRoot\system32\drivers\msrpc.sys
0x00B32000 \SystemRoot\system32\drivers\NETIO.SYS
0x00E01000 \SystemRoot\System32\drivers\tcpip.sys
0x00F77000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0100D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0118D000 \SystemRoot\system32\drivers\volsnap.sys
0x011D1000 \SystemRoot\system32\DRIVERS\uagp35.sys
0x011E4000 \SystemRoot\System32\Drivers\spldr.sys
0x011EC000 \SystemRoot\System32\Drivers\mup.sys
0x00FA3000 \SystemRoot\System32\drivers\ecache.sys
0x00FCF000 \SystemRoot\system32\drivers\disk.sys
0x00DCE000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01000000 \SystemRoot\system32\drivers\crcdisk.sys
0x00B8B000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x00B98000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x00BA1000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x02007000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x02AD3000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x02AD5000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x02BB8000 \SystemRoot\System32\drivers\watchdog.sys
0x02E06000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x02EF3000 \SystemRoot\system32\DRIVERS\Rtlh64.sys
0x02F2A000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x02F36000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x02F7C000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x02C0D000 \SystemRoot\system32\DRIVERS\3xHybr64.sys
0x02D67000 \SystemRoot\system32\DRIVERS\ks.sys
0x02D9B000 \SystemRoot\system32\DRIVERS\BdaSup.SYS
0x02D9F000 \SystemRoot\system32\drivers\ksthunk.sys
0x02DA5000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x02DAD000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x02DC3000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x02DD1000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x02DDD000 \SystemRoot\system32\DRIVERS\serial.sys
0x02C00000 \SystemRoot\system32\DRIVERS\serenum.sys
0x02F8D000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02FA9000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x02FB6000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x0300B000 \SystemRoot\system32\DRIVERS\storport.sys
0x03068000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03075000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x03098000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x030A4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x030D5000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x030E5000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x03103000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0311B000 \SystemRoot\system32\DRIVERS\termdd.sys
0x0312E000 \SystemRoot\system32\DRIVERS\swenum.sys
0x03130000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x0313B000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0314B000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x03193000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x03402000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x035AB000 \SystemRoot\system32\drivers\portcls.sys
0x031A7000 \SystemRoot\system32\drivers\drmk.sys
0x035E6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x035F0000 \SystemRoot\System32\Drivers\Null.SYS
0x031CA000 \SystemRoot\System32\drivers\vga.sys
0x031D8000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03000000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02FEF000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02BC8000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02BD3000 \SystemRoot\System32\Drivers\Npfs.SYS
0x02BE4000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x00BB4000 \SystemRoot\system32\DRIVERS\tdx.sys
0x00BD1000 \SystemRoot\system32\DRIVERS\smb.sys
0x03605000 \SystemRoot\system32\drivers\afd.sys
0x03670000 \SystemRoot\System32\DRIVERS\netbt.sys
0x036B4000 \SystemRoot\system32\DRIVERS\pacer.sys
0x036D2000 \SystemRoot\system32\DRIVERS\netbios.sys
0x036E1000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x036FC000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03749000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03755000 \SystemRoot\System32\Drivers\dfsc.sys
0x03772000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x03794000 \SystemRoot\System32\Drivers\crashdmp.sys
0x037A2000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x037AE000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x037B6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x037D2000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03A00000 \SystemRoot\system32\DRIVERS\lvuvc64.sys
0x037D4000 \SystemRoot\system32\drivers\usbaudio.sys
0x03E09000 \SystemRoot\system32\DRIVERS\lvrs64.sys
0x000F0000 \SystemRoot\System32\win32k.sys
0x03E5B000 \SystemRoot\System32\drivers\Dxapi.sys
0x03E67000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x03E7F000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00420000 \SystemRoot\System32\TSDDD.dll
0x00640000 \SystemRoot\System32\cdd.dll
0x03E92000 \SystemRoot\system32\drivers\luafv.sys
0x03EB4000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x03EDA000 \SystemRoot\system32\drivers\spsys.sys
0x03F74000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03F88000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0740F000 \SystemRoot\system32\drivers\HTTP.sys
0x074B2000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x074DB000 \SystemRoot\system32\DRIVERS\bowser.sys
0x074F9000 \SystemRoot\System32\drivers\mpsdrv.sys
0x07513000 \SystemRoot\system32\drivers\mrxdav.sys
0x0753A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07563000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x075AC000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x075CB000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07607000 \SystemRoot\System32\DRIVERS\srv.sys
0x0769B000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x076A6000 \SystemRoot\system32\drivers\peauth.sys
0x0775C000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07767000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07777000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x07797000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0x077AD000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x077C9000 \SystemRoot\system32\DRIVERS\LVPr2M64.sys
0x77580000 \Windows\System32\ntdll.dll
Processes (total 66):
0 System Idle Process
4 System
416 C:\Windows\System32\smss.exe
488 csrss.exe
536 C:\Windows\System32\wininit.exe
556 csrss.exe
592 C:\Windows\System32\services.exe
608 C:\Windows\System32\lsass.exe
616 C:\Windows\System32\lsm.exe
760 C:\Windows\System32\svchost.exe
836 C:\Windows\System32\nvvsvc.exe
864 C:\Windows\System32\svchost.exe
924 C:\Windows\System32\svchost.exe
960 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\svchost.exe
192 C:\Windows\System32\svchost.exe
264 C:\Windows\System32\winlogon.exe
848 C:\Windows\System32\audiodg.exe
300 C:\Windows\System32\SLsvc.exe
1048 C:\Windows\System32\svchost.exe
1156 C:\Windows\System32\svchost.exe
1188 C:\Windows\System32\nvvsvc.exe
1408 C:\Windows\System32\spoolsv.exe
1432 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1444 C:\Windows\System32\svchost.exe
1768 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1804 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1828 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
1844 C:\Windows\System32\taskeng.exe
1088 C:\Windows\System32\dwm.exe
1292 C:\Windows\explorer.exe
1596 C:\Windows\System32\taskeng.exe
1320 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2132 C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
2152 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2300 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
2388 C:\Windows\SysWOW64\PnkBstrA.exe
2408 C:\Windows\System32\svchost.exe
2428 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2460 C:\Windows\System32\svchost.exe
2492 C:\Windows\System32\svchost.exe
2528 C:\Windows\System32\SearchIndexer.exe
2616 WUDFHost.exe
2660 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
2820 LVPrS64H.exe
2980 C:\Program Files\Windows Media Player\wmpnscfg.exe
1516 C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
3048 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2164 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
496 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
3128 C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
3152 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3164 C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
3180 C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
3576 C:\Windows\System32\mobsync.exe
3632 C:\Program Files\Windows Media Player\wmpnetwk.exe
3908 C:\Program Files\iPod\bin\iPodService.exe
260 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
3584 C:\Windows\System32\svchost.exe
2632 C:\Users\slo\Desktop\osam.exe
2336 WmiPrvSE.exe
1788 C:\Windows\servicing\TrustedInstaller.exe
1244 C:\Windows\System32\SearchProtocolHost.exe
3784 C:\Windows\System32\SearchFilterHost.exe
3200 C:\Users\slo\Desktop\MBRCheck.exe
776 C:\Windows\SysWOW64\conime.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000000f`de900000 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x00000021`cea00000 (NTFS)
PhysicalDrive0 Model Number: WDCWD2500JS-22NCB1, Rev: 10.02E02
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
Done! |
|
| Themen zu Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an |
| antivir, avgntflt.sys, avira, bho, bonjour, call of duty, converter, entfernen, error, euro, extras.txt, festplatte, festplatte zeigt keine ordner an, firefox, flash player, hijack, hijackthis, home, install.exe, location, logfile, lws.exe, media center, mozilla thunderbird, mp3, msiinstaller, oldtimer, otl.exe, plug-in, problem, realtek, recovery virus, safer networking, saver, scan, sched.exe, searchplugins, shell32.dll, shortcut, skype.exe, software, start menu, studio, syswow64, trojaner-board, virus, vista, windows, windows recovery, wma |
Linear-Darstellung
