| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PWS:Win32/ZbotWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.10.2012, 06:36
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  PWS:Win32/Zbot Ah, anscheinend haben die reagiert, nun ist wieder Version 3.2.69.0 "aktuell"  Die Versionen 3.2.70.x hatten einige Bugs  Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=100&systemid=102&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=100&systemid=102&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-2736532733-1769906655-2182106837-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
IE - HKU\S-1-5-21-2736532733-1769906655-2182106837-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2736532733-1769906655-2182106837-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=100&systemid=102&sr=0&q={searchTerms}
FF - user.js - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BthSyncServ] "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2736532733-1769906655-2182106837-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1
:Files
C:\Program Files (x86)\Searchqu Toolbar
C:\Users\Drackle\AppData\Roaming\Mozilla\Firefox\Profiles\0lz74a64.default-1349118411009\user.js
C:\Users\Drackle\Desktop\iLividSetupV1.exe
C:\Users\Drackle\Desktop\Alte Firefox-Daten\user.js
C:\Users\Drackle\Downloads\setup.exe
C:\Users\Drackle\AppData\Local\{*
C:\Users\Drackle\AppData\Roaming\Ruib
C:\Users\Drackle\AppData\Roaming\Quxomy
C:\Users\Drackle\AppData\Roaming\Oqogyx
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.10.2012, 09:05
| #17 |
 | PWS:Win32/ZbotCode:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
HKU\S-1-5-21-2736532733-1769906655-2182106837-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKEY_USERS\S-1-5-21-2736532733-1769906655-2182106837-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2736532733-1769906655-2182106837-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BthSyncServ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2736532733-1769906655-2182106837-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
========== FILES ==========
File\Folder C:\Program Files (x86)\Searchqu Toolbar not found.
File\Folder C:\Users\Drackle\AppData\Roaming\Mozilla\Firefox\Profiles\0lz74a64.default-1349118411009\user.js not found.
C:\Users\Drackle\Desktop\iLividSetupV1.exe moved successfully.
C:\Users\Drackle\Desktop\Alte Firefox-Daten\user.js moved successfully.
C:\Users\Drackle\Downloads\setup.exe moved successfully.
C:\Users\Drackle\AppData\Local\{006EB78A-9B11-48CB-B3C5-C17F782A03BB} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0152050B-760B-4661-9988-7CC58EBC0258} folder moved successfully.
C:\Users\Drackle\AppData\Local\{018E3C36-CB37-4C2A-945F-BED3D83B3C68} folder moved successfully.
C:\Users\Drackle\AppData\Local\{019453E7-FB23-403F-A4CF-3CC70AB82D67} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0242187E-7068-4751-9257-7EB080681E00} folder moved successfully.
C:\Users\Drackle\AppData\Local\{029F49A6-C788-46C9-883A-9467A5931984} folder moved successfully.
C:\Users\Drackle\AppData\Local\{03622C3A-E657-4B35-BEF8-2D71DC777A2E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0364061D-7EFB-4EBF-8685-4213BF903EF2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{04D34181-E6CB-484F-9916-E036FEFA04A1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{055787AA-A67C-41E9-95D2-CD9E0A6472EC} folder moved successfully.
C:\Users\Drackle\AppData\Local\{05F09A40-0D9F-4A3F-9C49-76459D46C28C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{061F1008-24DB-4FFD-8E72-23A3F132B8F5} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0634865F-378D-48DB-A3F6-AF7827BE24CA} folder moved successfully.
C:\Users\Drackle\AppData\Local\{06AD7A15-F70B-4795-A53B-C0F4F35573B4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{06C09433-926D-47C7-AB1A-51A4390BA6D5} folder moved successfully.
C:\Users\Drackle\AppData\Local\{07BEA93D-7A49-4537-9A60-3802E3E52C7A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{07FD3DFB-13E5-46BB-9C18-67C67E1EE6B9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{085EBF12-3884-4545-8C82-D1A96D307D43} folder moved successfully.
C:\Users\Drackle\AppData\Local\{09359936-8394-47B1-94D2-D598B73CABF2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{09F027EA-AE41-4C19-AA6C-399976F14A68} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0E4F73F4-B195-4A16-A726-F6ADF9E97FE0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0EC73F5D-315C-4730-9C1D-C345D67B5870} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0EFC942B-070D-4A3C-BC7B-E0DC9975FBB1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0F3C12F5-253A-4DDE-B90B-B54720AE8642} folder moved successfully.
C:\Users\Drackle\AppData\Local\{0FD9C6A8-D52A-43ED-BE81-C654FBCBD434} folder moved successfully.
C:\Users\Drackle\AppData\Local\{101A1A75-1F47-41D8-9356-8B6CDD404CF6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{10DE5D6D-4D5B-4337-B71F-4CB939AC693E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{10F26B92-4C4D-448D-AAE1-37363FEECE97} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1109806D-894C-4023-9813-1B59F3CCB204} folder moved successfully.
C:\Users\Drackle\AppData\Local\{128D9118-C501-4764-B3A9-D8E7A03D7F49} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1416527C-5E3E-47A4-828E-D9F6005DA001} folder moved successfully.
C:\Users\Drackle\AppData\Local\{14F27CC3-3225-4240-8358-81FED6DCFBBE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1539DF50-5A94-431A-A1E4-0B7119BCB56D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1594A34E-8E19-4180-8089-970D1AB0D006} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1595CABE-8A66-4234-840C-1AEA445F2F99} folder moved successfully.
C:\Users\Drackle\AppData\Local\{167C1705-2909-458C-88B4-84E080E061C2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{16C0311B-BC87-4485-8300-4796C7F304B2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{16C0488A-CFF8-4EB3-BB14-7E1B6CAAAD12} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1709D584-9AF1-4D6A-996E-98FDE3D4AEDA} folder moved successfully.
C:\Users\Drackle\AppData\Local\{192BA420-ACEB-4896-9AFD-D8075FB5D573} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1960D000-8CC3-4ABA-9CE4-124B388C7C3D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{19CA9688-3498-4155-9D3A-B43F3D4E18CF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{19FA4BE9-D943-4871-9824-6DD7F00FC69D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1A04D88F-E522-48AE-8FBF-D36CA03DB834} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1AEF8969-8ECE-4824-A920-39CA86ABE9AF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1B8800F7-8A48-48D2-9E17-28D509D5077A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1C02B31E-5852-4AA8-9583-2443D8AD119F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1CF67279-6369-4CE8-B520-79FDC53F96C3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1D79693C-3FE9-45EB-ACF7-14F21080CD5A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1DAE6C63-A8D2-4EF2-A000-19456F831E62} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1DE6BF2F-0B38-4A2E-A878-8DB0C3E2C431} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1DF9B80E-43DB-4B06-9BCE-B950A3E67846} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1F27754F-90A9-46EA-95A7-070B94C1B1F4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{1F8F8826-7F93-4F98-BC2D-D37AFFC8A542} folder moved successfully.
C:\Users\Drackle\AppData\Local\{20181FC0-BEDF-4080-944A-B86054ED94CD} folder moved successfully.
C:\Users\Drackle\AppData\Local\{20218B83-392A-4C08-91F6-FC8A9F58061F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{208C349B-A349-441C-A627-CA6816AD555C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{21B75915-084E-4823-9E65-7E39A462D459} folder moved successfully.
C:\Users\Drackle\AppData\Local\{221CE0D0-141F-4616-B971-CC84D2DC2502} folder moved successfully.
C:\Users\Drackle\AppData\Local\{230D408F-BE94-48BC-AC03-043252952C37} folder moved successfully.
C:\Users\Drackle\AppData\Local\{233B50C4-46EB-4BD2-97FF-7E803687392A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2442EF15-4F60-445A-87DC-EC60A0F8DBF0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{255CBAE1-15BA-479E-94D1-34EA7FD89007} folder moved successfully.
C:\Users\Drackle\AppData\Local\{266BEE3E-4FE1-49D2-B570-E15F7D0EFE5A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{28846CC9-6CB3-442F-9C6C-94DDB6AEA742} folder moved successfully.
C:\Users\Drackle\AppData\Local\{28D8FBF9-DF28-44FF-A1FC-8D1263803A2B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{29E63745-1B0B-48F7-9B9A-135DB35C5481} folder moved successfully.
C:\Users\Drackle\AppData\Local\{29F5780D-0EE3-4122-8CD7-C9567DCAB6BC} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2A06BC95-1C87-4A43-8810-189919E5D7BF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2A9C83E6-2CC9-44E0-B96B-9041908071D9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2B0E8429-EFCE-497D-B3E3-70E922FBF3E7} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2BAC0407-D30B-4D5C-85FF-CCC4279D3E57} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2D1B718A-1F36-49CD-A227-F4CE31909771} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2D9C9C41-0C96-4AA8-A5B7-AB543D1F1835} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2DA63B5C-B661-4BE3-92F4-CBC56F2954C8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{2E1231CD-2C75-4727-B13C-6426131C955F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{319662A2-8068-4413-938B-130069F2EE72} folder moved successfully.
C:\Users\Drackle\AppData\Local\{31F4C81B-77D2-45C6-BE55-F684C93A6931} folder moved successfully.
C:\Users\Drackle\AppData\Local\{329C983F-8552-4E6B-9A00-55AF679C9A16} folder moved successfully.
C:\Users\Drackle\AppData\Local\{32CDD249-4BA2-43B6-8E1A-20A7E9728F4F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{32F9B513-AAC4-4D6E-93A6-C0E73D124B5A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{345657ED-4023-4C58-867D-50652B0EA85C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{35CEB211-4F9D-49D9-8219-7627589709A9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{366AF2DC-954E-4C6D-9ADF-51D9FEC8BA3C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{371572BE-18EC-4CD7-82DB-C8707B0227E3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3730E4BC-1A98-420D-9B7F-E3AD3C880DC9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{38DF2939-0560-4617-AF5D-3180C1F521BF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{398AFEB6-365F-4983-8A88-979FB38F6B22} folder moved successfully.
C:\Users\Drackle\AppData\Local\{39E4DCF6-0AFA-447C-BD66-1E34B03781EC} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3AF9EAE6-FBBB-4F38-809A-1A0806D7D4D1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3B11D1D2-8141-4AA8-879E-7A6EB6A5B0C5} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3BEB4B2F-7F76-447F-99E8-2AB583C9BA30} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3CE684A9-AB18-48EB-9257-34D76100EAC7} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3E16B3C3-B8F1-415C-A19A-52BF2EDEFD64} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3E29441C-B0FA-4AF1-A01A-30A8FEC7A00B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3E69056A-6631-452F-A68E-8C4F8F42A8CF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3E968241-0BD9-440A-9FBF-40018836C903} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3F243EFD-A131-4125-A9AF-E25EB9E53B7A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{3F2B93C4-BBAE-4B21-9355-B2A2277ABC9D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{403CFAAD-E870-432C-84FE-D094BC09CB9A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{414133A6-C49F-4D1F-88E3-2209CF7E0A17} folder moved successfully.
C:\Users\Drackle\AppData\Local\{422CB0BF-2AEE-42D3-84EF-4914ABD4190D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{42A56059-B8F1-452A-985A-51CF7F55A0F5} folder moved successfully.
C:\Users\Drackle\AppData\Local\{456C5EF4-F042-4B4D-A729-0DFA745B9059} folder moved successfully.
C:\Users\Drackle\AppData\Local\{46F44591-D437-4D60-97EE-35A713BAB3A8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{4704ED04-BC0F-4AC1-B07D-9BCB93145A11} folder moved successfully.
C:\Users\Drackle\AppData\Local\{47449F71-0B14-45CB-8F7C-D83DB1B863EB} folder moved successfully.
C:\Users\Drackle\AppData\Local\{482B636B-7BF6-418A-B3FC-EB3EDDA13BDE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{48B82FE8-5480-40C6-B8C4-0C28956ACF10} folder moved successfully.
C:\Users\Drackle\AppData\Local\{498981E9-398D-4011-BA50-1E1AE79EE7B4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{49E50F31-7348-4B93-9996-0A365574517D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{4AD1503D-B5F1-40FC-95EB-DDDAFDB10A4E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{4F648ADE-13B6-4324-ABBE-A09B0555A3C4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{4F818ACA-94E9-4D99-AF09-C7B8587BA9E0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{509E85D4-8376-4CAF-A473-166C1FDC1414} folder moved successfully.
C:\Users\Drackle\AppData\Local\{50B51285-59F1-4618-8CA0-302953EF0233} folder moved successfully.
C:\Users\Drackle\AppData\Local\{51957A71-11ED-47A9-952D-7E60071E3C29} folder moved successfully.
C:\Users\Drackle\AppData\Local\{537800F5-606A-4472-961F-83C42C89B897} folder moved successfully.
C:\Users\Drackle\AppData\Local\{53E284D4-9ACB-402F-869A-F1C871C2B725} folder moved successfully.
C:\Users\Drackle\AppData\Local\{53F864F5-E405-4654-B531-AC6682737FED} folder moved successfully.
C:\Users\Drackle\AppData\Local\{55001E5F-1157-4AE2-8F0E-23AE15C9A459} folder moved successfully.
C:\Users\Drackle\AppData\Local\{550FDA81-0F08-445A-8957-E9E4F5D008C0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{551579C0-C0FC-4537-9F52-CC03D6BAA149} folder moved successfully.
C:\Users\Drackle\AppData\Local\{56C24B02-E388-4110-B4FD-812A9534768D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{56E89EFA-4C11-4AC1-AF5A-F9CA8812AF4E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{58D1CEF5-46D2-4040-B2F7-B6B4315A4121} folder moved successfully.
C:\Users\Drackle\AppData\Local\{58D8617C-3797-42BD-8593-02DE197B0287} folder moved successfully.
C:\Users\Drackle\AppData\Local\{595B7EEC-535A-46FD-8783-4C6C066F66CF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{5AE21D76-EB01-4F43-BB99-D834E894BCFF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{5AF96A0D-E8CA-4F8E-9C3F-44B23B773949} folder moved successfully.
C:\Users\Drackle\AppData\Local\{5BC1E45A-D7B9-4E5F-9A08-FEC3C3F784A0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{5C17F90C-D90B-46C0-8A8F-DFDDD11BB316} folder moved successfully.
C:\Users\Drackle\AppData\Local\{5DB64C41-DE01-4426-9417-506DB66CFA51} folder moved successfully.
C:\Users\Drackle\AppData\Local\{5E85AF65-7D7A-4E09-BC88-DAEE127DB5A8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{5ECEE303-9151-45D3-BF68-88EC95E79C23} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6162B868-6369-4240-91BD-D5A5CE265B20} folder moved successfully.
C:\Users\Drackle\AppData\Local\{61B95E38-A44D-4D6B-8F57-07B6CDC72877} folder moved successfully.
C:\Users\Drackle\AppData\Local\{61D274C2-4A16-417B-AFE0-1F103F5840B6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{622915B3-180F-4DD1-9DE9-911B7FC9C078} folder moved successfully.
C:\Users\Drackle\AppData\Local\{62899A3E-57D6-41F2-8767-648C6403106D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{655A589E-B267-4507-A6BB-08FD4C211400} folder moved successfully.
C:\Users\Drackle\AppData\Local\{65CBA0EE-5FB0-48E0-A919-C966539507F6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{673AA690-1363-42C7-B623-402734085E49} folder moved successfully.
C:\Users\Drackle\AppData\Local\{67D6BCB6-FB7E-49ED-89B8-5AD059ABB303} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6917E557-F72D-4FF4-9A1C-B7028D0293C1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{692A1BF2-B149-4C55-ABBB-33B1BD74653E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6967FCC0-ED08-43CC-B469-F39C418731D9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{699B8FFD-8EF7-453A-92CF-096AE6A80B90} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6A235BBB-6185-4476-A34A-CDF187B5D072} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6AE0CBD5-678C-410E-97E3-3D373DAB9590} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6B400522-39AD-4E0B-83FD-99075CC7A855} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6B5038E8-97A6-4AD1-A090-7BF66606CCCB} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6B5B28A4-841A-4566-92EB-B5CF77EBB426} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6B955021-0529-4625-9208-759BE3861E37} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6BA273B4-E448-4B91-B140-2216712D7AC4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6C1FD74D-3F15-4772-B173-A41AB14DE90D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6CBAE84C-D85B-4BEF-BD36-06BEBF2FE3E0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{6DB88413-1989-4E8A-9343-E42F7C9853A5} folder moved successfully.
C:\Users\Drackle\AppData\Local\{702CA248-9E5F-4C12-BEAE-1A8397B9B6F4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{713D435C-6601-442A-B90D-021CA6AB3F3E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{717F573E-D150-4033-A1BC-D040D668A7EC} folder moved successfully.
C:\Users\Drackle\AppData\Local\{7202554C-3924-4BD6-B844-DFD72011A5D8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{720F995E-EB86-408E-8E8E-AB8DB5D7C554} folder moved successfully.
C:\Users\Drackle\AppData\Local\{72FC59E3-842B-4903-B4CA-E49174FC09F0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{733A884D-CCB3-4220-95B7-4C3598FD9BA3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{75884F82-CAF8-4259-A35B-E239F6B668FF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{758E2088-A838-4A7B-AB61-ECC763486E10} folder moved successfully.
C:\Users\Drackle\AppData\Local\{76EAC377-8154-41F2-8A4D-F01DC665B9EA} folder moved successfully.
C:\Users\Drackle\AppData\Local\{783C8886-A71E-47BD-90ED-A9583F25D77D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{791CBBDF-933B-47BC-B07C-D4403C9F74BB} folder moved successfully.
C:\Users\Drackle\AppData\Local\{795A3796-CBF0-4C56-B9C3-39D2BA8E204E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{79650B5D-B92E-422B-AA74-7893F3A92D3E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{7A08CF8A-B578-48B4-9E57-5B1F5C06893E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{7AEC43C5-81FF-49C9-8387-341C8545D042} folder moved successfully.
C:\Users\Drackle\AppData\Local\{7C25E23A-0AEE-42BA-986A-D35C2FE61F10} folder moved successfully.
C:\Users\Drackle\AppData\Local\{7DC14281-5B6D-4E4D-B592-CA9C4EBE56E1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{7DF069F2-2D85-4494-8AD0-5C5A21235120} folder moved successfully.
C:\Users\Drackle\AppData\Local\{7E53A380-A009-4DDB-BFC7-088CEF1D99A3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{7FCD5287-F623-4776-9E54-FD13F0C755E3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8017DB35-21D3-4964-A01C-A6DB3080BB3C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{802FB744-74A4-462F-B3B7-FD8D4B646563} folder moved successfully.
C:\Users\Drackle\AppData\Local\{808FBE51-CA76-471B-A280-942AF77A15B3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{811BDEC9-100A-48C7-8AA0-A7E79CF0D1F2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8299DA49-49EC-49AF-AF72-5764794FA4D4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{829AF560-758D-452F-B8EF-7570F25465D8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{829D0986-A8F1-4C9E-A933-EA6E9F7E4814} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8347B0B3-A37F-469E-A6E8-C5B66381F544} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8406783D-9ED6-449E-A17B-59A095BF0896} folder moved successfully.
C:\Users\Drackle\AppData\Local\{84C1DE4B-39AC-4109-87E4-6FF43A904390} folder moved successfully.
C:\Users\Drackle\AppData\Local\{879D2142-3A91-467C-8DD0-149466FB5F3C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{87FADF98-B3CB-41A6-B55E-28C1F20C875F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{889C26D7-D607-4BB3-BD54-167B835C9690} folder moved successfully.
C:\Users\Drackle\AppData\Local\{88B767A9-252F-4F10-B0CD-450F11C3D4E2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{88DF6B5E-0539-4241-8A00-AB6D16C72FD6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{89080BB6-C007-4AB5-BEAC-E2B01C48A729} folder moved successfully.
C:\Users\Drackle\AppData\Local\{89366596-0126-44EB-A258-300A98564FC9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8947007E-F117-41A1-BC0A-428AD0205241} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8A0AB8B4-8F45-49C0-A05C-89F09CE91085} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8AB11284-6814-4426-A17D-F168E086B224} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8AFA57CA-B544-4375-BBE2-B7B456FA2B0F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8B09549B-EDA9-419F-9C0D-4C60D1DE56A0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8BC71443-F19B-45A1-B8E4-952D6E2CAF48} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8C2CFC0E-5CF9-4AF3-8B91-3986E346D2EE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8C3C88C0-1CB7-4D6C-9E15-490BFA9E38C3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8C55E1AC-D089-4555-93D4-010F3CF739A6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8D086FF0-3FED-42AB-9466-DEB0147FA37B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8E14BB06-F9E5-4484-A385-F9A8909074FD} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8E18F88A-4D4F-4880-B3D3-C789546DA3BB} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8E5818BA-76FE-47E8-919E-A3FE35E6F1B1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8EBDE8F1-4B9F-48CA-8B3D-C6CAC98FADBE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{8EE5E29F-461E-4AF2-8A83-5D35916FD120} folder moved successfully.
C:\Users\Drackle\AppData\Local\{914DA389-F035-4D30-935D-103CB5E024FE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{916291F0-2930-4399-83AD-297D2BCECAF8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{921530DE-197C-4F49-87CF-F6D2C9F969DD} folder moved successfully.
C:\Users\Drackle\AppData\Local\{92B2B0DD-0210-46A7-BD4A-FF5619469126} folder moved successfully.
C:\Users\Drackle\AppData\Local\{92D72755-85AD-4DEA-8952-76E2E06F6F31} folder moved successfully.
C:\Users\Drackle\AppData\Local\{93B9DAEE-7A22-4965-9F57-A57F18DBCEF7} folder moved successfully.
C:\Users\Drackle\AppData\Local\{94B3F36A-FB65-43A2-BD41-2F085DDB8A2C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{94C61EE5-2618-42B9-B88A-FBF1F1EB3644} folder moved successfully.
C:\Users\Drackle\AppData\Local\{94E191ED-FB66-4E5F-BF84-7CCBAA614808} folder moved successfully.
C:\Users\Drackle\AppData\Local\{952DF34B-8C86-48D0-9B31-0877BF6A6C18} folder moved successfully.
C:\Users\Drackle\AppData\Local\{972B1177-AAB2-44E2-B442-AB067FFC025D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{9895217B-014C-4518-856F-83B28404DB5E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{99956705-A229-4381-8B05-559F01D5734E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{9C42E072-FF07-4980-B2DB-44AD012C27AE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{9DD935DA-D827-40A5-B026-847896AECBCB} folder moved successfully.
C:\Users\Drackle\AppData\Local\{9EACE4FB-AA8B-4D5C-AFAD-88CC02ACB591} folder moved successfully.
C:\Users\Drackle\AppData\Local\{9EBA34D1-D1AC-4A51-BF31-045636E0F544} folder moved successfully.
C:\Users\Drackle\AppData\Local\{9EC2EC0D-99D1-4393-9885-DB9E80428656} folder moved successfully.
C:\Users\Drackle\AppData\Local\{9FCADED9-C86C-4E0F-AAA1-184D2A22A147} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A03FECEF-9EE3-4F08-9B9E-F636825E7E98} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A0DB37EA-85A6-412B-84DF-A84DBE659B7C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A1B9D822-CF93-4224-B8D9-4BD51567968C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A3B7A4F5-B6CC-4202-88C1-06B1D4EE3D40} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A44C55AC-5B0A-4AB2-9B6E-AA994062DF31} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A49A2B9D-115A-434A-8299-9A94D31D0A1B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A5591BFD-E7E4-4704-A59D-8273E464BACC} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A55CAEB0-333B-4C5A-8139-51403C4737B1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A5C4CF2F-5A5B-4970-AB8C-68FAED1ACB0F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A6963F01-6DE2-4B34-8EE4-A13B3E19384F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A76C7AB7-7713-4AA5-BB78-512976C8F717} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A78752CA-12B4-4C66-B7FA-858968C62EA1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A7915D61-C8E1-40C4-A3EB-20DF9786A20E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{A8EBA907-7DAD-4400-82C1-EC2693BF5164} folder moved successfully.
C:\Users\Drackle\AppData\Local\{AAB51CC6-E4C1-4853-A52C-BA64D0666A95} folder moved successfully.
C:\Users\Drackle\AppData\Local\{AB5D430E-4F3F-4420-B28D-7ADB20E29F18} folder moved successfully.
C:\Users\Drackle\AppData\Local\{AC6F7103-C9C4-4B93-B399-9FE6B4782304} folder moved successfully.
C:\Users\Drackle\AppData\Local\{AC84F79C-0D72-4F2C-AE1E-428B86ACA24A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{AD08F2C6-BF8C-41D2-B3C4-5CB55BCE2DDD} folder moved successfully.
C:\Users\Drackle\AppData\Local\{AD1C076F-903D-4448-B062-4141A3BDC0EA} folder moved successfully.
C:\Users\Drackle\AppData\Local\{AD8D28C9-3CD7-4E5E-8562-FCDACF59C68A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{ADD63604-D6AE-4A70-827F-B6EC932EFB38} folder moved successfully.
C:\Users\Drackle\AppData\Local\{AF709DCD-DEB1-417B-80EF-64C34833A6F9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B1F79E55-D01C-4E5C-A1E5-B8EA80AC9DA4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B227E3ED-2D7F-42E2-898F-13A5656A1940} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B29DDA34-57B7-4433-9514-A94FF6180A28} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B48BC962-4176-442B-9A6F-3E0C11E53489} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B4B6DFDF-0CE2-48E5-98F5-C4D07CAA039A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B54F55BD-398A-4350-9F6C-01F2B551AFF2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B5570C3B-F66F-4452-B1D9-11FE57142FD6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B6683433-B251-42B8-B6AD-E0EB88331E36} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B6A20C5D-4ABA-43F1-A886-AE7305F8551E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B89DF1BE-17B2-471C-8211-44AAAFF77FE3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B9288E51-EBBD-40D6-9DB3-6572701D742F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B99EE0B3-6982-4F41-9861-78B921B60D28} folder moved successfully.
C:\Users\Drackle\AppData\Local\{B9C57297-5C2F-4DE6-9743-71CC509BA71C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{BABB3082-A071-4746-827B-4C085F185E34} folder moved successfully.
C:\Users\Drackle\AppData\Local\{BB6DE650-F6EA-44C7-8B15-AF59EB10CD09} folder moved successfully.
C:\Users\Drackle\AppData\Local\{BC341D7E-1B4D-483E-9B75-9F9AA759210E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{BDE46023-9CAE-45AE-BD54-3C30DAA6220F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{BEBA35CB-B10F-4456-879E-DB4FB0687945} folder moved successfully.
C:\Users\Drackle\AppData\Local\{BF1D6EFA-F030-41EE-88BD-C4A38547A80C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{BF29BB8B-15BD-45DD-AA92-76B2E94560A0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C03D23C2-81A2-4749-A838-BF9A4B7D1716} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C131E5EE-A5CF-46AE-8A2B-514488495662} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C28F4111-5D77-46CB-8A93-BB8DEC8A46B7} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C2C28406-FFD0-4E1A-AD7C-43350928CC4F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C2DBEAEA-4F30-453D-89F8-63EA7227C343} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C7E1C5A3-5ADE-41D3-BE72-8C602B6E9AC5} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C815978E-9D50-43AC-9B76-584EB52B82D9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C872EB26-A8C4-4CFE-861F-5764649864EC} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C901E0D8-95B1-4D07-BD0C-88F1972C4A6B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C97AC4DB-BAB9-45B6-B553-48C6AFDFF9BE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{C9BDD5B1-BB1E-4178-9811-69E9F230AEA9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{CA75D47D-C46C-44B3-9183-05CCF7D4C388} folder moved successfully.
C:\Users\Drackle\AppData\Local\{CB480F4D-6EC9-460D-AE9E-12A7526144A3} folder moved successfully.
C:\Users\Drackle\AppData\Local\{CB9CAA37-4475-479B-AC2A-8D94C61A81A8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{CBE74EEC-9D1E-40EC-A79C-06B1416027EB} folder moved successfully.
C:\Users\Drackle\AppData\Local\{CC3D341D-CE50-4EB0-8D9B-03D5109C5224} folder moved successfully.
C:\Users\Drackle\AppData\Local\{CD77CB12-9745-4926-8FA3-C94E66DDC14B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{CDE1FD38-A024-4B27-B062-99AEE3C4064B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D0227602-0978-4729-816A-97253140ECC2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D119ECC6-5809-4818-B599-2E8CB684603F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D2047A79-B00D-4FBE-AA38-1D9F076A3C6E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D27B0B13-3CC2-4362-9EFD-F79F88F141A5} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D2E12006-9C7C-4850-BD9F-EA706AA94307} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D34A7561-D66B-49FA-A3AE-F278C6DD0BE5} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D3751653-BFEB-4AF5-BB55-A7083929A305} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D3CCB87F-D1F1-42E2-A8CB-D3018C5ED048} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D40C8494-C8E0-4378-8830-7295E9E7C6B6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D4D833E1-9001-485C-B480-AB1058641E8E} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D5564585-1FFC-47B2-9F1B-9AE51E50E5E8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D6031BF7-8BE1-4D70-9C2D-85334F18F781} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D6863502-4FD2-4C70-B841-3ED4583C7BF9} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D75C8C8D-FD36-40A0-8A07-9F644E03FD92} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D8F5964D-6331-48B4-89FA-6263AE7E822A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D9291280-D4D9-4D72-B9AE-A27B56969277} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D9E006B2-97D1-4EEB-BBC1-8D0DF552B873} folder moved successfully.
C:\Users\Drackle\AppData\Local\{D9F06F86-DD09-4A5A-A225-D1021C884AEE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DA58E13D-68B2-443F-9263-17C045E7A102} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DBC8F68E-574A-4487-A3D4-CA9FC7478C5B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DC31C338-DC6D-4768-BE07-3D9A8BCC7E45} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DC72F648-36E2-4B43-9C65-E96B2530FB92} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DC76F9D8-C940-494D-B007-6EEA94D63F8B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DD1D21A3-E2FB-40DA-A017-EB00B9006C40} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DE347E6A-FD49-4502-B38A-0D988EC49B32} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DF34CB8F-52D0-483A-BAD2-BB093CE2C3F1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DF49AEF7-216A-4E9A-9417-A409C41BF7E1} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DF85F6B7-C4FF-4E00-B731-D15FF280EAA6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{DFB83556-38F8-494D-A47D-65198B806F9D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E0272BB2-8004-47AC-9FEE-BB1ACDA0F4F8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E08AE0CF-D52A-405A-9F9A-47F75E693FDE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E0AC69B8-DAEF-49D1-A6C9-A9AC4AE8063D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E0C3D22E-72A7-4561-ACF0-114600E1B293} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E147860A-2C3A-4DB3-95F5-BC8AA9E6FB86} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E182265B-AD51-4EC3-96CF-5C94C75E04EB} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E28F7749-518B-48C3-84C0-9A08E2E37C0F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E35FF10C-0F22-4B28-AD4F-879D8A046304} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E3C82B35-2758-4936-873A-7625DAE84AD6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E3F020BC-D734-4FD1-9BD2-BF38F9D345AA} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E47A16B0-9E4C-43B9-8EBF-F2488FE02F6B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E5191B9C-F450-4F99-BC67-E362D799FB99} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E570EBA9-209C-4E4E-B2CC-EF84520CC897} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E5B83417-CBA6-426E-A13D-3D6FB6EA1D7B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E5ED6188-2BFA-4D1E-975A-44293D78E74B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E60229E0-CF3A-492F-A47D-FC619144467B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E7348C15-91DF-46B1-A4E9-71E4FFB624DA} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E77EC947-8C3C-43F8-8392-547B47A9B9D2} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E785DA53-D21F-4345-A4DD-B7F8F667C099} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E9773330-50CB-43DB-B19C-73A78CBE6006} folder moved successfully.
C:\Users\Drackle\AppData\Local\{E9F7A4C1-3578-433E-B4B9-A22C16961774} folder moved successfully.
C:\Users\Drackle\AppData\Local\{EAF968DF-E394-432A-A7F8-35AEA7028626} folder moved successfully.
C:\Users\Drackle\AppData\Local\{EB224D1E-F4EB-4F6D-95D6-29A2472974EF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{EBA266E6-6705-4907-ABB4-322A13BEB21A} folder moved successfully.
C:\Users\Drackle\AppData\Local\{EBFD1188-B637-4CD7-B7BF-B1B112672EDF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{EC82E034-5B9C-4368-BA96-442B0D3A9F0D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{ECBD9C9A-E921-41FE-8E56-12EF2762869C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{EE7FFF22-183A-4477-AA84-BB74CB34CE16} folder moved successfully.
C:\Users\Drackle\AppData\Local\{EFEECC80-97D8-4D35-8105-63FBF5C46A4D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F022020E-0FAD-4ADB-A46E-2295BEB49A13} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F0538D98-A8CC-4676-BDA7-43D6F7D62B4D} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F06452E0-0B94-48A5-B669-D6D2E061ABAC} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F113D474-1E9A-4AD3-BA65-F8A09C15F23B} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F11F965C-1564-433A-9A37-F8AA3BC9A3AD} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F27529D2-7A88-405B-BE86-7BECD3F4BAF8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F337B695-58DD-4D1B-8D4B-AB2CA7A303A0} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F3C8B7A4-C361-4A7B-B6D8-2A6B65CCA16F} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F415729A-2132-4B47-9935-46806682BC73} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F416F11D-26FC-41F3-8B8B-67235F2578F4} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F531D6FF-E1BE-41EA-8516-3476C05ED630} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F56E44E1-A404-4FC9-8D05-663C8861F344} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F661495D-9C8F-461F-BAFB-C1AA5581AF60} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F674EA3A-497B-4288-8D48-28C7A57A8E57} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F6A73800-255B-40FC-8BF5-069BD298228C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F743A6A5-B7A2-4AC7-8EF3-08F6A4060DDE} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F77FAA2F-006F-460F-8530-0981D8C26892} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F7FEADB8-9D1A-4F48-BF59-8FF6739EF11C} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F8DDA741-0D2B-419E-80C5-3C9314D8C258} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F8F68AC5-D10F-4053-A750-B23E7A1A56BF} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F90659C6-7864-4D2A-8A75-32FA900AD8A6} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F978BDDD-4B39-4089-82E0-2B74C6774693} folder moved successfully.
C:\Users\Drackle\AppData\Local\{F9E23C7D-ECEE-4B3A-9A00-B3E4662AE983} folder moved successfully.
C:\Users\Drackle\AppData\Local\{FA1D7759-6125-4546-98E1-37DC7AADB8A8} folder moved successfully.
C:\Users\Drackle\AppData\Local\{FA885EF6-8614-47FE-BFF8-29F17EF91CFC} folder moved successfully.
C:\Users\Drackle\AppData\Local\{FAC61E4B-C38E-492C-841E-A6D064CBB800} folder moved successfully.
C:\Users\Drackle\AppData\Local\{FD733913-664A-42A1-9455-C79AAFEC0C80} folder moved successfully.
C:\Users\Drackle\AppData\Local\{FF63CEE6-7C08-4C57-BD2F-F7B2B8B71B56} folder moved successfully.
C:\Users\Drackle\AppData\Local\{FFD85B42-63D4-42FD-9800-9541FDABBD19} folder moved successfully.
C:\Users\Drackle\AppData\Roaming\Ruib folder moved successfully.
C:\Users\Drackle\AppData\Roaming\Quxomy folder moved successfully.
C:\Users\Drackle\AppData\Roaming\Oqogyx folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Drackle\Downloads\cmd.bat deleted successfully.
C:\Users\Drackle\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Drackle
->Temp folder emptied: 108899295 bytes
->Temporary Internet Files folder emptied: 284084887 bytes
->FireFox cache emptied: 101991895 bytes
->Flash cache emptied: 976 bytes
User: Journal
User: Public
User: RegBack
User: systemprofile
User: TxR
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 290364235 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 146242536 bytes
Total Files Cleaned = 888.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.69.0 log created on 10072012_095428
Files\Folders moved on Reboot...
C:\Users\Drackle\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
07.10.2012, 09:22
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PWS:Win32/Zbot Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
07.10.2012, 09:35
| #19 |
| | PWS:Win32/ZbotCode:
ATTFilter 10:31:35.0392 2808 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
10:31:35.0559 2808 ============================================================
10:31:35.0559 2808 Current date / time: 2012/10/07 10:31:35.0559
10:31:35.0559 2808 SystemInfo:
10:31:35.0559 2808
10:31:35.0560 2808 OS Version: 6.1.7601 ServicePack: 1.0
10:31:35.0560 2808 Product type: Workstation
10:31:35.0560 2808 ComputerName: DRACKLE-PC
10:31:35.0560 2808 UserName: Drackle
10:31:35.0560 2808 Windows directory: C:\Windows
10:31:35.0560 2808 System windows directory: C:\Windows
10:31:35.0560 2808 Running under WOW64
10:31:35.0560 2808 Processor architecture: Intel x64
10:31:35.0560 2808 Number of processors: 2
10:31:35.0560 2808 Page size: 0x1000
10:31:35.0560 2808 Boot type: Normal boot
10:31:35.0560 2808 ============================================================
10:31:36.0280 2808 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:31:36.0288 2808 ============================================================
10:31:36.0288 2808 \Device\Harddisk0\DR0:
10:31:36.0288 2808 MBR partitions:
10:31:36.0288 2808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x401000, BlocksNum 0x22600800
10:31:36.0288 2808 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x22A01800, BlocksNum 0x2A2C800
10:31:36.0288 2808 ============================================================
10:31:36.0318 2808 C: <-> \Device\Harddisk0\DR0\Partition1
10:31:36.0378 2808 D: <-> \Device\Harddisk0\DR0\Partition2
10:31:36.0378 2808 ============================================================
10:31:36.0378 2808 Initialize success
10:31:36.0378 2808 ============================================================
10:32:18.0585 0692 ============================================================
10:32:18.0585 0692 Scan started
10:32:18.0585 0692 Mode: Manual; SigCheck; TDLFS;
10:32:18.0585 0692 ============================================================
10:32:18.0897 0692 ================ Scan system memory ========================
10:32:18.0897 0692 System memory - ok
10:32:18.0898 0692 ================ Scan services =============================
10:32:19.0182 0692 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:32:19.0345 0692 1394ohci - ok
10:32:19.0373 0692 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:32:19.0411 0692 ACPI - ok
10:32:19.0447 0692 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:32:19.0531 0692 AcpiPmi - ok
10:32:19.0686 0692 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:32:19.0713 0692 AdobeFlashPlayerUpdateSvc - ok
10:32:19.0759 0692 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:32:19.0804 0692 adp94xx - ok
10:32:19.0835 0692 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:32:19.0872 0692 adpahci - ok
10:32:19.0893 0692 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:32:19.0923 0692 adpu320 - ok
10:32:19.0954 0692 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:32:20.0170 0692 AeLookupSvc - ok
10:32:20.0233 0692 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:32:20.0311 0692 AFD - ok
10:32:20.0358 0692 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:32:20.0383 0692 agp440 - ok
10:32:20.0414 0692 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:32:20.0468 0692 ALG - ok
10:32:20.0497 0692 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:32:20.0520 0692 aliide - ok
10:32:20.0537 0692 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:32:20.0559 0692 amdide - ok
10:32:20.0587 0692 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:32:20.0642 0692 AmdK8 - ok
10:32:20.0662 0692 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:32:20.0697 0692 AmdPPM - ok
10:32:20.0732 0692 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:32:20.0759 0692 amdsata - ok
10:32:20.0805 0692 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:32:20.0836 0692 amdsbs - ok
10:32:20.0850 0692 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:32:20.0872 0692 amdxata - ok
10:32:20.0920 0692 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:32:21.0123 0692 AppID - ok
10:32:21.0151 0692 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:32:21.0265 0692 AppIDSvc - ok
10:32:21.0273 0692 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:32:21.0365 0692 Appinfo - ok
10:32:21.0399 0692 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:32:21.0426 0692 arc - ok
10:32:21.0448 0692 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:32:21.0474 0692 arcsas - ok
10:32:21.0634 0692 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:32:21.0655 0692 aspnet_state - ok
10:32:21.0693 0692 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:32:21.0806 0692 AsyncMac - ok
10:32:21.0838 0692 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:32:21.0862 0692 atapi - ok
10:32:21.0930 0692 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:32:22.0058 0692 athr - ok
10:32:22.0112 0692 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:32:22.0237 0692 AudioEndpointBuilder - ok
10:32:22.0253 0692 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:32:22.0354 0692 AudioSrv - ok
10:32:22.0393 0692 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:32:22.0495 0692 AxInstSV - ok
10:32:22.0526 0692 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:32:22.0573 0692 b06bdrv - ok
10:32:22.0635 0692 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:32:22.0694 0692 b57nd60a - ok
10:32:22.0721 0692 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:32:22.0756 0692 BDESVC - ok
10:32:22.0775 0692 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:32:22.0876 0692 Beep - ok
10:32:22.0916 0692 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:32:23.0044 0692 BFE - ok
10:32:23.0097 0692 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:32:23.0240 0692 BITS - ok
10:32:23.0278 0692 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:32:23.0331 0692 blbdrive - ok
10:32:23.0377 0692 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:32:23.0437 0692 bowser - ok
10:32:23.0479 0692 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:32:23.0511 0692 BrFiltLo - ok
10:32:23.0533 0692 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:32:23.0577 0692 BrFiltUp - ok
10:32:23.0624 0692 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:32:23.0663 0692 Browser - ok
10:32:23.0685 0692 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:32:23.0724 0692 Brserid - ok
10:32:23.0744 0692 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:32:23.0792 0692 BrSerWdm - ok
10:32:23.0833 0692 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:32:23.0880 0692 BrUsbMdm - ok
10:32:23.0900 0692 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:32:23.0935 0692 BrUsbSer - ok
10:32:23.0986 0692 [ A47F2FB394CAD4A03878EE5C1670FFA1 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
10:32:24.0004 0692 BthAvrcp - ok
10:32:24.0070 0692 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:32:24.0124 0692 BthEnum - ok
10:32:24.0159 0692 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:32:24.0193 0692 BTHMODEM - ok
10:32:24.0229 0692 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:32:24.0276 0692 BthPan - ok
10:32:24.0323 0692 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:32:24.0384 0692 BTHPORT - ok
10:32:24.0430 0692 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:32:24.0520 0692 bthserv - ok
10:32:24.0541 0692 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:32:24.0595 0692 BTHUSB - ok
10:32:24.0633 0692 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:32:24.0723 0692 cdfs - ok
10:32:24.0763 0692 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:32:24.0800 0692 cdrom - ok
10:32:24.0846 0692 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:32:24.0957 0692 CertPropSvc - ok
10:32:25.0005 0692 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
10:32:25.0047 0692 circlass - ok
10:32:25.0071 0692 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:32:25.0110 0692 CLFS - ok
10:32:25.0185 0692 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:32:25.0207 0692 clr_optimization_v2.0.50727_32 - ok
10:32:25.0250 0692 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:32:25.0272 0692 clr_optimization_v2.0.50727_64 - ok
10:32:25.0352 0692 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:32:25.0373 0692 clr_optimization_v4.0.30319_32 - ok
10:32:25.0395 0692 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:32:25.0416 0692 clr_optimization_v4.0.30319_64 - ok
10:32:25.0454 0692 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:32:25.0488 0692 CmBatt - ok
10:32:25.0507 0692 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:32:25.0531 0692 cmdide - ok
10:32:25.0573 0692 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:32:25.0627 0692 CNG - ok
10:32:25.0649 0692 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:32:25.0674 0692 Compbatt - ok
10:32:25.0717 0692 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:32:25.0760 0692 CompositeBus - ok
10:32:25.0781 0692 COMSysApp - ok
10:32:25.0817 0692 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:32:25.0840 0692 crcdisk - ok
10:32:25.0896 0692 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:32:25.0943 0692 CryptSvc - ok
10:32:25.0999 0692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:32:26.0118 0692 DcomLaunch - ok
10:32:26.0157 0692 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:32:26.0267 0692 defragsvc - ok
10:32:26.0295 0692 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:32:26.0394 0692 DfsC - ok
10:32:26.0437 0692 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:32:26.0549 0692 Dhcp - ok
10:32:26.0569 0692 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:32:26.0685 0692 discache - ok
10:32:26.0730 0692 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:32:26.0755 0692 Disk - ok
10:32:26.0782 0692 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:32:26.0821 0692 Dnscache - ok
10:32:26.0878 0692 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:32:26.0987 0692 dot3svc - ok
10:32:26.0996 0692 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:32:27.0109 0692 DPS - ok
10:32:27.0149 0692 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:32:27.0195 0692 drmkaud - ok
10:32:27.0238 0692 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:32:27.0320 0692 DXGKrnl - ok
10:32:27.0368 0692 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:32:27.0473 0692 EapHost - ok
10:32:27.0578 0692 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:32:27.0741 0692 ebdrv - ok
10:32:27.0784 0692 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:32:27.0808 0692 EFS - ok
10:32:27.0868 0692 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:32:27.0925 0692 ehRecvr - ok
10:32:27.0958 0692 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:32:28.0018 0692 ehSched - ok
10:32:28.0057 0692 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:32:28.0102 0692 elxstor - ok
10:32:28.0127 0692 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:32:28.0168 0692 ErrDev - ok
10:32:28.0224 0692 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:32:28.0337 0692 EventSystem - ok
10:32:28.0356 0692 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:32:28.0466 0692 exfat - ok
10:32:28.0499 0692 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:32:28.0611 0692 fastfat - ok
10:32:28.0656 0692 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:32:28.0731 0692 Fax - ok
10:32:28.0757 0692 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:32:28.0793 0692 fdc - ok
10:32:28.0810 0692 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:32:28.0916 0692 fdPHost - ok
10:32:28.0942 0692 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:32:29.0040 0692 FDResPub - ok
10:32:29.0074 0692 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:32:29.0099 0692 FileInfo - ok
10:32:29.0116 0692 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:32:29.0228 0692 Filetrace - ok
10:32:29.0267 0692 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:32:29.0293 0692 flpydisk - ok
10:32:29.0312 0692 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:32:29.0346 0692 FltMgr - ok
10:32:29.0407 0692 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:32:29.0491 0692 FontCache - ok
10:32:29.0555 0692 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:32:29.0572 0692 FontCache3.0.0.0 - ok
10:32:29.0608 0692 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:32:29.0633 0692 FsDepends - ok
10:32:29.0664 0692 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:32:29.0688 0692 Fs_Rec - ok
10:32:29.0715 0692 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1 C:\Windows\system32\DRIVERS\FUJ02B1.sys
10:32:29.0740 0692 FUJ02B1 - ok
10:32:29.0747 0692 [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3 C:\Windows\system32\DRIVERS\FUJ02E3.sys
10:32:29.0789 0692 FUJ02E3 - ok
10:32:29.0827 0692 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:32:29.0864 0692 fvevol - ok
10:32:29.0899 0692 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:32:29.0924 0692 gagp30kx - ok
10:32:29.0977 0692 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:32:30.0122 0692 gpsvc - ok
10:32:30.0215 0692 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:32:30.0234 0692 gupdate - ok
10:32:30.0271 0692 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:32:30.0290 0692 gupdatem - ok
10:32:30.0346 0692 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:32:30.0371 0692 gusvc - ok
10:32:30.0397 0692 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:32:30.0435 0692 hcw85cir - ok
10:32:30.0479 0692 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:32:30.0533 0692 HdAudAddService - ok
10:32:30.0578 0692 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:32:30.0613 0692 HDAudBus - ok
10:32:30.0649 0692 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:32:30.0678 0692 HECIx64 - ok
10:32:30.0708 0692 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:32:30.0744 0692 HidBatt - ok
10:32:30.0758 0692 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:32:30.0808 0692 HidBth - ok
10:32:30.0839 0692 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:32:30.0872 0692 HidIr - ok
10:32:30.0904 0692 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:32:31.0007 0692 hidserv - ok
10:32:31.0057 0692 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:32:31.0082 0692 HidUsb - ok
10:32:31.0097 0692 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:32:31.0195 0692 hkmsvc - ok
10:32:31.0206 0692 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:32:31.0256 0692 HomeGroupListener - ok
10:32:31.0298 0692 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:32:31.0343 0692 HomeGroupProvider - ok
10:32:31.0400 0692 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:32:31.0425 0692 HpSAMD - ok
10:32:31.0469 0692 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:32:31.0580 0692 HTTP - ok
10:32:31.0600 0692 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:32:31.0623 0692 hwpolicy - ok
10:32:31.0699 0692 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:32:31.0726 0692 i8042prt - ok
10:32:31.0768 0692 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:32:31.0805 0692 iaStor - ok
10:32:31.0824 0692 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:32:31.0863 0692 iaStorV - ok
10:32:31.0925 0692 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:32:31.0996 0692 idsvc - ok
10:32:32.0210 0692 [ 8E509DE232CFA4F8A5B34F01802F500E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:32:32.0566 0692 igfx - ok
10:32:32.0601 0692 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:32:32.0625 0692 iirsp - ok
10:32:32.0671 0692 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:32:32.0819 0692 IKEEXT - ok
10:32:32.0852 0692 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
10:32:32.0907 0692 Impcd - ok
10:32:33.0022 0692 [ 42943BB3AB7A405B30EFF7C8283CC129 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:32:33.0150 0692 IntcAzAudAddService - ok
10:32:33.0212 0692 [ D248AAE81C156C0D47A77CD61BC24CD4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:32:33.0267 0692 IntcDAud - ok
10:32:33.0302 0692 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:32:33.0324 0692 intelide - ok
10:32:33.0352 0692 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:32:33.0387 0692 intelppm - ok
10:32:33.0409 0692 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:32:33.0513 0692 IPBusEnum - ok
10:32:33.0551 0692 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:32:33.0638 0692 IpFilterDriver - ok
10:32:33.0654 0692 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:32:33.0788 0692 iphlpsvc - ok
10:32:33.0818 0692 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:32:33.0845 0692 IPMIDRV - ok
10:32:33.0862 0692 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:32:33.0967 0692 IPNAT - ok
10:32:34.0000 0692 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:32:34.0039 0692 IRENUM - ok
10:32:34.0052 0692 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:32:34.0075 0692 isapnp - ok
10:32:34.0099 0692 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:32:34.0133 0692 iScsiPrt - ok
10:32:34.0162 0692 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:32:34.0187 0692 kbdclass - ok
10:32:34.0222 0692 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:32:34.0267 0692 kbdhid - ok
10:32:34.0283 0692 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:32:34.0307 0692 KeyIso - ok
10:32:34.0349 0692 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:32:34.0374 0692 KSecDD - ok
10:32:34.0395 0692 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:32:34.0424 0692 KSecPkg - ok
10:32:34.0450 0692 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:32:34.0549 0692 ksthunk - ok
10:32:34.0584 0692 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:32:34.0692 0692 KtmRm - ok
10:32:34.0744 0692 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:32:34.0849 0692 LanmanServer - ok
10:32:34.0900 0692 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:32:35.0010 0692 LanmanWorkstation - ok
10:32:35.0065 0692 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:32:35.0155 0692 lltdio - ok
10:32:35.0185 0692 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:32:35.0295 0692 lltdsvc - ok
10:32:35.0311 0692 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:32:35.0401 0692 lmhosts - ok
10:32:35.0487 0692 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:32:35.0509 0692 LMS ( UnsignedFile.Multi.Generic ) - warning
10:32:35.0510 0692 LMS - detected UnsignedFile.Multi.Generic (1)
10:32:35.0552 0692 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:32:35.0580 0692 LSI_FC - ok
10:32:35.0594 0692 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:32:35.0620 0692 LSI_SAS - ok
10:32:35.0634 0692 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:32:35.0659 0692 LSI_SAS2 - ok
10:32:35.0681 0692 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:32:35.0709 0692 LSI_SCSI - ok
10:32:35.0723 0692 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:32:35.0832 0692 luafv - ok
10:32:35.0877 0692 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:32:35.0898 0692 MBAMProtector - ok
10:32:35.0941 0692 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:32:35.0974 0692 MBAMScheduler - ok
10:32:36.0002 0692 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:32:36.0050 0692 MBAMService - ok
10:32:36.0100 0692 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
10:32:36.0126 0692 McComponentHostService - ok
10:32:36.0164 0692 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:32:36.0193 0692 Mcx2Svc - ok
10:32:36.0211 0692 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:32:36.0235 0692 megasas - ok
10:32:36.0265 0692 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:32:36.0300 0692 MegaSR - ok
10:32:36.0397 0692 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:32:36.0415 0692 Microsoft Office Groove Audit Service - ok
10:32:36.0432 0692 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:32:36.0542 0692 MMCSS - ok
10:32:36.0564 0692 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:32:36.0666 0692 Modem - ok
10:32:36.0694 0692 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:32:36.0743 0692 monitor - ok
10:32:36.0773 0692 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:32:36.0797 0692 mouclass - ok
10:32:36.0827 0692 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:32:36.0871 0692 mouhid - ok
10:32:36.0891 0692 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:32:36.0918 0692 mountmgr - ok
10:32:36.0976 0692 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:32:37.0016 0692 MpFilter - ok
10:32:37.0052 0692 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:32:37.0081 0692 mpio - ok
10:32:37.0089 0692 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:32:37.0193 0692 mpsdrv - ok
10:32:37.0246 0692 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:32:37.0362 0692 MpsSvc - ok
10:32:37.0384 0692 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:32:37.0437 0692 MRxDAV - ok
10:32:37.0475 0692 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:32:37.0509 0692 mrxsmb - ok
10:32:37.0537 0692 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:32:37.0580 0692 mrxsmb10 - ok
10:32:37.0600 0692 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:32:37.0651 0692 mrxsmb20 - ok
10:32:37.0684 0692 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:32:37.0709 0692 msahci - ok
10:32:37.0735 0692 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:32:37.0764 0692 msdsm - ok
10:32:37.0778 0692 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:32:37.0821 0692 MSDTC - ok
10:32:37.0850 0692 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:32:37.0955 0692 Msfs - ok
10:32:37.0983 0692 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:32:38.0087 0692 mshidkmdf - ok
10:32:38.0107 0692 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:32:38.0129 0692 msisadrv - ok
10:32:38.0153 0692 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:32:38.0261 0692 MSiSCSI - ok
10:32:38.0268 0692 msiserver - ok
10:32:38.0312 0692 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:32:38.0398 0692 MSKSSRV - ok
10:32:38.0515 0692 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:32:38.0542 0692 MsMpSvc - ok
10:32:38.0559 0692 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:32:38.0657 0692 MSPCLOCK - ok
10:32:38.0682 0692 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:32:38.0786 0692 MSPQM - ok
10:32:38.0811 0692 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:32:38.0851 0692 MsRPC - ok
10:32:38.0879 0692 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:32:38.0901 0692 mssmbios - ok
10:32:38.0924 0692 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:32:39.0023 0692 MSTEE - ok
10:32:39.0041 0692 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:32:39.0078 0692 MTConfig - ok
10:32:39.0085 0692 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:32:39.0110 0692 Mup - ok
10:32:39.0150 0692 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:32:39.0263 0692 napagent - ok
10:32:39.0315 0692 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:32:39.0395 0692 NativeWifiP - ok
10:32:39.0458 0692 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:32:39.0540 0692 NDIS - ok
10:32:39.0563 0692 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:32:39.0669 0692 NdisCap - ok
10:32:39.0711 0692 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:32:39.0799 0692 NdisTapi - ok
10:32:39.0827 0692 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:32:39.0925 0692 Ndisuio - ok
10:32:39.0945 0692 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:32:40.0049 0692 NdisWan - ok
10:32:40.0056 0692 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:32:40.0157 0692 NDProxy - ok
10:32:40.0181 0692 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:32:40.0285 0692 NetBIOS - ok
10:32:40.0295 0692 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:32:40.0399 0692 NetBT - ok
10:32:40.0415 0692 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:32:40.0438 0692 Netlogon - ok
10:32:40.0481 0692 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:32:40.0601 0692 Netman - ok
10:32:40.0648 0692 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:32:40.0669 0692 NetMsmqActivator - ok
10:32:40.0701 0692 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:32:40.0722 0692 NetPipeActivator - ok
10:32:40.0739 0692 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:32:40.0855 0692 netprofm - ok
10:32:40.0865 0692 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:32:40.0886 0692 NetTcpActivator - ok
10:32:40.0893 0692 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:32:40.0915 0692 NetTcpPortSharing - ok
10:32:40.0946 0692 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:32:40.0970 0692 nfrd960 - ok
10:32:41.0004 0692 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:32:41.0035 0692 NisDrv - ok
10:32:41.0075 0692 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:32:41.0118 0692 NisSrv - ok
10:32:41.0158 0692 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:32:41.0264 0692 NlaSvc - ok
10:32:41.0298 0692 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:32:41.0386 0692 Npfs - ok
10:32:41.0405 0692 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:32:41.0493 0692 nsi - ok
10:32:41.0510 0692 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:32:41.0607 0692 nsiproxy - ok
10:32:41.0667 0692 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:32:41.0780 0692 Ntfs - ok
10:32:41.0801 0692 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:32:41.0899 0692 Null - ok
10:32:41.0930 0692 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:32:41.0959 0692 nvraid - ok
10:32:41.0995 0692 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:32:42.0024 0692 nvstor - ok
10:32:42.0043 0692 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:32:42.0071 0692 nv_agp - ok
10:32:42.0148 0692 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:32:42.0185 0692 odserv - ok
10:32:42.0216 0692 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:32:42.0257 0692 ohci1394 - ok
10:32:42.0325 0692 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:32:42.0348 0692 ose - ok
10:32:42.0382 0692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:32:42.0431 0692 p2pimsvc - ok
10:32:42.0465 0692 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:32:42.0521 0692 p2psvc - ok
10:32:42.0570 0692 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:32:42.0610 0692 Parport - ok
10:32:42.0641 0692 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:32:42.0667 0692 partmgr - ok
10:32:42.0677 0692 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:32:42.0739 0692 PcaSvc - ok
10:32:42.0776 0692 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:32:42.0805 0692 pci - ok
10:32:42.0826 0692 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:32:42.0849 0692 pciide - ok
10:32:42.0887 0692 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:32:42.0919 0692 pcmcia - ok
10:32:42.0951 0692 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:32:42.0975 0692 pcw - ok
10:32:42.0999 0692 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:32:43.0120 0692 PEAUTH - ok
10:32:43.0213 0692 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:32:43.0256 0692 PerfHost - ok
10:32:43.0349 0692 [ C0F1CFCEE7E8AFF3AE0A7F54A7D3D6BE ] PFNService C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
10:32:43.0378 0692 PFNService ( UnsignedFile.Multi.Generic ) - warning
10:32:43.0379 0692 PFNService - detected UnsignedFile.Multi.Generic (1)
10:32:43.0438 0692 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:32:43.0607 0692 pla - ok
10:32:43.0664 0692 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:32:43.0712 0692 PlugPlay - ok
10:32:43.0728 0692 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:32:43.0768 0692 PNRPAutoReg - ok
10:32:43.0793 0692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:32:43.0824 0692 PNRPsvc - ok
10:32:43.0864 0692 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:32:43.0976 0692 PolicyAgent - ok
10:32:44.0017 0692 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:32:44.0112 0692 Power - ok
10:32:44.0155 0692 [ 843BA5F09A391D52AC1F8486C5FC3D4F ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
10:32:44.0171 0692 PowerSavingUtilityService - ok
10:32:44.0223 0692 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:32:44.0323 0692 PptpMiniport - ok
10:32:44.0362 0692 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
10:32:44.0406 0692 Processor - ok
10:32:44.0433 0692 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:32:44.0481 0692 ProfSvc - ok
10:32:44.0515 0692 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:32:44.0538 0692 ProtectedStorage - ok
10:32:44.0571 0692 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:32:44.0660 0692 Psched - ok
10:32:44.0707 0692 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:32:44.0815 0692 ql2300 - ok
10:32:44.0832 0692 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:32:44.0861 0692 ql40xx - ok
10:32:44.0893 0692 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:32:44.0939 0692 QWAVE - ok
10:32:44.0975 0692 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:32:45.0027 0692 QWAVEdrv - ok
10:32:45.0051 0692 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:32:45.0139 0692 RasAcd - ok
10:32:45.0173 0692 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:32:45.0277 0692 RasAgileVpn - ok
10:32:45.0304 0692 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:32:45.0396 0692 RasAuto - ok
10:32:45.0410 0692 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:32:45.0514 0692 Rasl2tp - ok
10:32:45.0545 0692 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:32:45.0642 0692 RasMan - ok
10:32:45.0656 0692 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:32:45.0748 0692 RasPppoe - ok
10:32:45.0763 0692 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:32:45.0864 0692 RasSstp - ok
10:32:45.0880 0692 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:32:45.0983 0692 rdbss - ok
10:32:46.0017 0692 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:32:46.0060 0692 rdpbus - ok
10:32:46.0080 0692 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:32:46.0186 0692 RDPCDD - ok
10:32:46.0223 0692 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:32:46.0323 0692 RDPENCDD - ok
10:32:46.0352 0692 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:32:46.0440 0692 RDPREFMP - ok
10:32:46.0474 0692 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:32:46.0518 0692 RDPWD - ok
10:32:46.0553 0692 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:32:46.0583 0692 rdyboost - ok
10:32:46.0617 0692 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:32:46.0728 0692 RemoteAccess - ok
10:32:46.0766 0692 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:32:46.0876 0692 RemoteRegistry - ok
10:32:46.0923 0692 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:32:46.0972 0692 RFCOMM - ok
10:32:46.0980 0692 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:32:47.0072 0692 RpcEptMapper - ok
10:32:47.0103 0692 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:32:47.0145 0692 RpcLocator - ok
10:32:47.0176 0692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:32:47.0275 0692 RpcSs - ok
10:32:47.0308 0692 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:32:47.0398 0692 rspndr - ok
10:32:47.0436 0692 [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
10:32:47.0477 0692 RSUSBSTOR - ok
10:32:47.0524 0692 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:32:47.0555 0692 RTL8167 - ok
10:32:47.0576 0692 RtsUIR - ok
10:32:47.0593 0692 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:32:47.0617 0692 SamSs - ok
10:32:47.0625 0692 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:32:47.0652 0692 sbp2port - ok
10:32:47.0686 0692 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:32:47.0809 0692 SCardSvr - ok
10:32:47.0837 0692 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:32:47.0942 0692 scfilter - ok
10:32:47.0992 0692 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:32:48.0140 0692 Schedule - ok
10:32:48.0168 0692 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:32:48.0253 0692 SCPolicySvc - ok
10:32:48.0275 0692 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:32:48.0320 0692 SDRSVC - ok
10:32:48.0359 0692 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:32:48.0453 0692 secdrv - ok
10:32:48.0469 0692 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:32:48.0557 0692 seclogon - ok
10:32:48.0572 0692 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:32:48.0672 0692 SENS - ok
10:32:48.0706 0692 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:32:48.0743 0692 SensrSvc - ok
10:32:48.0783 0692 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:32:48.0808 0692 Serenum - ok
10:32:48.0833 0692 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
10:32:48.0879 0692 Serial - ok
10:32:48.0897 0692 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:32:48.0938 0692 sermouse - ok
10:32:48.0977 0692 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:32:49.0082 0692 SessionEnv - ok
10:32:49.0121 0692 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:32:49.0152 0692 sffdisk - ok
10:32:49.0182 0692 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:32:49.0222 0692 sffp_mmc - ok
10:32:49.0241 0692 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:32:49.0283 0692 sffp_sd - ok
10:32:49.0334 0692 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:32:49.0375 0692 sfloppy - ok
10:32:49.0434 0692 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:32:49.0550 0692 SharedAccess - ok
10:32:49.0592 0692 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:32:49.0699 0692 ShellHWDetection - ok
10:32:49.0734 0692 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:32:49.0758 0692 SiSRaid2 - ok
10:32:49.0787 0692 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:32:49.0812 0692 SiSRaid4 - ok
10:32:49.0840 0692 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:32:49.0929 0692 Smb - ok
10:32:49.0969 0692 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:32:50.0008 0692 SNMPTRAP - ok
10:32:50.0030 0692 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:32:50.0053 0692 spldr - ok
10:32:50.0097 0692 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:32:50.0148 0692 Spooler - ok
10:32:50.0254 0692 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:32:50.0479 0692 sppsvc - ok
10:32:50.0487 0692 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:32:50.0593 0692 sppuinotify - ok
10:32:50.0637 0692 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:32:50.0699 0692 srv - ok
10:32:50.0723 0692 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:32:50.0756 0692 srv2 - ok
10:32:50.0773 0692 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:32:50.0819 0692 srvnet - ok
10:32:50.0856 0692 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:32:50.0960 0692 SSDPSRV - ok
10:32:50.0983 0692 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:32:51.0075 0692 SstpSvc - ok
10:32:51.0085 0692 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:32:51.0108 0692 stexstor - ok
10:32:51.0167 0692 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:32:51.0242 0692 stisvc - ok
10:32:51.0266 0692 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:32:51.0288 0692 swenum - ok
10:32:51.0327 0692 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:32:51.0443 0692 swprv - ok
10:32:51.0493 0692 [ 2F827BB08CC7F1A17DF2EAD7B424D731 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:32:51.0522 0692 SynTP - ok
10:32:51.0576 0692 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:32:51.0693 0692 SysMain - ok
10:32:51.0717 0692 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:32:51.0759 0692 TabletInputService - ok
10:32:51.0771 0692 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:32:51.0877 0692 TapiSrv - ok
10:32:51.0899 0692 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:32:51.0990 0692 TBS - ok
10:32:52.0064 0692 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:32:52.0184 0692 Tcpip - ok
10:32:52.0257 0692 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:32:52.0352 0692 TCPIP6 - ok
10:32:52.0383 0692 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:32:52.0480 0692 tcpipreg - ok
10:32:52.0507 0692 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:32:52.0546 0692 TDPIPE - ok
10:32:52.0587 0692 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:32:52.0609 0692 TDTCP - ok
10:32:52.0629 0692 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:32:52.0718 0692 tdx - ok
10:32:52.0742 0692 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:32:52.0766 0692 TermDD - ok
10:32:52.0798 0692 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:32:52.0925 0692 TermService - ok
10:32:52.0951 0692 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:32:53.0004 0692 Themes - ok
10:32:53.0019 0692 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:32:53.0109 0692 THREADORDER - ok
10:32:53.0147 0692 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
10:32:53.0191 0692 TPM - ok
10:32:53.0218 0692 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:32:53.0325 0692 TrkWks - ok
10:32:53.0378 0692 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:32:53.0482 0692 TrustedInstaller - ok
10:32:53.0507 0692 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:32:53.0602 0692 tssecsrv - ok
10:32:53.0626 0692 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:32:53.0649 0692 TsUsbFlt - ok
10:32:53.0681 0692 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:32:53.0716 0692 TsUsbGD - ok
10:32:53.0754 0692 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:32:53.0858 0692 tunnel - ok
10:32:53.0881 0692 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:32:53.0906 0692 uagp35 - ok
10:32:53.0918 0692 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:32:54.0043 0692 udfs - ok
10:32:54.0080 0692 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:32:54.0108 0692 UI0Detect - ok
10:32:54.0126 0692 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:32:54.0151 0692 uliagpkx - ok
10:32:54.0175 0692 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:32:54.0214 0692 umbus - ok
10:32:54.0230 0692 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
10:32:54.0264 0692 UmPass - ok
10:32:54.0410 0692 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:32:54.0489 0692 UNS ( UnsignedFile.Multi.Generic ) - warning
10:32:54.0489 0692 UNS - detected UnsignedFile.Multi.Generic (1)
10:32:54.0539 0692 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:32:54.0638 0692 upnphost - ok
10:32:54.0663 0692 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:32:54.0688 0692 usbccgp - ok
10:32:54.0716 0692 USBCCID - ok
10:32:54.0764 0692 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:32:54.0797 0692 usbcir - ok
10:32:54.0820 0692 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:32:54.0869 0692 usbehci - ok
10:32:54.0910 0692 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:32:54.0941 0692 usbhub - ok
10:32:54.0967 0692 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:32:55.0005 0692 usbohci - ok
10:32:55.0040 0692 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:32:55.0089 0692 usbprint - ok
10:32:55.0127 0692 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:32:55.0167 0692 usbscan - ok
10:32:55.0200 0692 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:32:55.0243 0692 USBSTOR - ok
10:32:55.0258 0692 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:32:55.0297 0692 usbuhci - ok
10:32:55.0350 0692 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:32:55.0387 0692 usbvideo - ok
10:32:55.0413 0692 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:32:55.0514 0692 UxSms - ok
10:32:55.0537 0692 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:32:55.0560 0692 VaultSvc - ok
10:32:55.0607 0692 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:32:55.0631 0692 vdrvroot - ok
10:32:55.0661 0692 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:32:55.0780 0692 vds - ok
10:32:55.0846 0692 [ D9656445499625B0ED88C0B203F3C16F ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
10:32:55.0864 0692 VFPRadioSupportService - ok
10:32:55.0906 0692 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:32:55.0938 0692 vga - ok
10:32:55.0951 0692 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:32:56.0039 0692 VgaSave - ok
10:32:56.0074 0692 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:32:56.0106 0692 vhdmp - ok
10:32:56.0127 0692 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:32:56.0150 0692 viaide - ok
10:32:56.0177 0692 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:32:56.0202 0692 volmgr - ok
10:32:56.0220 0692 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:32:56.0258 0692 volmgrx - ok
10:32:56.0284 0692 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:32:56.0319 0692 volsnap - ok
10:32:56.0351 0692 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:32:56.0380 0692 vsmraid - ok
10:32:56.0441 0692 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:32:56.0604 0692 VSS - ok
10:32:56.0639 0692 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:32:56.0685 0692 vwifibus - ok
10:32:56.0706 0692 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:32:56.0759 0692 vwififlt - ok
10:32:56.0784 0692 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:32:56.0821 0692 vwifimp - ok
10:32:56.0833 0692 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:32:56.0948 0692 W32Time - ok
10:32:56.0977 0692 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:32:57.0003 0692 WacomPen - ok
10:32:57.0044 0692 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:32:57.0132 0692 WANARP - ok
10:32:57.0138 0692 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:32:57.0225 0692 Wanarpv6 - ok
10:32:57.0267 0692 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:32:57.0368 0692 wbengine - ok
10:32:57.0378 0692 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:32:57.0423 0692 WbioSrvc - ok
10:32:57.0435 0692 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:32:57.0497 0692 wcncsvc - ok
10:32:57.0521 0692 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:32:57.0559 0692 WcsPlugInService - ok
10:32:57.0587 0692 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
10:32:57.0610 0692 Wd - ok
10:32:57.0658 0692 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:32:57.0708 0692 Wdf01000 - ok
10:32:57.0720 0692 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:32:57.0778 0692 WdiServiceHost - ok
10:32:57.0784 0692 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:32:57.0828 0692 WdiSystemHost - ok
10:32:57.0838 0692 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:32:57.0886 0692 WebClient - ok
10:32:57.0914 0692 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:32:58.0022 0692 Wecsvc - ok
10:32:58.0043 0692 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:32:58.0144 0692 wercplsupport - ok
10:32:58.0166 0692 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:32:58.0268 0692 WerSvc - ok
10:32:58.0290 0692 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:32:58.0376 0692 WfpLwf - ok
10:32:58.0391 0692 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:32:58.0414 0692 WIMMount - ok
10:32:58.0447 0692 WinDefend - ok
10:32:58.0459 0692 WinHttpAutoProxySvc - ok
10:32:58.0515 0692 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:32:58.0619 0692 Winmgmt - ok
10:32:58.0695 0692 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:32:58.0883 0692 WinRM - ok
10:32:58.0943 0692 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:32:58.0992 0692 WinUsb - ok
10:32:59.0045 0692 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:32:59.0127 0692 Wlansvc - ok
10:32:59.0177 0692 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:32:59.0196 0692 wlcrasvc - ok
10:32:59.0324 0692 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:32:59.0427 0692 wlidsvc - ok
10:32:59.0455 0692 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:32:59.0494 0692 WmiAcpi - ok
10:32:59.0540 0692 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:32:59.0583 0692 wmiApSrv - ok
10:32:59.0620 0692 WMPNetworkSvc - ok
10:32:59.0652 0692 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:32:59.0680 0692 WPCSvc - ok
10:32:59.0717 0692 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:32:59.0750 0692 WPDBusEnum - ok
10:32:59.0783 0692 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:32:59.0890 0692 ws2ifsl - ok
10:32:59.0906 0692 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:32:59.0948 0692 wscsvc - ok
10:32:59.0954 0692 WSearch - ok
10:33:00.0038 0692 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:33:00.0191 0692 wuauserv - ok
10:33:00.0216 0692 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:33:00.0315 0692 WudfPf - ok
10:33:00.0350 0692 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:33:00.0440 0692 WUDFRd - ok
10:33:00.0472 0692 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:33:00.0562 0692 wudfsvc - ok
10:33:00.0580 0692 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:33:00.0639 0692 WwanSvc - ok
10:33:00.0680 0692 ================ Scan global ===============================
10:33:00.0713 0692 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:33:00.0750 0692 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:33:00.0773 0692 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:33:00.0798 0692 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:33:00.0825 0692 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:33:00.0834 0692 [Global] - ok
10:33:00.0835 0692 ================ Scan MBR ==================================
10:33:00.0851 0692 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:33:01.0303 0692 \Device\Harddisk0\DR0 - ok
10:33:01.0304 0692 ================ Scan VBR ==================================
10:33:01.0337 0692 [ D65BD3B39DD565D51AF4A06CD13853B8 ] \Device\Harddisk0\DR0\Partition1
10:33:01.0340 0692 \Device\Harddisk0\DR0\Partition1 - ok
10:33:01.0378 0692 [ 3C76D41D8319B64DB258A856AE69E5A0 ] \Device\Harddisk0\DR0\Partition2
10:33:01.0381 0692 \Device\Harddisk0\DR0\Partition2 - ok
10:33:01.0382 0692 ============================================================
10:33:01.0382 0692 Scan finished
10:33:01.0382 0692 ============================================================
10:33:01.0400 4092 Detected object count: 3
10:33:01.0400 4092 Actual detected object count: 3
10:33:27.0765 4092 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
10:33:27.0766 4092 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:33:27.0768 4092 PFNService ( UnsignedFile.Multi.Generic ) - skipped by user
10:33:27.0768 4092 PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:33:27.0771 4092 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
10:33:27.0771 4092 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:33:50.0478 3880 Deinitialize success
|
|
07.10.2012, 09:39
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PWS:Win32/Zbot Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.10.2012, 13:54
| #21 |
| | PWS:Win32/Zbot Malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.10.07.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Drackle :: DRACKLE-PC [Administrator] Schutz: Aktiviert 07.10.2012 10:48:15 mbam-log-2012-10-07 (10-48-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 313960 Laufzeit: 35 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) SuperAntiSpyware Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/07/2012 at 02:33 PM
Application Version : 5.5.1022
Core Rules Database Version : 9354
Trace Rules Database Version: 7166
Scan type : Complete Scan
Total Scan Time : 01:09:36
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 668
Memory threats detected : 0
Registry items scanned : 71597
Registry threats detected : 0
File items scanned : 105283
File threats detected : 73
Adware.Tracking Cookie
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MOPKF5KF.txt [ Cookie:drackle@vogelservices.122.2o7.net/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\59Q02VBL.txt [ Cookie:drackle@tracking.quisma.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GTD312O8.txt [ Cookie:drackle@www.usenext.de/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FE5VZXHD.txt [ Cookie:drackle@track.effiliation.com/servlet/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FN73TD3G.txt [ Cookie:drackle@webmasterplan.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\drackle@imrworldwide[2].txt [ Cookie:drackle@imrworldwide.com/cgi-bin ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K7X4UQXI.txt [ Cookie:drackle@tracker.vinsight.de/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JV4BXHM5.txt [ Cookie:drackle@track.adform.net/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\WXNJ4HK4.txt [ Cookie:drackle@serving-sys.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YBNVGFOQ.txt [ Cookie:drackle@adserver.pferde-verlag.de/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6RENIPO1.txt [ Cookie:drackle@unitymedia.de/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4AWUVVU0.txt [ Cookie:drackle@revsci.net/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VFFX6G9L.txt [ Cookie:drackle@adtech.de/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PPHUCI7K.txt [ Cookie:drackle@fastclick.net/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1Y7YXH23.txt [ Cookie:drackle@adfarm1.adition.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9LB33UPG.txt [ Cookie:drackle@smartadserver.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K3KO3Z5X.txt [ Cookie:drackle@doubleclick.net/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H8ZIJDEM.txt [ Cookie:drackle@7.rotator.trafficbee.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\drackle@adx.chip[2].txt [ Cookie:drackle@adx.chip.de/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4C933PPW.txt [ Cookie:drackle@specificclick.net/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GNP1ZCH4.txt [ Cookie:drackle@apmebf.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UV5MG6IY.txt [ Cookie:drackle@questionmarket.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1O0SSM0L.txt [ Cookie:drackle@adform.net/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\27VGOD34.txt [ Cookie:drackle@bs.serving-sys.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TU8IVN5L.txt [ Cookie:drackle@de.sitestat.com/idgcom-de/tecchannel/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GZ9TJ8CY.txt [ Cookie:drackle@www.zanox-affiliate.de/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DVRDQ529.txt [ Cookie:drackle@zanox-affiliate.de/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\44KLTRKX.txt [ Cookie:drackle@tradedoubler.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NUSTUJ2B.txt [ Cookie:drackle@7.rotator.wigetmedia.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3TFQ49RY.txt [ Cookie:drackle@zedo.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MA18PPZG.txt [ Cookie:drackle@atdmt.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\drackle@accounts.google[1].txt [ Cookie:drackle@accounts.google.com/ ]
C:\USERS\DRACKLE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NNIY3R70.txt [ Cookie:drackle@tracking.mlsat02.de/tmobile/ ]
.doubleclick.net [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adform.net [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
www2.forum-media.eu [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DRACKLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0LZ74A64.DEFAULT-1349118411009\COOKIES.SQLITE ]
|
|
07.10.2012, 19:44
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PWS:Win32/Zbot Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.10.2012, 20:34
| #23 |
| | PWS:Win32/Zbot Den Cookie Culler hab ich runter geladen kann die Datei aber nicht öffnen?!  Mit der anderen Seite bin ich überfordert, da versteh ich nur Bahnhof!!  Mein System läuft meines Erachtens nach sehr gut! Mir war ja nur wichtig, das da nix mehr auf der Festplatte ist was meine Passwörter ausspioniert! Weitere Funde oder Fehlermeldungen gabs auch nicht mehr! Also vielen vielen Dank für die Hilfe!!!!!   |
|
07.10.2012, 20:51
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PWS:Win32/Zbot Dann wären wir durch! Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.10.2012, 21:06
| #25 |
| | PWS:Win32/Zbot Jetzt zeigt er mir dauernd an das ein Update nicht runtergeladen werden konnte Code:
ATTFilter Sicherheitsupdate für Microsoft .NET Framework 3.5.1 unter Windows 7 und Windows Server 2008 R2 SP1 für x64-basierte Systeme (KB2686831)
Installationsdatum: 07.10.2012 22:02
Installationsstatus: Fehlgeschlagen
Fehlerdetails: Code 8024200D
Updatetyp: Wichtig
Es wurde eine Sicherheitslücke entdeckt, durch die ein nicht authentifizierter Remoteangreifer möglicherweise in ein Windows-System eindringen und die Steuerung übernehmen kann. Durch die Installation dieses Updates von Microsoft können Sie zum Schutz Ihres Systems beitragen. Nach der Installation dieses Updates müssen Sie das System gegebenenfalls neu starten.
Weitere Informationen:
hxxp://go.microsoft.com/fwlink/?LinkID=245999
Hilfe und Support:
hxxp://support.microsoft.com
|
|
| Themen zu PWS:Win32/Zbot |
| adobe, adobe flash player, bandoo, bho, continue, defender, dringend, explorer, fehlermeldung, firefox, flash player, format, helper, home, icreinstall, internet, limited.com/facebook, logfile, object, problem, pws:win32/zbot, realtek, registry, scan, security, senden, software, trojaner, windows |
Linear-Darstellung
