Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Plagegeister aller Art und deren Bekämpfung: Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.01.2013, 20:08   #1
rupertbayern
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Hallo!
Ich mache gerade einen Volluntersuchungscan mit Kaspersky. Dabei erhielt ich folgende Meldung:

30.01.2013 20:01:36 Gefunden: HiddenObject.Multi.Generic c:\Documents and Settings\Rupert Niko\Anwendungsdaten\Microsoft\Templates\~$Normal.dotm Protokolliert

30.01.2013 20:01:36 Nicht desinfizierte Objekte: HiddenObject.Multi.Generic c:\Documents and Settings\Rupert Niko\Anwendungsdaten\Microsoft\Templates\~$Normal.dotm Vom Benutzer übersprungen

Bin ich gefährdet?

MFG Rupertbayern

Alt 31.01.2013, 02:41   #2
t'john
/// Helfer-Team
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.




Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.



Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
2. Schritt
Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe


  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

__________________

__________________
Alt 01.02.2013, 18:09   #3
rupertbayern
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.01.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Rupert Niko :: HOME-PC [Administrator]

01.02.2013 15:41:56
mbam-log-2013-02-01 (15-41-56).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 511189
Laufzeit: 1 Stunde(n), 51 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
D:\SoftonicDownloader_fuer_comic-life.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
OTL
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.02.2013 17:59:10 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Rupert Niko\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 58,03% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 178,66 Gb Free Space | 39,18% Space Free | Partition Type: NTFS
Drive D: | 732,42 Gb Total Space | 132,62 Gb Free Space | 18,11% Space Free | Partition Type: NTFS
Drive E: | 199,09 Gb Total Space | 28,22 Gb Free Space | 14,18% Space Free | Partition Type: NTFS
Drive F: | 69,71 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 5,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: HOME-PC | User Name: Rupert Niko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rupert Niko\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\LOLReplay\LOLRecorder.exe (LOL Replay)
PRC - C:\Programme\MOUSE Editor\MouseEditor.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Programme\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Rupert Niko\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Rupert Niko\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
MOD - C:\Users\Rupert Niko\AppData\Local\Google\Chrome\Application\24.0.1312.56\libglesv2.dll ()
MOD - C:\Users\Rupert Niko\AppData\Local\Google\Chrome\Application\24.0.1312.56\libegl.dll ()
MOD - C:\Users\Rupert Niko\AppData\Local\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Programme\LOLReplay\LOLUtils.dll ()
MOD - C:\Programme\MOUSE Editor\MouseEditor.exe ()
MOD - C:\Programme\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll ()
MOD - C:\Programme\MOUSE Editor\dll\DLL_Wheel4D.dll ()
MOD - C:\Programme\MOUSE Editor\dll\DLL_AnalyzeGesturesInRight.dll ()
MOD - C:\Programme\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll ()
MOD - C:\Programme\MOUSE Editor\dll\DLL_MouseDeviceManager.dll ()
MOD - C:\Programme\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\MOUSE Editor\dll\DLL_AnalyzeGesturesInOne.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky PURE\QtGui4.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky PURE\QtCore4.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky PURE\localization_manager.dll ()
MOD - C:\Programme\MOUSE Editor\dll\DLL_ZoomControl.dll ()
MOD - C:\Programme\MOUSE Editor\dll\DLL_ScrollbarControl.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky PURE\dblite.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (CSObjectsSrv) -- C:\Programme\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (CSCrySec) -- C:\Windows\System32\drivers\CSCrySec.sys (Infowatch)
DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV - (KLBG) -- C:\Windows\System32\drivers\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (CXAVSAUD) -- C:\Windows\System32\drivers\pvavsaud.sys (Conexant Systems, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 15 01 25 EF E9 CD 01  [binary data]
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\..\SearchScopes\{C32DDE2A-14EF-4427-8670-799FED10A61F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=7B981B49-C767-4317-B9C0-D130A6E5F9B2&apn_sauid=805414D4-AC6A-49E7-B46B-A16E65F909F4
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Rupert Niko\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Rupert Niko\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2013.01.03 20:42:00 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Rupert Niko\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Google Drive = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.8_0\
CHR - Extension: YouTube = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
CHR - Extension: Google Mail = C:\Users\Rupert Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKU\S-1-5-21-497382121-3916464205-3174431237-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-497382121-3916464205-3174431237-1000..\Run: [OscarEditor] C:\Program Files\MOUSE Editor\MouseEditor.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-497382121-3916464205-3174431237-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FACA56B-6A1B-4488-A49A-310824028276}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.10.10 14:54:08 | 002,290,144 | R--- | M] () - M:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.10.09 15:23:34 | 000,000,047 | R--- | M] () - M:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2011.10.09 15:23:34 | 000,224,630 | R--- | M] () - M:\autorun.ico -- [ CDFS ]
O33 - MountPoints2\{801d6ee5-5756-11e2-bb29-001a926c2bd3}\Shell - "" = AutoRun
O33 - MountPoints2\{801d6ee5-5756-11e2-bb29-001a926c2bd3}\Shell\AutoRun\command - "" = M:\Autorun.exe -- [2011.10.10 14:54:08 | 002,290,144 | R--- | M] ()
O33 - MountPoints2\{d39d85ac-6a50-11e2-a9cd-001a926c2bd3}\Shell - "" = AutoRun
O33 - MountPoints2\{d39d85ac-6a50-11e2-a9cd-001a926c2bd3}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.01 15:39:29 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Malwarebytes
[2013.02.01 15:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.01 15:39:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.01 15:39:17 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.01 15:39:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.01 15:39:11 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Programs
[2013.01.30 19:50:43 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Download Manager
[2013.01.18 15:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Application Compatibility Toolkit
[2013.01.18 15:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Compatibility Toolkit
[2013.01.15 19:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Software
[2013.01.14 14:50:23 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.14 14:50:23 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.14 14:50:23 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.09 17:05:26 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\APN
[2013.01.09 17:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2013.01.09 17:05:22 | 000,000,000 | ---D | C] -- C:\Firefox
[2013.01.09 16:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2013.01.09 16:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.01.09 16:54:13 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\.minecraft
[2013.01.09 16:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.01.09 16:53:45 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.01.09 16:53:45 | 000,779,704 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.01.09 16:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.01.09 16:43:07 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.09 16:42:30 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.01.09 16:42:30 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.01.09 16:42:29 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 16:42:29 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 16:42:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 16:42:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 16:42:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 16:42:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 16:42:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 16:42:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 16:42:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 16:42:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 16:42:17 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013.01.09 16:42:17 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013.01.09 16:42:17 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013.01.09 16:42:17 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013.01.09 16:42:17 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013.01.09 16:42:17 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013.01.09 16:42:17 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013.01.09 16:42:17 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013.01.09 16:42:16 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013.01.09 16:42:16 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013.01.09 16:42:16 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013.01.09 16:42:16 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013.01.09 16:42:16 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013.01.09 16:42:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013.01.09 16:42:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013.01.09 16:42:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013.01.09 16:42:08 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.09 16:42:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.01.06 18:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2013.01.06 18:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2013.01.06 05:20:08 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\ANNO 2070
[2013.01.06 03:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013.01.06 03:21:22 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Diagnostics
[2013.01.06 03:11:24 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Ubisoft
[2013.01.06 03:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2013.01.06 03:01:10 | 000,000,000 | RH-D | C] -- C:\Users\Rupert Niko\AppData\Roaming\SecuROM
[2013.01.06 02:58:43 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2013.01.06 02:58:43 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2013.01.06 02:58:43 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2013.01.06 02:58:43 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2013.01.06 02:58:42 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2013.01.06 02:58:42 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2013.01.06 02:58:42 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2013.01.06 02:58:42 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2013.01.06 02:58:41 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2013.01.06 02:58:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2013.01.06 02:58:41 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2013.01.06 02:58:40 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2013.01.06 02:58:40 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2013.01.06 02:58:39 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2013.01.06 02:58:39 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2013.01.06 02:58:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2013.01.06 02:58:38 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2013.01.06 02:58:38 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2013.01.06 02:58:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013.01.06 02:58:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2013.01.06 02:58:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2013.01.06 02:58:37 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2013.01.06 02:58:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2013.01.06 02:58:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2013.01.06 02:58:36 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013.01.06 02:58:36 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2013.01.06 02:58:36 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2013.01.06 02:58:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2013.01.06 02:58:35 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013.01.06 02:58:35 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2013.01.06 02:58:35 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2013.01.06 02:58:34 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2013.01.06 02:58:34 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2013.01.06 02:58:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2013.01.06 02:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013.01.06 02:30:02 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2013.01.06 02:29:57 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\DAEMON Tools Lite
[2013.01.06 02:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013.01.06 00:58:20 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\FalloutNV
[2013.01.06 00:56:31 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\SCE
[2013.01.06 00:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.01.06 00:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2013.01.06 00:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2013.01.06 00:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.01.06 00:16:18 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.01.05 23:55:04 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Microsoft Help
[2013.01.05 23:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.01.05 23:36:57 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.01.05 23:13:07 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
[2013.01.05 22:04:24 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\vlc
[2013.01.05 20:44:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2013.01.05 20:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2013.01.05 20:03:10 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Fallout3
[2013.01.05 19:31:39 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\InstallShield Installation Information
[2013.01.05 19:30:34 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2013.01.05 19:30:34 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2013.01.05 19:30:33 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2013.01.05 19:30:32 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2013.01.05 19:30:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2013.01.05 19:30:31 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2013.01.05 19:30:30 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2013.01.05 19:30:28 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2013.01.05 19:30:26 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2013.01.05 19:30:26 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2013.01.05 19:30:26 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2013.01.05 19:30:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2013.01.05 19:30:26 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2013.01.05 19:30:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2013.01.05 19:30:19 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2013.01.05 19:30:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2013.01.05 19:30:17 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2013.01.05 19:30:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2013.01.05 19:30:12 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2013.01.05 19:30:12 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2013.01.05 19:30:11 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013.01.05 19:30:08 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2013.01.05 19:30:08 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2013.01.05 19:30:08 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2013.01.05 19:30:08 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2013.01.05 19:30:07 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2013.01.05 19:30:06 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2013.01.05 19:30:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2013.01.05 19:29:56 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2013.01.05 19:29:56 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2013.01.05 19:29:55 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2013.01.05 19:29:50 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2013.01.05 19:29:50 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2013.01.05 19:29:49 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2013.01.05 19:29:48 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2013.01.05 19:29:47 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2013.01.05 19:29:47 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2013.01.05 19:29:46 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2013.01.05 19:29:44 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2013.01.05 19:29:07 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2013.01.05 19:29:00 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2013.01.05 19:29:00 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2013.01.05 19:28:59 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2013.01.05 19:28:58 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2013.01.05 19:28:56 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2013.01.05 19:28:55 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2013.01.05 19:28:54 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2013.01.05 19:28:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2013.01.05 19:24:11 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2013.01.05 19:24:11 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2013.01.05 19:24:10 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2013.01.05 19:23:55 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2013.01.05 19:21:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2013.01.05 19:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013.01.05 19:14:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.01.05 18:50:59 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\OpenOffice.org
[2013.01.05 18:50:14 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.01.05 18:48:31 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2013.01.05 03:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013.01.05 03:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.01.05 03:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013.01.05 03:26:09 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\ElevatedDiagnostics
[2013.01.05 03:24:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013.01.05 03:24:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2013.01.05 03:24:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013.01.05 03:24:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2013.01.05 03:23:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013.01.05 03:23:58 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbGD.sys
[2013.01.05 03:23:51 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2013.01.05 03:23:51 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013.01.05 03:23:51 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2013.01.05 03:23:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2013.01.05 03:23:50 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013.01.05 03:23:50 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013.01.05 03:23:50 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013.01.05 03:23:50 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2013.01.05 03:23:50 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2013.01.05 03:23:50 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2013.01.05 03:22:36 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013.01.05 03:22:35 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013.01.05 02:13:13 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.01.05 02:13:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.01.05 02:13:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.01.05 02:13:10 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.01.05 02:13:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.01.05 02:13:09 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.01.05 02:13:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.01.05 02:13:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.01.05 01:25:41 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2013.01.05 01:25:41 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2013.01.05 01:25:07 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013.01.05 01:25:07 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013.01.05 00:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013.01.05 00:47:01 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Apple Computer
[2013.01.05 00:30:44 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013.01.05 00:30:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013.01.05 00:30:44 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013.01.04 23:26:44 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Apple Computer
[2013.01.04 23:06:41 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2013.01.04 23:06:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2013.01.04 23:04:44 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2013.01.04 23:04:41 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2013.01.04 23:04:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2013.01.04 22:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.01.04 22:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.01.04 22:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.01.04 22:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.01.04 22:45:23 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Apple
[2013.01.04 22:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013.01.04 22:42:05 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.01.04 22:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.01.04 22:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.01.04 22:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013.01.04 21:18:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.01.04 21:18:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.01.04 21:18:27 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.01.04 21:18:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013.01.04 21:18:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.01.04 21:18:27 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.01.04 21:18:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.01.04 21:18:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.01.04 21:18:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.01.04 21:18:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.01.04 21:18:17 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.01.04 21:18:17 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.01.04 21:18:17 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.01.04 21:18:17 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.01.04 21:18:17 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.01.04 21:18:17 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.01.04 21:18:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.01.04 21:18:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.01.04 21:18:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.01.04 21:18:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.01.04 21:18:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.01.04 21:18:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.01.04 21:18:13 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.01.04 21:18:12 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013.01.04 21:18:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013.01.04 21:18:12 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.01.04 21:18:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013.01.04 21:18:12 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.01.04 21:18:12 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.01.04 20:31:54 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2013.01.04 18:27:46 | 000,232,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.01.04 03:47:53 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Desktop\Call of duty 4
[2013.01.04 03:40:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2013.01.04 03:39:19 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2013.01.04 03:39:17 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2013.01.04 03:38:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2013.01.04 03:38:12 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2013.01.04 03:38:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2013.01.04 03:38:09 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013.01.04 03:38:04 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2013.01.04 03:37:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2013.01.04 03:37:21 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013.01.04 03:37:21 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.01.04 03:37:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2013.01.04 03:37:21 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2013.01.04 03:37:20 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2013.01.04 03:37:12 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\WinRAR
[2013.01.04 03:37:12 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.01.04 03:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.01.04 03:37:11 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013.01.04 03:37:11 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013.01.04 03:37:10 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013.01.04 03:37:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2013.01.04 03:37:10 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013.01.04 03:37:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2013.01.04 03:37:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2013.01.04 03:37:07 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2013.01.04 03:37:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.01.04 03:37:02 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2013.01.04 03:36:59 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2013.01.04 03:36:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013.01.04 03:36:57 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2013.01.04 03:36:55 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2013.01.04 03:36:52 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2013.01.04 03:36:52 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2013.01.04 03:36:52 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2013.01.04 03:36:50 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.01.04 03:36:41 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013.01.04 03:36:31 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.01.04 03:36:16 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013.01.04 03:35:52 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.01.04 03:35:52 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.01.04 03:35:47 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013.01.04 03:35:44 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2013.01.04 03:35:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2013.01.04 03:35:42 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2013.01.04 03:35:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2013.01.04 03:35:42 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2013.01.04 03:35:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2013.01.04 03:35:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2013.01.04 03:35:41 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013.01.04 03:35:37 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2013.01.04 03:35:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2013.01.04 03:35:37 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2013.01.04 03:35:31 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2013.01.04 03:35:27 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.01.04 03:35:25 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2013.01.04 03:35:25 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2013.01.04 03:35:09 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2013.01.04 03:35:09 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2013.01.04 03:35:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2013.01.04 03:35:02 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2013.01.04 03:34:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013.01.04 03:34:18 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.01.04 03:19:35 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.01.04 02:54:50 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\PunkBuster
[2013.01.04 02:50:48 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Desktop\inYourFace
[2013.01.04 01:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\GUILD WARS
[2013.01.04 01:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\fallout3
[2013.01.04 01:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Fallout New Vegas2
[2013.01.04 01:27:23 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Xfire
[2013.01.04 01:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2013.01.04 01:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2013.01.04 01:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\COD4
[2013.01.04 01:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\VideoConverter
[2013.01.04 01:14:52 | 000,000,000 | ---D | C] -- C:\Program Files\TrackMania
[2013.01.04 01:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2013.01.04 01:14:36 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2013.01.03 22:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\LOLReplay
[2013.01.03 21:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\Tomb Raider - Anniversary
[2013.01.03 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\TCX Converter
[2013.01.03 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013.01.03 21:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2013.01.03 21:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sandisk
[2013.01.03 21:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2013.01.03 21:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games
[2013.01.03 21:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\Origin
[2013.01.03 21:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2013.01.03 21:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2013.01.03 21:45:16 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2013.01.03 21:45:02 | 000,000,000 | ---D | C] -- C:\Program Files\MOUSE Editor
[2013.01.03 21:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.01.03 21:31:38 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.01.03 21:31:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mass Effect 2
[2013.01.03 21:25:55 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\LolClient
[2013.01.03 21:25:53 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Macromedia
[2013.01.03 21:25:50 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Adobe
[2013.01.03 21:25:21 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Google
[2013.01.03 21:23:15 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Desktop\Neuer Ordner
[2013.01.03 21:21:07 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013.01.03 21:21:07 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013.01.03 21:21:07 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2013.01.03 21:21:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013.01.03 21:21:07 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2013.01.03 21:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2013.01.03 21:19:34 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013.01.03 21:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mass Effect
[2013.01.03 21:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2013.01.03 21:14:56 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.01.03 21:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2013.01.03 21:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2013.01.03 21:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Freemium
[2013.01.03 21:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Joiner
[2013.01.03 21:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Converter
[2013.01.03 21:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2013.01.03 21:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013.01.03 21:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.01.03 21:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bethesda Softworks
[2013.01.03 21:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.01.03 21:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\Alldj_DVD_Ripper_Platium
[2013.01.03 20:42:26 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2013.01.03 20:42:26 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2013.01.03 20:42:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013.01.03 20:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InfoWatch
[2013.01.03 20:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE
[2013.01.03 20:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.03 20:41:44 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2013.01.03 20:41:34 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2013.01.03 20:40:33 | 777,027,962 | ---- | C] (Epic Games             ) -- C:\Users\Rupert Niko\Documents\ut3betademo_4p.exe
[2013.01.03 20:40:28 | 133,437,288 | ---- | C] (Caligari                                                    ) -- C:\Users\Rupert Niko\Documents\tS76.exe
[2013.01.03 20:40:18 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Xfire
[2013.01.03 20:39:55 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Wolf
[2013.01.03 20:39:55 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Video Converter
[2013.01.03 20:39:52 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.01.03 20:39:24 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\TubeBox!
[2013.01.03 20:38:13 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\TubeBox
[2013.01.03 20:38:13 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Tomb Raider - Legend
[2013.01.03 20:38:11 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Saves
[2013.01.03 20:38:05 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Sansa Media Converter
[2013.01.03 20:38:04 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Documents\Notes
[2013.01.03 20:38:04 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\NWT
[2013.01.03 20:38:02 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\NeroVision
[2013.01.03 20:38:02 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Nero Recode
[2013.01.03 20:36:50 | 000,000,000 | --SD | C] -- C:\Users\Rupert Niko\Documents\My DocsToGo
[2013.01.03 20:36:50 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\My Games
[2013.01.03 20:36:50 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Mein Garmin
[2013.01.03 20:36:50 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\MAGIX_Music_Maker_17
[2013.01.03 20:36:50 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\MAGIX Downloads
[2013.01.03 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\LOLReplay
[2013.01.03 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Jack Keane
[2013.01.03 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\iTSfv
[2013.01.03 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\ICQ
[2013.01.03 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\GUILD WARS
[2013.01.03 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\gmka
[2013.01.03 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Eidos
[2013.01.03 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\DVDVideoSoft
[2013.01.03 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\DVDFab Passkey
[2013.01.03 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\DVDFab
[2013.01.03 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Comic Life
[2013.01.03 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Borland Studio Projects
[2013.01.03 20:36:32 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\BioWare
[2013.01.03 20:36:31 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Documents\Bildlenoten
[2013.01.03 20:36:25 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Battlefield 2142
[2013.01.03 20:36:21 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Battlefield 2
[2013.01.03 20:36:21 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Audible
[2013.01.03 20:36:21 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Applications
[2013.01.03 20:36:21 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\AnyDVDHD
[2013.01.03 20:36:19 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\alles mögliches
[2013.01.03 20:36:19 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\Alcohol 120%
[2013.01.03 20:36:18 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\Documents\4A Games
[2013.01.03 20:34:16 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2013.01.03 20:34:07 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\MigWiz
[2013.01.03 20:30:41 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2013.01.03 20:30:41 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2013.01.03 20:30:36 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2013.01.03 20:30:36 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2013.01.03 20:30:36 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2013.01.03 20:30:15 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2013.01.03 20:30:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2013.01.03 20:29:56 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.01.03 20:29:56 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Searches
[2013.01.03 20:29:56 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.01.03 20:29:49 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Identities
[2013.01.03 20:29:47 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Contacts
[2013.01.03 20:29:43 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\VirtualStore
[2013.01.03 20:29:42 | 000,000,000 | --SD | C] -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Videos
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Saved Games
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Pictures
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Music
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Links
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Favorites
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Downloads
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Documents
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\Desktop
[2013.01.03 20:29:42 | 000,000,000 | R--D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Vorlagen
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\AppData\Local\Verlauf
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\AppData\Local\Temporary Internet Files
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Startmenü
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\SendTo
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Recent
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Netzwerkumgebung
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Lokale Einstellungen
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Documents\Eigene Videos
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Documents\Eigene Musik
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Eigene Dateien
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Documents\Eigene Bilder
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Druckumgebung
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Cookies
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\AppData\Local\Anwendungsdaten
[2013.01.03 20:29:42 | 000,000,000 | -HSD | C] -- C:\Users\Rupert Niko\Anwendungsdaten
[2013.01.03 20:29:42 | 000,000,000 | -H-D | C] -- C:\Users\Rupert Niko\AppData
[2013.01.03 20:29:42 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Temp
[2013.01.03 20:29:42 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Local\Microsoft
[2013.01.03 20:29:42 | 000,000,000 | ---D | C] -- C:\Users\Rupert Niko\AppData\Roaming\Media Center Programs
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.01.03 20:29:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.01.03 20:17:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.01.03 20:15:31 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.01.03 20:14:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.01.03 20:13:53 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.01.03 20:13:38 | 000,000,000 | -HSD | C] -- C:\Boot
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.01 17:56:28 | 000,021,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.01 17:56:28 | 000,021,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.01 17:48:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.01 17:48:54 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.01 17:36:00 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497382121-3916464205-3174431237-1000UA.job
[2013.02.01 15:39:19 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.30 20:02:09 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.30 20:02:09 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.30 20:02:09 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.30 20:02:09 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.30 19:52:22 | 340,508,784 | ---- | M] () -- C:\Users\Rupert Niko\Documents\X16-69412.exe.dlm
[2013.01.30 19:51:03 | 000,000,585 | ---- | M] () -- C:\Users\Rupert Niko\Desktop\Start Download Manager.html
[2013.01.26 12:44:27 | 000,002,393 | ---- | M] () -- C:\Users\Rupert Niko\Desktop\Google Chrome.lnk
[2013.01.25 06:23:38 | 000,042,880 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2013.01.21 19:00:28 | 000,076,343 | ---- | M] () -- C:\Users\Rupert Niko\Desktop\urbans gfs.odt
[2013.01.17 20:33:47 | 000,139,832 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013.01.17 20:33:41 | 000,281,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2013.01.17 20:25:37 | 000,281,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2013.01.17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.01.15 19:31:33 | 000,002,737 | ---- | M] () -- C:\Users\Public\Desktop\Mouse Editor.lnk
[2013.01.14 14:48:28 | 000,001,046 | ---- | M] () -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2013.01.12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.09 18:24:59 | 000,438,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.09 16:53:16 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.01.09 16:53:16 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.01.08 00:35:07 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497382121-3916464205-3174431237-1000Core.job
[2013.01.06 18:04:17 | 000,001,072 | ---- | M] () -- C:\Users\Rupert Niko\Desktop\EVEREST Home Edition.lnk
[2013.01.06 02:30:02 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2013.01.05 18:50:14 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.01.05 18:39:28 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.01.05 18:36:01 | 152,249,762 | ---- | M] () -- C:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
[2013.01.05 18:31:25 | 016,381,530 | ---- | M] () -- C:\Users\Rupert Niko\Documents\Sportzusammenfassung-1.rtf
[2013.01.05 03:29:06 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.01.04 22:49:05 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.04 21:18:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.01.04 21:18:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.01.04 21:18:27 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.01.04 21:18:27 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013.01.04 21:18:27 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.01.04 21:18:27 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.01.04 21:18:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.01.04 21:18:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.01.04 21:18:27 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.01.04 21:18:27 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.01.04 21:18:17 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.01.04 21:18:17 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.01.04 21:18:17 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.01.04 21:18:17 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.01.04 21:18:17 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.01.04 21:18:17 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.01.04 21:18:17 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.01.04 21:18:17 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.01.04 21:18:17 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013.01.04 21:18:17 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.01.04 21:18:16 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.01.04 21:18:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.01.04 21:18:14 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.01.04 21:18:13 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.01.04 21:18:12 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013.01.04 21:18:12 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013.01.04 21:18:12 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.01.04 21:18:12 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013.01.04 21:18:12 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.01.04 21:18:12 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.01.04 01:26:28 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2013.01.03 22:13:42 | 000,001,939 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2013.01.03 22:13:42 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2013.01.03 21:21:07 | 000,000,805 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013.01.03 21:07:02 | 000,116,189 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2013.01.03 21:07:02 | 000,098,168 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2013.01.03 20:41:34 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2013.01.03 20:19:14 | 000,055,513 | ---- | M] () -- C:\Windows\System32\license.rtf
[2013.01.03 20:18:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.01.03 20:17:29 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.01.03 20:17:29 | 000,000,000 | ---- | M] () -- C:\Windows\System32\atiicdxx.dat
[2013.01.03 20:13:40 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
 
========== Files Created - No Company Name ==========
 
[2013.02.01 15:39:19 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.30 19:51:02 | 340,508,784 | ---- | C] () -- C:\Users\Rupert Niko\Documents\X16-69412.exe.dlm
[2013.01.30 19:50:57 | 000,000,585 | ---- | C] () -- C:\Users\Rupert Niko\Desktop\Start Download Manager.html
[2013.01.25 06:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2013.01.21 18:29:38 | 000,076,343 | ---- | C] () -- C:\Users\Rupert Niko\Desktop\urbans gfs.odt
[2013.01.15 19:31:32 | 000,002,737 | ---- | C] () -- C:\Users\Public\Desktop\Mouse Editor.lnk
[2013.01.14 14:48:28 | 000,001,046 | ---- | C] () -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2013.01.06 18:04:17 | 000,001,072 | ---- | C] () -- C:\Users\Rupert Niko\Desktop\EVEREST Home Edition.lnk
[2013.01.06 13:22:05 | 000,139,832 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013.01.06 00:54:07 | 000,281,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2013.01.06 00:54:07 | 000,281,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0
[2013.01.06 00:53:46 | 000,281,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2013.01.06 00:53:40 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013.01.06 00:29:45 | 002,900,505 | ---- | C] () -- C:\Users\Rupert Niko\Desktop\L1060940.JPG
[2013.01.05 18:50:14 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.01.05 18:39:28 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.01.05 18:34:06 | 152,249,762 | ---- | C] () -- C:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
[2013.01.05 18:31:25 | 016,381,530 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Sportzusammenfassung-1.rtf
[2013.01.05 03:29:06 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.01.04 23:06:59 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.01.04 23:04:40 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.01.04 22:49:05 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.04 22:45:15 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.01.04 21:18:17 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.01.04 01:26:28 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2013.01.03 22:13:42 | 000,001,939 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2013.01.03 22:13:42 | 000,001,859 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2013.01.03 22:13:42 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2013.01.03 21:32:06 | 000,002,393 | ---- | C] () -- C:\Users\Rupert Niko\Desktop\Google Chrome.lnk
[2013.01.03 21:25:25 | 000,001,144 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497382121-3916464205-3174431237-1000UA.job
[2013.01.03 21:25:23 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497382121-3916464205-3174431237-1000Core.job
[2013.01.03 21:21:07 | 000,000,805 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013.01.03 20:42:42 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2013.01.03 20:42:42 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2013.01.03 20:41:02 | 001,313,792 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Viana364.exe
[2013.01.03 20:41:00 | 028,032,080 | ---- | C] () -- C:\Users\Rupert Niko\Documents\UT3Demo.exe
[2013.01.03 20:40:33 | 003,196,451 | ---- | C] () -- C:\Users\Rupert Niko\Documents\unitag_flyer_2011.pdf
[2013.01.03 20:40:33 | 000,000,816 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Universal Soldier.tbc
[2013.01.03 20:40:28 | 003,320,642 | ---- | C] () -- C:\Users\Rupert Niko\Documents\test2011-08-28T15_4.tcx
[2013.01.03 20:40:28 | 000,962,586 | ---- | C] () -- C:\Users\Rupert Niko\Documents\PAPA25.09.2011 17_05_24_history.tcx
[2013.01.03 20:40:28 | 000,392,520 | ---- | C] () -- C:\Users\Rupert Niko\Documents\portal.jpg
[2013.01.03 20:40:28 | 000,063,135 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Rupertbayern.zip
[2013.01.03 20:40:28 | 000,009,592 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Track.gdb
[2013.01.03 20:40:28 | 000,000,914 | ---- | C] () -- C:\Users\Rupert Niko\Documents\shyvana.LRI
[2013.01.03 20:40:28 | 000,000,824 | ---- | C] () -- C:\Users\Rupert Niko\Documents\The Fighters.tbc
[2013.01.03 20:40:28 | 000,000,704 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Pulp Fiction Englisch.tbc
[2013.01.03 20:40:28 | 000,000,445 | ---- | C] () -- C:\Users\Rupert Niko\Documents\poppydominion.LRI
[2013.01.03 20:40:28 | 000,000,444 | ---- | C] () -- C:\Users\Rupert Niko\Documents\TEst2.o
[2013.01.03 20:40:28 | 000,000,173 | ---- | C] () -- C:\Users\Rupert Niko\Documents\test3.c
[2013.01.03 20:40:28 | 000,000,151 | ---- | C] () -- C:\Users\Rupert Niko\Documents\test.cpp
[2013.01.03 20:40:28 | 000,000,082 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Test.c
[2013.01.03 20:40:28 | 000,000,018 | ---- | C] () -- C:\Users\Rupert Niko\Documents\TEst2.cpp
[2013.01.03 20:40:27 | 004,158,021 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Papa3.7.11.tcx
[2013.01.03 20:40:27 | 000,972,427 | ---- | C] () -- C:\Users\Rupert Niko\Documents\PAPA18.09.2011 16_48_32_history.tcx
[2013.01.03 20:40:27 | 000,781,354 | ---- | C] () -- C:\Users\Rupert Niko\Documents\PAPA08.10.2011 17_55_06_history.tcx
[2013.01.03 20:40:27 | 000,678,948 | ---- | C] () -- C:\Users\Rupert Niko\Documents\PAPA03.10.2011 17_35_53_history.tcx
[2013.01.03 20:40:26 | 000,566,293 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Coalesced.ini
[2013.01.03 20:40:26 | 000,392,520 | ---- | C] () -- C:\Users\Rupert Niko\Documents\cod4frag.jpg
[2013.01.03 20:40:26 | 000,046,883 | ---- | C] () -- C:\Users\Rupert Niko\Documents\MassEffectKonfigurationsbericht2011-06-22.xml
[2013.01.03 20:40:26 | 000,001,260 | ---- | C] () -- C:\Users\Rupert Niko\Documents\fluch der Karibik.tbc
[2013.01.03 20:40:26 | 000,000,824 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Hallo.dev
[2013.01.03 20:40:26 | 000,000,767 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Makefile.win
[2013.01.03 20:40:26 | 000,000,740 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Bad Boys 2.tbc
[2013.01.03 20:40:26 | 000,000,663 | ---- | C] () -- C:\Users\Rupert Niko\Documents\ashe.LRI
[2013.01.03 20:40:26 | 000,000,480 | ---- | C] () -- C:\Users\Rupert Niko\Documents\nocturne.LRI
[2013.01.03 20:40:26 | 000,000,410 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Cloverfield.tbc
[2013.01.03 20:40:26 | 000,000,145 | ---- | C] () -- C:\Users\Rupert Niko\Documents\main.c
[2013.01.03 20:40:23 | 113,740,808 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Antigone.comicdoc
[2013.01.03 20:40:23 | 003,521,733 | ---- | C] () -- C:\Users\Rupert Niko\Documents\2011-05-08T16_3gekürzt.tcx
[2013.01.03 20:40:23 | 002,673,660 | ---- | C] () -- C:\Users\Rupert Niko\Documents\30.07.2011 10_49_47_history.tcx
[2013.01.03 20:40:23 | 002,044,018 | ---- | C] () -- C:\Users\Rupert Niko\Documents\31.05.2011 18_34_53_history.tcx
[2013.01.03 20:40:23 | 000,845,114 | ---- | C] () -- C:\Users\Rupert Niko\Documents\29.12.2010 15_39_59_history.tcx
[2013.01.03 20:40:23 | 000,701,219 | ---- | C] () -- C:\Users\Rupert Niko\Documents\29.10.2011 16_03_17_history.tcx
[2013.01.03 20:40:23 | 000,605,250 | ---- | C] () -- C:\Users\Rupert Niko\Documents\31.12.2010 16_19_48_history.tcx
[2013.01.03 20:40:23 | 000,490,585 | ---- | C] () -- C:\Users\Rupert Niko\Documents\28.12.2011 14_04_38_history.tcx
[2013.01.03 20:40:23 | 000,462,778 | ---- | C] () -- C:\Users\Rupert Niko\Documents\28.09.2011 19_22_56_history.tcx
[2013.01.03 20:40:23 | 000,291,214 | ---- | C] () -- C:\Users\Rupert Niko\Documents\31.01.2012 18_38_34_history.tcx
[2013.01.03 20:40:23 | 000,001,636 | ---- | C] () -- C:\Users\Rupert Niko\Documents\30.04.2011 16_03_13_history.tcx
[2013.01.03 20:40:23 | 000,001,635 | ---- | C] () -- C:\Users\Rupert Niko\Documents\29.03.2011 18_32_14_history.tcx
[2013.01.03 20:40:23 | 000,000,696 | ---- | C] () -- C:\Users\Rupert Niko\Documents\ahri.LRI
[2013.01.03 20:40:22 | 004,355,627 | ---- | C] () -- C:\Users\Rupert Niko\Documents\28.08.2011PAPA 17_45_24_history.tcx
[2013.01.03 20:40:22 | 003,284,207 | ---- | C] () -- C:\Users\Rupert Niko\Documents\28.05.2011 16_05_35_history.tcx
[2013.01.03 20:40:22 | 002,444,266 | ---- | C] () -- C:\Users\Rupert Niko\Documents\26.07.2011 18_32_19_history.tcx
[2013.01.03 20:40:22 | 001,985,698 | ---- | C] () -- C:\Users\Rupert Niko\Documents\27.08.2011 16_02_07_history.tcx
[2013.01.03 20:40:22 | 001,982,930 | ---- | C] () -- C:\Users\Rupert Niko\Documents\28.06.2011 18_33_59_history.tcx
[2013.01.03 20:40:22 | 000,829,996 | ---- | C] () -- C:\Users\Rupert Niko\Documents\27.12.2010 10_08_13_history.tcx
[2013.01.03 20:40:22 | 000,685,240 | ---- | C] () -- C:\Users\Rupert Niko\Documents\26.12.2010 11_43_35_history.tcx
[2013.01.03 20:40:22 | 000,685,240 | ---- | C] () -- C:\Users\Rupert Niko\Documents\26.12.2010 11_43_35_history.gpx
[2013.01.03 20:40:22 | 000,608,859 | ---- | C] () -- C:\Users\Rupert Niko\Documents\27.02.2011 17_17_09_history.tcx
[2013.01.03 20:40:22 | 000,506,432 | ---- | C] () -- C:\Users\Rupert Niko\Documents\25.01.2011 18_32_01_history.tcx
[2013.01.03 20:40:22 | 000,483,793 | ---- | C] () -- C:\Users\Rupert Niko\Documents\24.03.2011 18_49_52_history.tcx
[2013.01.03 20:40:22 | 000,441,524 | ---- | C] () -- C:\Users\Rupert Niko\Documents\23.02.2011 19_40_08_history.tcx
[2013.01.03 20:40:22 | 000,298,864 | ---- | C] () -- C:\Users\Rupert Niko\Documents\22.09.2011 18_23_57_history.tcx
[2013.01.03 20:40:22 | 000,293,049 | ---- | C] () -- C:\Users\Rupert Niko\Documents\24.09.2011 16_01_25_history.tcx
[2013.01.03 20:40:22 | 000,243,820 | ---- | C] () -- C:\Users\Rupert Niko\Documents\22.09.2011 16_48_25_history.tcx
[2013.01.03 20:40:22 | 000,040,865 | ---- | C] () -- C:\Users\Rupert Niko\Documents\22.09.2011 18_18_03_history.tcx
[2013.01.03 20:40:22 | 000,001,636 | ---- | C] () -- C:\Users\Rupert Niko\Documents\23.04.2011 16_03_15_history.tcx
[2013.01.03 20:40:22 | 000,001,634 | ---- | C] () -- C:\Users\Rupert Niko\Documents\27.03.2011 15_33_10_history.tcx
[2013.01.03 20:40:22 | 000,001,634 | ---- | C] () -- C:\Users\Rupert Niko\Documents\26.04.2011 20_14_01_history.tcx
[2013.01.03 20:40:21 | 003,916,358 | ---- | C] () -- C:\Users\Rupert Niko\Documents\16.07.2011 16_02_46_history.tcx
[2013.01.03 20:40:21 | 003,654,376 | ---- | C] () -- C:\Users\Rupert Niko\Documents\15.05.2011 18_35_43_history.tcx
[2013.01.03 20:40:21 | 003,449,196 | ---- | C] () -- C:\Users\Rupert Niko\Documents\22.05.2011 09_00_00_history.tcx
[2013.01.03 20:40:21 | 002,990,898 | ---- | C] () -- C:\Users\Rupert Niko\Documents\13.08.2011 19_22_42_history.tcx
[2013.01.03 20:40:21 | 002,479,692 | ---- | C] () -- C:\Users\Rupert Niko\Documents\16.02.2011 19_31_39_history.tcx
[2013.01.03 20:40:21 | 002,160,295 | ---- | C] () -- C:\Users\Rupert Niko\Documents\17.05.2011 18_37_03_history.tcx
[2013.01.03 20:40:21 | 002,135,009 | ---- | C] () -- C:\Users\Rupert Niko\Documents\21.07.2011 16_14_20_history.tcx
[2013.01.03 20:40:21 | 001,264,119 | ---- | C] () -- C:\Users\Rupert Niko\Documents\21.05.2011 17_55_36_history.tcx
[2013.01.03 20:40:21 | 000,857,441 | ---- | C] () -- C:\Users\Rupert Niko\Documents\19.03.2011 16_02_40_history.tcx
[2013.01.03 20:40:21 | 000,704,073 | ---- | C] () -- C:\Users\Rupert Niko\Documents\19.02.2011 16_02_06_history.tcx
[2013.01.03 20:40:21 | 000,675,154 | ---- | C] () -- C:\Users\Rupert Niko\Documents\17.04.2012 19_14_39_history.tcx
[2013.01.03 20:40:21 | 000,606,423 | ---- | C] () -- C:\Users\Rupert Niko\Documents\19.01.2011 19_16_07_history.tcx
[2013.01.03 20:40:21 | 000,554,130 | ---- | C] () -- C:\Users\Rupert Niko\Documents\14.01.2011 20_29_20_history.tcx
[2013.01.03 20:40:21 | 000,546,190 | ---- | C] () -- C:\Users\Rupert Niko\Documents\13.09.2011 18_35_15_history.tcx
[2013.01.03 20:40:21 | 000,501,817 | ---- | C] () -- C:\Users\Rupert Niko\Documents\15.10.2011 16_02_42_history.tcx
[2013.01.03 20:40:21 | 000,478,098 | ---- | C] () -- C:\Users\Rupert Niko\Documents\20.12.2011 18_32_36_history.tcx
[2013.01.03 20:40:21 | 000,375,300 | ---- | C] () -- C:\Users\Rupert Niko\Documents\21.01.2012 16_24_25_history.tcx
[2013.01.03 20:40:21 | 000,366,618 | ---- | C] () -- C:\Users\Rupert Niko\Documents\22.02.2011 18_33_10_history.tcx
[2013.01.03 20:40:21 | 000,201,002 | ---- | C] () -- C:\Users\Rupert Niko\Documents\17.06.2011 19_04_44_history.tcx
[2013.01.03 20:40:21 | 000,004,291 | ---- | C] () -- C:\Users\Rupert Niko\Documents\22.04.2011 11_12_46_history.tcx
[2013.01.03 20:40:21 | 000,003,955 | ---- | C] () -- C:\Users\Rupert Niko\Documents\19.07.2011 18_32_48_history.tcx
[2013.01.03 20:40:21 | 000,001,635 | ---- | C] () -- C:\Users\Rupert Niko\Documents\17.04.2011 11_27_06_history.tcx
[2013.01.03 20:40:20 | 004,619,400 | ---- | C] () -- C:\Users\Rupert Niko\Documents\08.05.2011 18_32_04_history.tcx
[2013.01.03 20:40:20 | 004,619,400 | ---- | C] () -- C:\Users\Rupert Niko\Documents\08.05.2011 18_32_04_history (2).tcx
[2013.01.03 20:40:20 | 003,412,692 | ---- | C] () -- C:\Users\Rupert Niko\Documents\11.06.2011 16_03_45_history.tcx
[2013.01.03 20:40:20 | 003,258,528 | ---- | C] () -- C:\Users\Rupert Niko\Documents\10.07.2011 18_37_11_history.tcx
[2013.01.03 20:40:20 | 002,757,972 | ---- | C] () -- C:\Users\Rupert Niko\Documents\13.02.2011 17_43_39_history.tcx
[2013.01.03 20:40:20 | 002,708,503 | ---- | C] () -- C:\Users\Rupert Niko\Documents\11.08.2011 18_30_14_history.tcx
[2013.01.03 20:40:20 | 002,402,413 | ---- | C] () -- C:\Users\Rupert Niko\Documents\10.05.2011 18_35_43_history.tcx
[2013.01.03 20:40:20 | 002,095,238 | ---- | C] () -- C:\Users\Rupert Niko\Documents\07.06.2011 18_35_05_history.tcx
[2013.01.03 20:40:20 | 000,799,903 | ---- | C] () -- C:\Users\Rupert Niko\Documents\12.03.2011 16_02_20_history.tcx
[2013.01.03 20:40:20 | 000,701,660 | ---- | C] () -- C:\Users\Rupert Niko\Documents\05.03.2011 16_01_46_history.tcx
[2013.01.03 20:40:20 | 000,671,531 | ---- | C] () -- C:\Users\Rupert Niko\Documents\06.02.2011 15_59_33_history.tcx
[2013.01.03 20:40:20 | 000,489,352 | ---- | C] () -- C:\Users\Rupert Niko\Documents\05.05.2012 18_42_50_history.tcx
[2013.01.03 20:40:20 | 000,447,813 | ---- | C] () -- C:\Users\Rupert Niko\Documents\08.02.2011 18_31_49_history.tcx
[2013.01.03 20:40:20 | 000,416,531 | ---- | C] () -- C:\Users\Rupert Niko\Documents\11.10.2011 16_09_03_history.tcx
[2013.01.03 20:40:20 | 000,409,767 | ---- | C] () -- C:\Users\Rupert Niko\Documents\07.02.2012 18_35_28_history.tcx
[2013.01.03 20:40:20 | 000,403,541 | ---- | C] () -- C:\Users\Rupert Niko\Documents\08.03.2011 18_32_07_history.tcx
[2013.01.03 20:40:20 | 000,379,361 | ---- | C] () -- C:\Users\Rupert Niko\Documents\11.01.2011 18_33_00_history.tcx
[2013.01.03 20:40:20 | 000,374,169 | ---- | C] () -- C:\Users\Rupert Niko\Documents\04.10.2011 18_32_46_history.tcx
[2013.01.03 20:40:20 | 000,360,332 | ---- | C] () -- C:\Users\Rupert Niko\Documents\06.02.2011 12_00_01_history.tcx
[2013.01.03 20:40:20 | 000,265,195 | ---- | C] () -- C:\Users\Rupert Niko\Documents\06.01.2011 18_32_22_history.tcx
[2013.01.03 20:40:20 | 000,261,036 | ---- | C] () -- C:\Users\Rupert Niko\Documents\11.05.2012 21_19_55_history.tcx
[2013.01.03 20:40:20 | 000,001,960 | ---- | C] () -- C:\Users\Rupert Niko\Documents\10.04.2011 09_30_01_history.tcx
[2013.01.03 20:40:19 | 004,158,021 | ---- | C] () -- C:\Users\Rupert Niko\Documents\03.07.2011 18_12_18_history.tcx
[2013.01.03 20:40:19 | 003,291,041 | ---- | C] () -- C:\Users\Rupert Niko\Documents\04.06.2011 16_04_08_history.tcx
[2013.01.03 20:40:19 | 002,766,496 | ---- | C] () -- C:\Users\Rupert Niko\Documents\03.05.2011 18_34_02_history.tcx
[2013.01.03 20:40:19 | 002,563,071 | ---- | C] () -- C:\Users\Rupert Niko\Documents\02.08.2011 18_34_18_history.tcx
[2013.01.03 20:40:19 | 000,731,316 | ---- | C] () -- C:\Users\Rupert Niko\Documents\01.04.2012 18_17_02_history.tcx
[2013.01.03 20:40:19 | 000,623,151 | ---- | C] () -- C:\Users\Rupert Niko\Documents\04.02.2012 15_59_02_history.tcx
[2013.01.03 20:40:19 | 000,576,892 | ---- | C] () -- C:\Users\Rupert Niko\Documents\02.02.2011 19_25_16_history.tcx
[2013.01.03 20:40:19 | 000,557,013 | ---- | C] () -- C:\Users\Rupert Niko\Documents\03.12.2011 16_02_55_history.tcx
[2013.01.03 20:40:19 | 000,523,944 | ---- | C] () -- C:\Users\Rupert Niko\Documents\02.03.2011 19_18_39_history.tcx
[2013.01.03 20:40:19 | 000,483,239 | ---- | C] () -- C:\Users\Rupert Niko\Documents\02.01.2011 11_08_52_history.tcx
[2013.01.03 20:40:19 | 000,442,672 | ---- | C] () -- C:\Users\Rupert Niko\Documents\03.01.2012 18_34_45_history.tcx
[2013.01.03 20:40:19 | 000,441,427 | ---- | C] () -- C:\Users\Rupert Niko\Documents\01.03.2011 18_31_55_history.tcx
[2013.01.03 20:40:19 | 000,431,030 | ---- | C] () -- C:\Users\Rupert Niko\Documents\04.01.2011 18_34_53_history.tcx
[2013.01.03 20:40:19 | 000,001,634 | ---- | C] () -- C:\Users\Rupert Niko\Documents\03.04.2011 18_15_32_history.tcx
[2013.01.03 20:36:18 | 000,078,904 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Wochenaufsatz.xps
[2013.01.03 20:36:18 | 000,000,456 | ---- | C] () -- C:\Users\Rupert Niko\Documents\Xfire.lnk
[2013.01.03 20:36:18 | 000,000,000 | ---- | C] () -- C:\Users\Rupert Niko\Documents\WinRAR-Archiv (neu).rar
[2013.01.03 20:29:57 | 000,001,413 | ---- | C] () -- C:\Users\Rupert Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.01.03 20:19:01 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.01.03 20:18:54 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.01.03 20:18:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.01.03 20:17:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.01.03 20:17:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013.01.03 20:14:42 | 2414,731,264 | -HS- | C] () -- C:\hiberfil.sys
[2013.01.03 20:13:40 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2013.01.03 20:13:38 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2011.04.12 02:30:05 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 02:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 02:30:05 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 02:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.01.09 16:54:13 | 000,000,000 | ---D | M] -- C:\Users\Rupert Niko\AppData\Roaming\.minecraft
[2013.01.06 02:50:49 | 000,000,000 | ---D | M] -- C:\Users\Rupert Niko\AppData\Roaming\DAEMON Tools Lite
[2013.01.03 21:25:55 | 000,000,000 | ---D | M] -- C:\Users\Rupert Niko\AppData\Roaming\LolClient
[2013.01.05 18:50:59 | 000,000,000 | ---D | M] -- C:\Users\Rupert Niko\AppData\Roaming\OpenOffice.org
[2013.01.06 03:11:24 | 000,000,000 | ---D | M] -- C:\Users\Rupert Niko\AppData\Roaming\Ubisoft
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---


OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 01.02.2013 17:59:10 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Rupert Niko\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 58,03% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 178,66 Gb Free Space | 39,18% Space Free | Partition Type: NTFS
Drive D: | 732,42 Gb Total Space | 132,62 Gb Free Space | 18,11% Space Free | Partition Type: NTFS
Drive E: | 199,09 Gb Total Space | 28,22 Gb Free Space | 14,18% Space Free | Partition Type: NTFS
Drive F: | 69,71 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 5,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: HOME-PC | User Name: Rupert Niko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B32B86-FB4B-4F6C-96E0-C0185A65CC83}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{271CBEA2-552D-4B1B-9402-66383476C904}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{31DF21C9-D5FB-4286-81D8-6C9A04BFA6C2}" = rport=138 | protocol=17 | dir=out | app=system | 
"{42D55EA1-E081-4C1B-8764-52465E871D53}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{43F380FD-4877-490F-A4DC-22355E5D9AE6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{498217D6-1370-4800-BB59-D725460D64A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{589E783F-C6F6-495E-94DC-8DC38CFB429F}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{5CA2CA79-37E4-4E09-A348-E338232FA420}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{6B0E2864-064B-4AAC-9DFE-474DAE94FDD5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7F31D7BD-D811-4624-96E0-8A8AB05EC13A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{8321B08F-2B6F-4B75-A941-FC5246E4E134}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{8D61DBF6-5AA0-40D0-9243-EB02E334DD78}" = lport=445 | protocol=6 | dir=in | app=system | 
"{94956392-F3AC-4030-BED3-E710A9F170CE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9A4239BC-C855-4F2A-B7B9-FE6F60575286}" = lport=138 | protocol=17 | dir=in | app=system | 
"{9B05F722-5AAA-4380-9461-8085EF8BA93A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9BB88E02-02CC-47E4-AC94-AC08F2AABF2E}" = rport=445 | protocol=6 | dir=out | app=system | 
"{9EEB1065-385F-4F33-B904-5ED832F140B3}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A813ABCE-E050-4C2E-9174-F38E7C658E86}" = lport=137 | protocol=17 | dir=in | app=system | 
"{AFA30BBC-1DB3-4AC0-BB87-69D0A0933C2F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B1574F00-4E1D-4C32-9C84-EBDE785A6163}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C16FAAE5-4B2D-4303-95DE-BC8CBA64EEAC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C1AB6AEF-D92E-4484-8FB6-76833BE0046C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{DC158116-62CB-480A-B198-4DBCC4F194C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F4ED1ED7-78BF-4DC9-AEC5-44FAE2BBB2B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051ABE96-AE22-49F5-B5D3-A59A47D1C022}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{187EB4E1-ABC0-43E3-A5CF-9D1AB7828D7E}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{1E5DFA7D-CCF3-4A39-B1B2-C58D3BDFF3BF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{1F018B6B-78AF-4BC4-9E57-F72367557092}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2D189199-DE1A-4DB1-BCAE-950BBB75E3D7}" = protocol=17 | dir=in | app=d:\anno 2070 again\anno5.exe | 
"{38D1CD77-6548-48A4-BEFF-B5404D26B76F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{42912EF0-2CD8-49B1-8FDF-D7C5F2B371F0}" = protocol=6 | dir=in | app=d:\anno 2070 again\initengine.exe | 
"{57D5D19A-818A-4F99-AC84-011186A62DED}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5A066EF7-2E78-4D21-B55C-D117F708E032}" = protocol=17 | dir=in | app=d:\anno 2070 again\initengine.exe | 
"{6D96D4D6-7FE0-468E-AA62-9C4B9BE91CC8}" = protocol=6 | dir=in | app=l:\c_users_nikolai polley\saved games\steam\steam.exe | 
"{6DB3B440-2CF6-4130-83CF-7228734E4E37}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{765EF2CF-7CD7-4AD0-81FD-CDEF6098E5F2}" = protocol=6 | dir=in | app=d:\anno 2070 again\autopatcher.exe | 
"{8A981916-B3ED-445A-8B76-A1BA52EF3CCC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{8E45E218-06C7-4B3F-9728-04900F332191}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{916751FF-E9A8-4009-BAA3-02A5FFBF1EE3}" = protocol=6 | dir=out | app=system | 
"{9DBF3E74-558E-427B-AD74-1EFD55BE904D}" = protocol=17 | dir=in | app=l:\c_users_nikolai polley\saved games\steam\steam.exe | 
"{9E8EA3CA-9E19-4AB0-9EF1-632C24FC27FA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{AAC273CF-E650-419A-99FD-18FF3AEF3E14}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AE853E18-8CCF-4F4D-A829-4853CF2E9A16}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{AF14C8A5-2DBF-435C-816D-611D43A7DCD6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B91E1019-0768-4598-AD3B-42DF444C232D}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{C34FC1E2-164F-4595-8328-5723A38813FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D067D79F-6ABD-448B-9FC8-74D29F37E644}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{D29DE4CC-7932-44BC-8FD2-19422097E3B0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{D85CF51D-A94E-45B7-9C13-A0B31F5B53B7}" = protocol=6 | dir=in | app=d:\anno 2070 again\anno5.exe | 
"{E3F0982C-95F8-4F0B-8058-B8DFB90DA3E7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E888D2BA-73FA-4E4A-8977-6D5E069C6950}" = protocol=17 | dir=in | app=d:\anno 2070 again\autopatcher.exe | 
"{EC2C1C0C-51E7-4AE0-ADE4-B603DDB46476}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F22EF893-ED71-467E-9EFF-A0CB4117B813}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FBA3CDE3-2840-43CC-A70D-7947807FFBD2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}" = Microsoft Application Compatibility Toolkit 5.6
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 11
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE 
"{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72376EB6-0189-45B3-A4F6-823F549697C3}" = MOUSE Editor
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{86085e53-ff85-4daa-835c-50ec31c29f95}.sdb" = xfire
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"DAEMON Tools Lite" = DAEMON Tools Lite
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"InstallShield_{72376EB6-0189-45B3-A4F6-823F549697C3}" = Mouse Editor
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PROR" = Microsoft Office Professional 2007
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"Xfire" = Xfire
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-497382121-3916464205-3174431237-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"Google Chrome" = Google Chrome
"SOE-PlanetSide 2 PSG" = PlanetSide 2
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.01.2013 11:33:52 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 26.01.2013 12:09:22 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.01.2013 08:21:57 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.01.2013 09:19:33 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.01.2013 10:41:17 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.01.2013 16:18:51 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 30.01.2013 12:44:13 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 31.01.2013 06:19:11 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 01.02.2013 08:53:33 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 01.02.2013 12:50:42 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 29.01.2013 09:17:49 | Computer Name = Home-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?01.?2013 um 15:58:09 unerwartet heruntergefahren.
 
Error - 29.01.2013 11:14:33 | Computer Name = Home-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von 
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
 Firmware verfügbar ist.
 
Error - 29.01.2013 12:25:24 | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 29.01.2013 16:17:07 | Computer Name = Home-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?01.?2013 um 19:46:33 unerwartet heruntergefahren.
 
Error - 30.01.2013 15:11:17 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 31.01.2013 06:17:33 | Computer Name = Home-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?30.?01.?2013 um 20:03:21 unerwartet heruntergefahren.
 
Error - 01.02.2013 08:51:53 | Computer Name = Home-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?31.?01.?2013 um 12:12:21 unerwartet heruntergefahren.
 
Error - 01.02.2013 09:29:31 | Computer Name = Home-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von 
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
 Firmware verfügbar ist.
 
Error - 01.02.2013 10:14:41 | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 01.02.2013 10:14:41 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Netman erreicht.
 
 
< End of report >
--- --- ---
__________________
Alt 01.02.2013, 18:32   #4
t'john
/// Helfer-Team
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


danach:


Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
__________________
Mfg, t'john
Das TB unterstützen

Alt 04.02.2013, 14:54   #5
rupertbayern
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1017

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.512000 GHz
Memory total: 3219644416, free: 1505820672

------------ Kernel report ------------
     02/04/2013 13:15:23
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\DRIVERS\klbg.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\CSCrySec.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\nvstor.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\pvavsaud.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\CSVirtualDiskDrv.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdk8.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\smserial.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvm62x32.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk6\DR6
Upper Device Object: 0xffffffff85377030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000086\
Lower Device Object: 0xffffffff851a49d0
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xffffffff86d0aac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006f\
Lower Device Object: 0xffffffff86d02920
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xffffffff86d08ac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006e\
Lower Device Object: 0xffffffff86d02ca8
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xffffffff864c1ac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006d\
Lower Device Object: 0xffffffff86cff4a8
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff86d067b8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006c\
Lower Device Object: 0xffffffff86cef9c0
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff85fba030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000005e\
Lower Device Object: 0xffffffff84fb1c68
Lower Device Driver Name: \Driver\nvstor\
Driver name found: nvstor
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\storport.sys (0x0)
IRP handler 0 hooked
IRP handler 2 hooked
IRP handler 14 hooked
IRP handler 15 hooked
IRP handler 22 hooked
IRP handler 23 hooked
IRP handler 27 hooked
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff85fb99a8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000005d\
Lower Device Object: 0xffffffff858afb60
Lower Device Driver Name: \Driver\nvstor\
Driver name found: nvstor
Downloaded database version: v2013.02.04.04
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff85fb99a8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85fb95e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85fb99a8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff858b1a48, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff858afb60, DeviceName: \Device\0000005d\, DriverName: \Driver\nvstor\
------------ End ----------
Upper DeviceData: 0xffffffffe9b664b0, 0xffffffff85fb99a8, 0xffffffff85b03ac8
Lower DeviceData: 0xffffffffcabff048, 0xffffffff858afb60, 0xffffffff85837448
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 859AB77

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 956285127
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 956285190  Numsec = 20482875

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff85fba030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85fb9158, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85fba030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff84fb1b40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff84fb1c68, DeviceName: \Device\0000005e\, DriverName: \Driver\nvstor\
------------ End ----------
Upper DeviceData: 0xffffffffe9b6c638, 0xffffffff85fba030, 0xffffffff859c4048
Lower DeviceData: 0xffffffffe3f61980, 0xffffffff84fb1c68, 0xffffffff85968cc0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C1B9DD40

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1536000000

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1536002048  Numsec = 417519616

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff86d067b8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff84fa67a8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86d067b8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86cef9c0, DeviceName: \Device\0000006c\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff864c1ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86d06d10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff864c1ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86cff4a8, DeviceName: \Device\0000006d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff86d08ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86cf0020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86d08ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86d02ca8, DeviceName: \Device\0000006e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xffffffff86d0aac8, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff864c17a8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86d0aac8, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86d02920, DeviceName: \Device\0000006f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 512
Drive: 6, DevicePointer: 0xffffffff85377030, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8509a020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85377030, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff851a49d0, DeviceName: \Device\00000086\, DriverName: \Driver\USBSTOR\
------------ End ----------
Upper DeviceData: 0xffffffffe3f12d50, 0xffffffff85377030, 0xffffffff85899048
Lower DeviceData: 0xffffffffe9abdc08, 0xffffffff851a49d0, 0xffffffff85967a68
Drive 6
Scanning MBR on drive 6...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18

Partition information:

    Partition 0 type is Other (0xb)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 15357952
    Partition file system is FAT32
    Partition is not bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 7864320000 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-04 14:18:15
-----------------------------
14:18:15.340    OS Version: Windows 6.1.7601 Service Pack 1
14:18:15.340    Number of processors: 2 586 0x6B01
14:18:15.387    ComputerName: HOME-PC  UserName: 
14:18:19.528    Initialize success
14:21:30.728    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
14:21:30.744    Disk 0 Vendor: ST350083 3.AA Size: 476940MB BusType: 3
14:21:30.744    Disk 1  \Device\Harddisk1\DR1 -> \Device\0000005e
14:21:30.744    Disk 1 Vendor: SAMSUNG_ 1AA0 Size: 953869MB BusType: 3
14:21:30.790    Disk 0 MBR read successfully
14:21:30.790    Disk 0 MBR scan
14:21:30.806    Disk 0 Windows 7 default MBR code
14:21:30.806    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       466936 MB offset 63
14:21:30.837    Disk 0 Partition 2 00     27 Hidden NTFS WinRE MSDOS5.0    10001 MB offset 956285190
14:21:30.853    Disk 0 scanning sectors +976768065
14:21:30.900    Disk 0 scanning C:\Windows\system32\drivers
14:21:41.102    Service scanning
14:22:08.854    Modules scanning
14:22:13.972    Disk 0 trace - called modules:
14:22:14.518    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor.sys 
14:22:14.534    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85fb99a8]
14:22:14.549    3 CLASSPNP.SYS[8ac0459e] -> nt!IofCallDriver -> [0x858b1a48]
14:22:14.565    5 ACPI.sys[8ac463d4] -> nt!IofCallDriver -> \Device\0000005d[0x858afb60]
14:22:14.565    Scan finished successfully
14:53:53.413    Disk 0 MBR has been saved successfully to "C:\Users\Rupert Niko\Desktop\MBR.dat"
14:53:53.425    The log file has been saved successfully to "C:\Users\Rupert Niko\Desktop\aswMBR.txt"


Alt 04.02.2013, 15:07   #6
t'john
/// Helfer-Team
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Das ist das falsche Anti-Rootkit Log, siehe Anleitung!


TDSSKiller von Kaspersky
- Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
- Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
- deaktiviere vorübergehend dein AntiVirus-Programm
- Starte die TDSSKiller.exe durch Doppelklick.
- Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
- Bestätige das ggfs. mit Y(es).
- Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
- Poste den Inhalt von C:\TDSSKiller.txt hier in den Thread.
Hier findest Du eine ausführlichere TDSSKiller Anleitung.
__________________
--> Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.

Alt 04.02.2013, 18:58   #7
rupertbayern
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Oh ja sorry
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.02.04.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Rupert Niko :: HOME-PC [administrator]

04.02.2013 13:29:36
mbar-log-2013-02-04 (13-29-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 26321
Time elapsed: 13 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Code:
ATTFilter
19:01:25.0851 4160  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:01:26.0038 4160  ============================================================
19:01:26.0038 4160  Current date / time: 2013/02/04 19:01:26.0038
19:01:26.0038 4160  SystemInfo:
19:01:26.0038 4160  
19:01:26.0038 4160  OS Version: 6.1.7601 ServicePack: 1.0
19:01:26.0038 4160  Product type: Workstation
19:01:26.0038 4160  ComputerName: HOME-PC
19:01:26.0038 4160  UserName: Rupert Niko
19:01:26.0038 4160  Windows directory: C:\Windows
19:01:26.0038 4160  System windows directory: C:\Windows
19:01:26.0038 4160  Processor architecture: Intel x86
19:01:26.0038 4160  Number of processors: 2
19:01:26.0038 4160  Page size: 0x1000
19:01:26.0038 4160  Boot type: Normal boot
19:01:26.0038 4160  ============================================================
19:01:27.0208 4160  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:01:27.0224 4160  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:01:27.0240 4160  ============================================================
19:01:27.0240 4160  \Device\Harddisk0\DR0:
19:01:27.0255 4160  MBR partitions:
19:01:27.0255 4160  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38FFC0C7
19:01:27.0255 4160  \Device\Harddisk1\DR1:
19:01:27.0255 4160  MBR partitions:
19:01:27.0255 4160  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x5B8D8000
19:01:27.0255 4160  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x5B8D8800, BlocksNum 0x18E2D800
19:01:27.0255 4160  ============================================================
19:01:27.0271 4160  C: <-> \Device\Harddisk0\DR0\Partition1
19:01:27.0318 4160  D: <-> \Device\Harddisk1\DR1\Partition1
19:01:27.0411 4160  E: <-> \Device\Harddisk1\DR1\Partition2
19:01:27.0411 4160  ============================================================
19:01:27.0411 4160  Initialize success
19:01:27.0411 4160  ============================================================
19:01:37.0224 3656  ============================================================
19:01:37.0224 3656  Scan started
19:01:37.0224 3656  Mode: Manual; SigCheck; TDLFS; 
19:01:37.0224 3656  ============================================================
19:01:38.0035 3656  ================ Scan system memory ========================
19:01:38.0035 3656  System memory - ok
19:01:38.0035 3656  ================ Scan services =============================
19:01:38.0160 3656  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
19:01:38.0253 3656  1394ohci - ok
19:01:38.0269 3656  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:01:38.0284 3656  ACPI - ok
19:01:38.0316 3656  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:01:38.0362 3656  AcpiPmi - ok
19:01:38.0394 3656  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:01:38.0425 3656  adp94xx - ok
19:01:38.0440 3656  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:01:38.0456 3656  adpahci - ok
19:01:38.0472 3656  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:01:38.0487 3656  adpu320 - ok
19:01:38.0518 3656  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:01:38.0628 3656  AeLookupSvc - ok
19:01:38.0659 3656  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
19:01:38.0721 3656  AFD - ok
19:01:38.0737 3656  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
19:01:38.0752 3656  agp440 - ok
19:01:38.0799 3656  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:01:38.0815 3656  aic78xx - ok
19:01:38.0877 3656  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
19:01:38.0940 3656  ALG - ok
19:01:38.0971 3656  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:01:39.0018 3656  aliide - ok
19:01:39.0049 3656  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:01:39.0064 3656  amdagp - ok
19:01:39.0080 3656  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:01:39.0096 3656  amdide - ok
19:01:39.0111 3656  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:01:39.0142 3656  AmdK8 - ok
19:01:39.0174 3656  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:01:39.0189 3656  AmdPPM - ok
19:01:39.0236 3656  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:01:39.0267 3656  amdsata - ok
19:01:39.0283 3656  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:01:39.0298 3656  amdsbs - ok
19:01:39.0345 3656  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:01:39.0361 3656  amdxata - ok
19:01:39.0376 3656  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
19:01:39.0423 3656  AppID - ok
19:01:39.0439 3656  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:01:39.0470 3656  AppIDSvc - ok
19:01:39.0486 3656  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
19:01:39.0517 3656  Appinfo - ok
19:01:39.0626 3656  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:01:39.0657 3656  Apple Mobile Device - ok
19:01:39.0688 3656  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:01:39.0735 3656  AppMgmt - ok
19:01:39.0766 3656  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\drivers\arc.sys
19:01:39.0798 3656  arc - ok
19:01:39.0798 3656  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:01:39.0813 3656  arcsas - ok
19:01:39.0829 3656  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:01:39.0907 3656  AsyncMac - ok
19:01:39.0954 3656  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
19:01:39.0969 3656  atapi - ok
19:01:40.0094 3656  [ 712D8A95E45B070114C5309ADA7358FF ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:01:40.0266 3656  atikmdag - ok
19:01:40.0297 3656  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:01:40.0375 3656  AudioEndpointBuilder - ok
19:01:40.0406 3656  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:01:40.0437 3656  Audiosrv - ok
19:01:40.0546 3656  [ A2B790F9A751F24F17967F9A5574186D ] AVP             C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
19:01:40.0593 3656  AVP - ok
19:01:40.0624 3656  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:01:40.0671 3656  AxInstSV - ok
19:01:40.0718 3656  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
19:01:40.0765 3656  b06bdrv - ok
19:01:40.0796 3656  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
19:01:40.0843 3656  b57nd60x - ok
19:01:40.0890 3656  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:01:40.0921 3656  BDESVC - ok
19:01:40.0983 3656  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:01:41.0061 3656  Beep - ok
19:01:41.0108 3656  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
19:01:41.0170 3656  BFE - ok
19:01:41.0202 3656  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
19:01:41.0264 3656  BITS - ok
19:01:41.0280 3656  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:01:41.0295 3656  blbdrive - ok
19:01:41.0389 3656  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:01:41.0404 3656  Bonjour Service - ok
19:01:41.0451 3656  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:01:41.0482 3656  bowser - ok
19:01:41.0514 3656  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:01:41.0545 3656  BrFiltLo - ok
19:01:41.0560 3656  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:01:41.0592 3656  BrFiltUp - ok
19:01:41.0623 3656  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
19:01:41.0654 3656  Browser - ok
19:01:41.0701 3656  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:01:41.0763 3656  Brserid - ok
19:01:41.0794 3656  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:01:41.0826 3656  BrSerWdm - ok
19:01:41.0841 3656  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:01:41.0888 3656  BrUsbMdm - ok
19:01:41.0888 3656  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:01:41.0919 3656  BrUsbSer - ok
19:01:41.0935 3656  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:01:41.0966 3656  BTHMODEM - ok
19:01:42.0013 3656  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
19:01:42.0044 3656  bthserv - ok
19:01:42.0075 3656  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:01:42.0106 3656  cdfs - ok
19:01:42.0138 3656  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:01:42.0169 3656  cdrom - ok
19:01:42.0216 3656  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:01:42.0247 3656  CertPropSvc - ok
19:01:42.0278 3656  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:01:42.0294 3656  circlass - ok
19:01:42.0309 3656  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
19:01:42.0325 3656  CLFS - ok
19:01:42.0387 3656  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:01:42.0418 3656  clr_optimization_v2.0.50727_32 - ok
19:01:42.0512 3656  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:01:42.0559 3656  clr_optimization_v4.0.30319_32 - ok
19:01:42.0574 3656  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:01:42.0606 3656  CmBatt - ok
19:01:42.0637 3656  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:01:42.0652 3656  cmdide - ok
19:01:42.0699 3656  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:01:42.0730 3656  CNG - ok
19:01:42.0730 3656  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:01:42.0746 3656  Compbatt - ok
19:01:42.0762 3656  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:01:42.0808 3656  CompositeBus - ok
19:01:42.0808 3656  COMSysApp - ok
19:01:42.0840 3656  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:01:42.0855 3656  crcdisk - ok
19:01:42.0886 3656  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:01:42.0918 3656  CryptSvc - ok
19:01:42.0964 3656  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
19:01:43.0011 3656  CSC - ok
19:01:43.0042 3656  [ 5CBF20674BE8364FEBB6A13451A42F0A ] CSCrySec        C:\Windows\system32\DRIVERS\CSCrySec.sys
19:01:43.0074 3656  CSCrySec - ok
19:01:43.0089 3656  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
19:01:43.0152 3656  CscService - ok
19:01:43.0198 3656  [ 6E5B42219F1FE4A3D087D9D501E343D5 ] CSObjectsSrv    C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
19:01:43.0245 3656  CSObjectsSrv - ok
19:01:43.0261 3656  [ 2C3F213EDDD231099FB779A45D7680E0 ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
19:01:43.0276 3656  CSVirtualDiskDrv - ok
19:01:43.0308 3656  [ 8D0CCEBAF0A108F9867CEF13107EAF0C ] CXAVSAUD        C:\Windows\system32\DRIVERS\pvavsaud.sys
19:01:43.0339 3656  CXAVSAUD - ok
19:01:43.0370 3656  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:01:43.0479 3656  DcomLaunch - ok
19:01:43.0510 3656  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:01:43.0557 3656  defragsvc - ok
19:01:43.0588 3656  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:01:43.0620 3656  DfsC - ok
19:01:43.0666 3656  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:01:43.0698 3656  Dhcp - ok
19:01:43.0744 3656  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
19:01:43.0791 3656  discache - ok
19:01:43.0807 3656  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\drivers\disk.sys
19:01:43.0822 3656  Disk - ok
19:01:43.0854 3656  [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
19:01:43.0885 3656  dmvsc - ok
19:01:43.0900 3656  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:01:43.0963 3656  Dnscache - ok
19:01:43.0994 3656  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:01:44.0025 3656  dot3svc - ok
19:01:44.0041 3656  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
19:01:44.0088 3656  DPS - ok
19:01:44.0103 3656  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:01:44.0134 3656  drmkaud - ok
19:01:44.0212 3656  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:01:44.0259 3656  dtsoftbus01 - ok
19:01:44.0306 3656  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:01:44.0353 3656  DXGKrnl - ok
19:01:44.0384 3656  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
19:01:44.0431 3656  EapHost - ok
19:01:44.0509 3656  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
19:01:44.0618 3656  ebdrv - ok
19:01:44.0634 3656  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
19:01:44.0680 3656  EFS - ok
19:01:44.0743 3656  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:01:44.0821 3656  ehRecvr - ok
19:01:44.0836 3656  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
19:01:44.0868 3656  ehSched - ok
19:01:44.0914 3656  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:01:44.0946 3656  elxstor - ok
19:01:44.0961 3656  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:01:44.0992 3656  ErrDev - ok
19:01:45.0024 3656  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
19:01:45.0070 3656  EventSystem - ok
19:01:45.0102 3656  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
19:01:45.0133 3656  exfat - ok
19:01:45.0164 3656  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:01:45.0211 3656  fastfat - ok
19:01:45.0258 3656  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
19:01:45.0304 3656  Fax - ok
19:01:45.0320 3656  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\drivers\fdc.sys
19:01:45.0351 3656  fdc - ok
19:01:45.0367 3656  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
19:01:45.0414 3656  fdPHost - ok
19:01:45.0429 3656  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
19:01:45.0476 3656  FDResPub - ok
19:01:45.0507 3656  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:01:45.0523 3656  FileInfo - ok
19:01:45.0523 3656  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:01:45.0554 3656  Filetrace - ok
19:01:45.0585 3656  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:01:45.0601 3656  flpydisk - ok
19:01:45.0632 3656  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:01:45.0648 3656  FltMgr - ok
19:01:45.0726 3656  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
19:01:45.0819 3656  FontCache - ok
19:01:45.0866 3656  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:01:45.0882 3656  FontCache3.0.0.0 - ok
19:01:45.0897 3656  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:01:45.0913 3656  FsDepends - ok
19:01:45.0928 3656  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:01:45.0944 3656  Fs_Rec - ok
19:01:45.0975 3656  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:01:46.0006 3656  fvevol - ok
19:01:46.0022 3656  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:01:46.0038 3656  gagp30kx - ok
19:01:46.0084 3656  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:01:46.0100 3656  GEARAspiWDM - ok
19:01:46.0131 3656  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:01:46.0194 3656  gpsvc - ok
19:01:46.0209 3656  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:01:46.0240 3656  hcw85cir - ok
19:01:46.0272 3656  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:01:46.0303 3656  HdAudAddService - ok
19:01:46.0334 3656  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:01:46.0365 3656  HDAudBus - ok
19:01:46.0365 3656  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:01:46.0396 3656  HidBatt - ok
19:01:46.0396 3656  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:01:46.0428 3656  HidBth - ok
19:01:46.0459 3656  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:01:46.0490 3656  HidIr - ok
19:01:46.0521 3656  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
19:01:46.0552 3656  hidserv - ok
19:01:46.0599 3656  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:01:46.0615 3656  HidUsb - ok
19:01:46.0646 3656  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:01:46.0677 3656  hkmsvc - ok
19:01:46.0693 3656  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:01:46.0724 3656  HomeGroupListener - ok
19:01:46.0755 3656  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:01:46.0802 3656  HomeGroupProvider - ok
19:01:46.0833 3656  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:01:46.0849 3656  HpSAMD - ok
19:01:46.0880 3656  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:01:47.0005 3656  HTTP - ok
19:01:47.0005 3656  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:01:47.0020 3656  hwpolicy - ok
19:01:47.0052 3656  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:01:47.0083 3656  i8042prt - ok
19:01:47.0130 3656  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:01:47.0145 3656  iaStorV - ok
19:01:47.0192 3656  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:01:47.0239 3656  idsvc - ok
19:01:47.0270 3656  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:01:47.0286 3656  iirsp - ok
19:01:47.0332 3656  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:01:47.0395 3656  IKEEXT - ok
19:01:47.0410 3656  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:01:47.0426 3656  intelide - ok
19:01:47.0442 3656  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
19:01:47.0457 3656  intelppm - ok
19:01:47.0473 3656  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:01:47.0504 3656  IPBusEnum - ok
19:01:47.0520 3656  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:01:47.0551 3656  IpFilterDriver - ok
19:01:47.0598 3656  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:01:47.0644 3656  iphlpsvc - ok
19:01:47.0676 3656  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:01:47.0691 3656  IPMIDRV - ok
19:01:47.0722 3656  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:01:47.0769 3656  IPNAT - ok
19:01:47.0816 3656  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:01:47.0878 3656  iPod Service - ok
19:01:47.0894 3656  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:01:47.0941 3656  IRENUM - ok
19:01:47.0956 3656  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:01:47.0988 3656  isapnp - ok
19:01:48.0003 3656  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:01:48.0034 3656  iScsiPrt - ok
19:01:48.0050 3656  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:01:48.0066 3656  kbdclass - ok
19:01:48.0081 3656  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:01:48.0097 3656  kbdhid - ok
19:01:48.0112 3656  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
19:01:48.0128 3656  KeyIso - ok
19:01:48.0159 3656  [ CE3958F58547454884E97BDA78CD7040 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
19:01:48.0190 3656  kl1 - ok
19:01:48.0190 3656  [ 53EEDAB3F0511321AC3AE8BC968B158C ] KLBG            C:\Windows\system32\DRIVERS\klbg.sys
19:01:48.0206 3656  KLBG - ok
19:01:48.0253 3656  [ 723F185C945C0A6D2E21C2BB26A46FE7 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:01:48.0268 3656  KLIF - ok
19:01:48.0284 3656  [ 892CC162DC88AB084C86485879526C59 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
19:01:48.0284 3656  KLIM6 - ok
19:01:48.0300 3656  [ AA63A815876A76987B5DBCE6AF7478E9 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:01:48.0315 3656  klmouflt - ok
19:01:48.0346 3656  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:01:48.0362 3656  KSecDD - ok
19:01:48.0393 3656  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:01:48.0409 3656  KSecPkg - ok
19:01:48.0440 3656  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:01:48.0487 3656  KtmRm - ok
19:01:48.0518 3656  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:01:48.0549 3656  LanmanServer - ok
19:01:48.0580 3656  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:01:48.0612 3656  LanmanWorkstation - ok
19:01:48.0643 3656  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:01:48.0690 3656  lltdio - ok
19:01:48.0721 3656  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:01:48.0752 3656  lltdsvc - ok
19:01:48.0768 3656  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:01:48.0799 3656  lmhosts - ok
19:01:48.0830 3656  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:01:48.0861 3656  LSI_FC - ok
19:01:48.0877 3656  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:01:48.0892 3656  LSI_SAS - ok
19:01:48.0892 3656  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:01:48.0908 3656  LSI_SAS2 - ok
19:01:48.0924 3656  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:01:48.0939 3656  LSI_SCSI - ok
19:01:48.0955 3656  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
19:01:49.0002 3656  luafv - ok
19:01:49.0033 3656  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:01:49.0048 3656  Mcx2Svc - ok
19:01:49.0080 3656  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:01:49.0095 3656  megasas - ok
19:01:49.0095 3656  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:01:49.0126 3656  MegaSR - ok
19:01:49.0158 3656  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
19:01:49.0189 3656  MMCSS - ok
19:01:49.0204 3656  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
19:01:49.0251 3656  Modem - ok
19:01:49.0267 3656  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:01:49.0282 3656  monitor - ok
19:01:49.0314 3656  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:01:49.0329 3656  mouclass - ok
19:01:49.0329 3656  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:01:49.0376 3656  mouhid - ok
19:01:49.0376 3656  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:01:49.0392 3656  mountmgr - ok
19:01:49.0407 3656  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:01:49.0423 3656  mpio - ok
19:01:49.0438 3656  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:01:49.0470 3656  mpsdrv - ok
19:01:49.0501 3656  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:01:49.0610 3656  MpsSvc - ok
19:01:49.0626 3656  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:01:49.0672 3656  MRxDAV - ok
19:01:49.0688 3656  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:01:49.0719 3656  mrxsmb - ok
19:01:49.0750 3656  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:01:49.0782 3656  mrxsmb10 - ok
19:01:49.0797 3656  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:01:49.0828 3656  mrxsmb20 - ok
19:01:49.0844 3656  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
19:01:49.0860 3656  msahci - ok
19:01:49.0875 3656  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:01:49.0891 3656  msdsm - ok
19:01:49.0906 3656  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
19:01:49.0938 3656  MSDTC - ok
19:01:49.0953 3656  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:01:49.0984 3656  Msfs - ok
19:01:50.0016 3656  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:01:50.0062 3656  mshidkmdf - ok
19:01:50.0078 3656  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:01:50.0094 3656  msisadrv - ok
19:01:50.0125 3656  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:01:50.0187 3656  MSiSCSI - ok
19:01:50.0187 3656  msiserver - ok
19:01:50.0234 3656  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:01:50.0265 3656  MSKSSRV - ok
19:01:50.0296 3656  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:01:50.0328 3656  MSPCLOCK - ok
19:01:50.0343 3656  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:01:50.0374 3656  MSPQM - ok
19:01:50.0406 3656  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:01:50.0421 3656  MsRPC - ok
19:01:50.0437 3656  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:01:50.0452 3656  mssmbios - ok
19:01:50.0468 3656  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:01:50.0499 3656  MSTEE - ok
19:01:50.0515 3656  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:01:50.0530 3656  MTConfig - ok
19:01:50.0562 3656  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:01:50.0577 3656  Mup - ok
19:01:50.0655 3656  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
19:01:50.0811 3656  napagent - ok
19:01:50.0858 3656  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:01:50.0889 3656  NativeWifiP - ok
19:01:50.0936 3656  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:01:50.0983 3656  NDIS - ok
19:01:51.0014 3656  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:01:51.0045 3656  NdisCap - ok
19:01:51.0076 3656  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:01:51.0108 3656  NdisTapi - ok
19:01:51.0123 3656  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:01:51.0170 3656  Ndisuio - ok
19:01:51.0186 3656  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:01:51.0217 3656  NdisWan - ok
19:01:51.0232 3656  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:01:51.0264 3656  NDProxy - ok
19:01:51.0279 3656  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:01:51.0310 3656  NetBIOS - ok
19:01:51.0310 3656  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:01:51.0357 3656  NetBT - ok
19:01:51.0373 3656  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
19:01:51.0388 3656  Netlogon - ok
19:01:51.0435 3656  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
19:01:51.0466 3656  Netman - ok
19:01:51.0498 3656  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
19:01:51.0544 3656  netprofm - ok
19:01:51.0560 3656  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:01:51.0576 3656  NetTcpPortSharing - ok
19:01:51.0607 3656  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:01:51.0622 3656  nfrd960 - ok
19:01:51.0654 3656  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:01:51.0685 3656  NlaSvc - ok
19:01:51.0685 3656  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:01:51.0716 3656  Npfs - ok
19:01:51.0747 3656  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
19:01:51.0794 3656  nsi - ok
19:01:51.0810 3656  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:01:51.0841 3656  nsiproxy - ok
19:01:51.0888 3656  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:01:51.0950 3656  Ntfs - ok
19:01:51.0966 3656  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
19:01:52.0012 3656  Null - ok
19:01:52.0044 3656  [ B5E37E31C053BC9950455A257526514B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
19:01:52.0075 3656  NVENETFD - ok
19:01:52.0122 3656  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:01:52.0168 3656  nvraid - ok
19:01:52.0215 3656  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:01:52.0246 3656  nvstor - ok
19:01:52.0262 3656  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:01:52.0278 3656  nv_agp - ok
19:01:52.0387 3656  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:01:52.0402 3656  odserv - ok
19:01:52.0434 3656  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:01:52.0465 3656  ohci1394 - ok
19:01:52.0527 3656  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:01:52.0543 3656  ose - ok
19:01:52.0574 3656  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:01:52.0605 3656  p2pimsvc - ok
19:01:52.0636 3656  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:01:52.0668 3656  p2psvc - ok
19:01:52.0699 3656  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:01:52.0730 3656  Parport - ok
19:01:52.0746 3656  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:01:52.0761 3656  partmgr - ok
19:01:52.0777 3656  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
19:01:52.0792 3656  Parvdm - ok
19:01:52.0824 3656  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:01:52.0855 3656  PcaSvc - ok
19:01:52.0870 3656  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
19:01:52.0886 3656  pci - ok
19:01:52.0917 3656  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
19:01:52.0933 3656  pciide - ok
19:01:52.0964 3656  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:01:52.0980 3656  pcmcia - ok
19:01:52.0995 3656  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
19:01:53.0011 3656  pcw - ok
19:01:53.0042 3656  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:01:53.0104 3656  PEAUTH - ok
19:01:53.0136 3656  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:01:53.0198 3656  PeerDistSvc - ok
19:01:53.0260 3656  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
19:01:53.0385 3656  pla - ok
19:01:53.0432 3656  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:01:53.0479 3656  PlugPlay - ok
19:01:53.0526 3656  [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
19:01:53.0541 3656  PnkBstrA - ok
19:01:53.0557 3656  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:01:53.0588 3656  PNRPAutoReg - ok
19:01:53.0619 3656  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:01:53.0635 3656  PNRPsvc - ok
19:01:53.0666 3656  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:01:53.0713 3656  PolicyAgent - ok
19:01:53.0744 3656  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
19:01:53.0791 3656  Power - ok
19:01:53.0822 3656  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:01:53.0869 3656  PptpMiniport - ok
19:01:53.0884 3656  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\drivers\processr.sys
19:01:53.0900 3656  Processor - ok
19:01:53.0931 3656  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
19:01:53.0978 3656  ProfSvc - ok
19:01:54.0009 3656  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:01:54.0025 3656  ProtectedStorage - ok
19:01:54.0056 3656  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:01:54.0103 3656  Psched - ok
19:01:54.0150 3656  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:01:54.0212 3656  ql2300 - ok
19:01:54.0228 3656  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:01:54.0243 3656  ql40xx - ok
19:01:54.0274 3656  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
19:01:54.0306 3656  QWAVE - ok
19:01:54.0321 3656  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:01:54.0352 3656  QWAVEdrv - ok
19:01:54.0368 3656  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:01:54.0415 3656  RasAcd - ok
19:01:54.0430 3656  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:01:54.0462 3656  RasAgileVpn - ok
19:01:54.0493 3656  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
19:01:54.0540 3656  RasAuto - ok
19:01:54.0571 3656  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:01:54.0602 3656  Rasl2tp - ok
19:01:54.0633 3656  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
19:01:54.0680 3656  RasMan - ok
19:01:54.0711 3656  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:01:54.0742 3656  RasPppoe - ok
19:01:54.0758 3656  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:01:54.0805 3656  RasSstp - ok
19:01:54.0820 3656  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:01:54.0867 3656  rdbss - ok
19:01:54.0867 3656  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:01:54.0898 3656  rdpbus - ok
19:01:54.0898 3656  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:01:54.0945 3656  RDPCDD - ok
19:01:54.0961 3656  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:01:55.0008 3656  RDPDR - ok
19:01:55.0039 3656  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:01:55.0070 3656  RDPENCDD - ok
19:01:55.0101 3656  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:01:55.0132 3656  RDPREFMP - ok
19:01:55.0179 3656  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:01:55.0226 3656  RdpVideoMiniport - ok
19:01:55.0273 3656  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:01:55.0335 3656  RDPWD - ok
19:01:55.0382 3656  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:01:55.0429 3656  rdyboost - ok
19:01:55.0444 3656  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:01:55.0476 3656  RemoteAccess - ok
19:01:55.0507 3656  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:01:55.0538 3656  RemoteRegistry - ok
19:01:55.0569 3656  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:01:55.0616 3656  RpcEptMapper - ok
19:01:55.0632 3656  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
19:01:55.0663 3656  RpcLocator - ok
19:01:55.0678 3656  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
19:01:55.0710 3656  RpcSs - ok
19:01:55.0756 3656  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:01:55.0803 3656  rspndr - ok
19:01:55.0834 3656  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:01:55.0866 3656  s3cap - ok
19:01:55.0881 3656  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
19:01:55.0897 3656  SamSs - ok
19:01:55.0928 3656  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:01:55.0944 3656  sbp2port - ok
19:01:55.0975 3656  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:01:56.0006 3656  SCardSvr - ok
19:01:56.0022 3656  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:01:56.0068 3656  scfilter - ok
19:01:56.0100 3656  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
19:01:56.0162 3656  Schedule - ok
19:01:56.0193 3656  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:01:56.0224 3656  SCPolicySvc - ok
19:01:56.0240 3656  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:01:56.0287 3656  SDRSVC - ok
19:01:56.0302 3656  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:01:56.0349 3656  secdrv - ok
19:01:56.0365 3656  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
19:01:56.0412 3656  seclogon - ok
19:01:56.0427 3656  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
19:01:56.0474 3656  SENS - ok
19:01:56.0505 3656  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:01:56.0536 3656  SensrSvc - ok
19:01:56.0552 3656  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:01:56.0583 3656  Serenum - ok
19:01:56.0583 3656  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:01:56.0614 3656  Serial - ok
19:01:56.0630 3656  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:01:56.0646 3656  sermouse - ok
19:01:56.0692 3656  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:01:56.0724 3656  SessionEnv - ok
19:01:56.0739 3656  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:01:56.0770 3656  sffdisk - ok
19:01:56.0802 3656  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:01:56.0817 3656  sffp_mmc - ok
19:01:56.0833 3656  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:01:56.0864 3656  sffp_sd - ok
19:01:56.0880 3656  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:01:56.0911 3656  sfloppy - ok
19:01:56.0926 3656  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:01:56.0973 3656  SharedAccess - ok
19:01:57.0004 3656  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:01:57.0051 3656  ShellHWDetection - ok
19:01:57.0067 3656  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:01:57.0082 3656  sisagp - ok
19:01:57.0114 3656  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:01:57.0129 3656  SiSRaid2 - ok
19:01:57.0129 3656  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:01:57.0160 3656  SiSRaid4 - ok
19:01:57.0176 3656  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:01:57.0223 3656  Smb - ok
19:01:57.0270 3656  [ 19301C27F3425DC39F6C599F527E507D ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
19:01:57.0316 3656  smserial - ok
19:01:57.0348 3656  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:01:57.0363 3656  SNMPTRAP - ok
19:01:57.0379 3656  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:01:57.0394 3656  spldr - ok
19:01:57.0410 3656  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
19:01:57.0472 3656  Spooler - ok
19:01:57.0582 3656  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:01:57.0722 3656  sppsvc - ok
19:01:57.0738 3656  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:01:57.0784 3656  sppuinotify - ok
19:01:57.0816 3656  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:01:57.0847 3656  srv - ok
19:01:57.0862 3656  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:01:57.0909 3656  srv2 - ok
19:01:57.0925 3656  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:01:57.0956 3656  srvnet - ok
19:01:57.0972 3656  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:01:58.0018 3656  SSDPSRV - ok
19:01:58.0034 3656  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:01:58.0065 3656  SstpSvc - ok
19:01:58.0096 3656  Steam Client Service - ok
19:01:58.0128 3656  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:01:58.0143 3656  stexstor - ok
19:01:58.0174 3656  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
19:01:58.0221 3656  StiSvc - ok
19:01:58.0237 3656  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:01:58.0252 3656  storflt - ok
19:01:58.0284 3656  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
19:01:58.0315 3656  StorSvc - ok
19:01:58.0330 3656  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:01:58.0346 3656  storvsc - ok
19:01:58.0377 3656  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:01:58.0393 3656  swenum - ok
19:01:58.0408 3656  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
19:01:58.0455 3656  swprv - ok
19:01:58.0502 3656  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
19:01:58.0564 3656  SysMain - ok
19:01:58.0580 3656  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:01:58.0627 3656  TabletInputService - ok
19:01:58.0642 3656  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:01:58.0689 3656  TapiSrv - ok
19:01:58.0705 3656  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
19:01:58.0752 3656  TBS - ok
19:01:58.0798 3656  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:01:58.0861 3656  Tcpip - ok
19:01:58.0908 3656  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:01:58.0939 3656  TCPIP6 - ok
19:01:59.0001 3656  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:01:59.0064 3656  tcpipreg - ok
19:01:59.0079 3656  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:01:59.0126 3656  TDPIPE - ok
19:01:59.0157 3656  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:01:59.0173 3656  TDTCP - ok
19:01:59.0188 3656  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:01:59.0220 3656  tdx - ok
19:01:59.0235 3656  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:01:59.0251 3656  TermDD - ok
19:01:59.0282 3656  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
19:01:59.0329 3656  TermService - ok
19:01:59.0344 3656  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
19:01:59.0376 3656  Themes - ok
19:01:59.0391 3656  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
19:01:59.0422 3656  THREADORDER - ok
19:01:59.0454 3656  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
19:01:59.0500 3656  TrkWks - ok
19:01:59.0547 3656  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:01:59.0594 3656  TrustedInstaller - ok
19:01:59.0610 3656  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:01:59.0641 3656  tssecsrv - ok
19:01:59.0688 3656  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:01:59.0734 3656  TsUsbFlt - ok
19:01:59.0766 3656  [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:01:59.0812 3656  TsUsbGD - ok
19:01:59.0844 3656  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:01:59.0875 3656  tunnel - ok
19:01:59.0890 3656  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:01:59.0906 3656  uagp35 - ok
19:01:59.0906 3656  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:01:59.0953 3656  udfs - ok
19:01:59.0984 3656  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:02:00.0015 3656  UI0Detect - ok
19:02:00.0031 3656  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:02:00.0062 3656  uliagpkx - ok
19:02:00.0078 3656  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:02:00.0093 3656  umbus - ok
19:02:00.0109 3656  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:02:00.0140 3656  UmPass - ok
19:02:00.0171 3656  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:02:00.0202 3656  UmRdpService - ok
19:02:00.0234 3656  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
19:02:00.0280 3656  upnphost - ok
19:02:00.0312 3656  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
19:02:00.0343 3656  USBAAPL - ok
19:02:00.0390 3656  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:02:00.0421 3656  usbccgp - ok
19:02:00.0452 3656  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:02:00.0468 3656  usbcir - ok
19:02:00.0499 3656  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:02:00.0530 3656  usbehci - ok
19:02:00.0561 3656  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:02:00.0577 3656  usbhub - ok
19:02:00.0592 3656  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:02:00.0624 3656  usbohci - ok
19:02:00.0655 3656  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:02:00.0686 3656  usbprint - ok
19:02:00.0733 3656  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:02:00.0795 3656  USBSTOR - ok
19:02:00.0842 3656  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:02:00.0873 3656  usbuhci - ok
19:02:00.0889 3656  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
19:02:00.0951 3656  UxSms - ok
19:02:00.0982 3656  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
19:02:00.0998 3656  VaultSvc - ok
19:02:01.0045 3656  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:02:01.0060 3656  vdrvroot - ok
19:02:01.0092 3656  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
19:02:01.0154 3656  vds - ok
19:02:01.0170 3656  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:02:01.0201 3656  vga - ok
19:02:01.0216 3656  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:02:01.0263 3656  VgaSave - ok
19:02:01.0279 3656  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:02:01.0294 3656  vhdmp - ok
19:02:01.0326 3656  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:02:01.0341 3656  viaagp - ok
19:02:01.0357 3656  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:02:01.0388 3656  ViaC7 - ok
19:02:01.0404 3656  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
19:02:01.0419 3656  viaide - ok
19:02:01.0450 3656  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:02:01.0466 3656  vmbus - ok
19:02:01.0466 3656  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:02:01.0497 3656  VMBusHID - ok
19:02:01.0513 3656  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:02:01.0528 3656  volmgr - ok
19:02:01.0544 3656  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:02:01.0560 3656  volmgrx - ok
19:02:01.0575 3656  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:02:01.0591 3656  volsnap - ok
19:02:01.0606 3656  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:02:01.0622 3656  vsmraid - ok
19:02:01.0669 3656  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
19:02:01.0747 3656  VSS - ok
19:02:01.0747 3656  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:02:01.0778 3656  vwifibus - ok
19:02:01.0809 3656  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
19:02:01.0856 3656  W32Time - ok
19:02:01.0887 3656  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:02:01.0918 3656  WacomPen - ok
19:02:01.0934 3656  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:02:01.0981 3656  WANARP - ok
19:02:01.0981 3656  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:02:02.0012 3656  Wanarpv6 - ok
19:02:02.0059 3656  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
19:02:02.0168 3656  wbengine - ok
19:02:02.0199 3656  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:02:02.0230 3656  WbioSrvc - ok
19:02:02.0262 3656  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:02:02.0293 3656  wcncsvc - ok
19:02:02.0308 3656  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:02:02.0340 3656  WcsPlugInService - ok
19:02:02.0355 3656  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\drivers\wd.sys
19:02:02.0386 3656  Wd - ok
19:02:02.0418 3656  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:02:02.0449 3656  Wdf01000 - ok
19:02:02.0464 3656  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:02:02.0542 3656  WdiServiceHost - ok
19:02:02.0542 3656  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:02:02.0574 3656  WdiSystemHost - ok
19:02:02.0605 3656  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
19:02:02.0636 3656  WebClient - ok
19:02:02.0652 3656  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:02:02.0683 3656  Wecsvc - ok
19:02:02.0714 3656  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:02:02.0745 3656  wercplsupport - ok
19:02:02.0761 3656  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:02:02.0792 3656  WerSvc - ok
19:02:02.0808 3656  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:02:02.0839 3656  WfpLwf - ok
19:02:02.0870 3656  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:02:02.0886 3656  WIMMount - ok
19:02:02.0948 3656  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:02:03.0042 3656  WinDefend - ok
19:02:03.0057 3656  WinHttpAutoProxySvc - ok
19:02:03.0104 3656  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:02:03.0135 3656  Winmgmt - ok
19:02:03.0182 3656  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
19:02:03.0276 3656  WinRM - ok
19:02:03.0307 3656  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:02:03.0338 3656  WinUsb - ok
19:02:03.0385 3656  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:02:03.0447 3656  Wlansvc - ok
19:02:03.0463 3656  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:02:03.0478 3656  WmiAcpi - ok
19:02:03.0510 3656  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:02:03.0525 3656  wmiApSrv - ok
19:02:03.0603 3656  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:02:03.0697 3656  WMPNetworkSvc - ok
19:02:03.0728 3656  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:02:03.0759 3656  WPCSvc - ok
19:02:03.0775 3656  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:02:03.0822 3656  WPDBusEnum - ok
19:02:03.0853 3656  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:02:03.0884 3656  ws2ifsl - ok
19:02:03.0900 3656  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
19:02:03.0931 3656  wscsvc - ok
19:02:03.0931 3656  WSearch - ok
19:02:04.0009 3656  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:02:04.0087 3656  wuauserv - ok
19:02:04.0134 3656  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:02:04.0180 3656  WudfPf - ok
19:02:04.0227 3656  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:02:04.0258 3656  WUDFRd - ok
19:02:04.0305 3656  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:02:04.0336 3656  wudfsvc - ok
19:02:04.0368 3656  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:02:04.0399 3656  WwanSvc - ok
19:02:04.0399 3656  ================ Scan global ===============================
19:02:04.0430 3656  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:02:04.0461 3656  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
19:02:04.0477 3656  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
19:02:04.0508 3656  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:02:04.0524 3656  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:02:04.0524 3656  [Global] - ok
19:02:04.0524 3656  ================ Scan MBR ==================================
19:02:04.0539 3656  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:02:04.0851 3656  \Device\Harddisk0\DR0 - ok
19:02:04.0851 3656  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
19:02:04.0914 3656  \Device\Harddisk1\DR1 - ok
19:02:04.0914 3656  ================ Scan VBR ==================================
19:02:04.0945 3656  [ 3B9EAC46764F4E02E2A90F861CD1F838 ] \Device\Harddisk0\DR0\Partition1
19:02:04.0945 3656  \Device\Harddisk0\DR0\Partition1 - ok
19:02:04.0960 3656  [ 2E2A6C7FCEAFC12244A3E288E4C9B4BA ] \Device\Harddisk1\DR1\Partition1
19:02:04.0976 3656  \Device\Harddisk1\DR1\Partition1 - ok
19:02:04.0992 3656  [ 2D83CFF692429C22881D42C51E321434 ] \Device\Harddisk1\DR1\Partition2
19:02:04.0992 3656  \Device\Harddisk1\DR1\Partition2 - ok
19:02:04.0992 3656  ============================================================
19:02:04.0992 3656  Scan finished
19:02:04.0992 3656  ============================================================
19:02:05.0007 5368  Detected object count: 0
19:02:05.0007 5368  Actual detected object count: 0

Alt 05.02.2013, 03:24   #8
t'john
/// Helfer-Team
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Alles sauber.

ESET Online Scanner

Vorbereitung

  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
  • Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.
Los geht's

  • Lade und starte Eset Smartinstaller
  • Haken setzen bei YES, I accept the Terms of Use.
  • Klick auf Start.
  • Haken setzen bei Remove found threads und Scan archives.
  • Klick auf Start.
  • Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Finish drücken.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



danach:

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
Mfg, t'john
Das TB unterstützen

Alt 05.04.2013, 07:29   #9
t'john
/// Helfer-Team
 
Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Standard

Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.
anwendungsdaten, bayern, benutzer, folge, folgende, gefunde, gefährdet, kaspersky, meldung, microsoft, objekte, scan


« GVU Trojaner Endreinigung | Was kann ich löschen? > Malwarebytes Anti-Malware Logdatei »


Ähnliche Themen: Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic.


  1. Problem UDS:DangerousObject.Multi.Generic
    Plagegeister aller Art und deren Bekämpfung - 12.07.2015 (5)
  2. UDS:DangerousObjekt.Multi.Generic taucht alle 3 Stunden wieder auf
    Log-Analyse und Auswertung - 02.04.2015 (11)
  3. Samsung Link.exe;UDS:DangerousObject.Multi.Generic
    Plagegeister aller Art und deren Bekämpfung - 27.02.2015 (3)
  4. UDS:DangerousObject.Multi.Generic
    Plagegeister aller Art und deren Bekämpfung - 04.10.2014 (7)
  5. HiddenObject.Multi.Generic und PC verhält sich merkwürdig
    Plagegeister aller Art und deren Bekämpfung - 26.12.2013 (10)
  6. Kaspersky hat HEUR:Trojan.Win32.Generic gefunden
    Plagegeister aller Art und deren Bekämpfung - 08.11.2013 (15)
  7. UDS:DangerousObject.Multi.Generic Nun hats mich auch erwischt
    Plagegeister aller Art und deren Bekämpfung - 05.06.2013 (33)
  8. UDS.DangerousObject.Multi.Generic
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (4)
  9. combofix log auswerten,wei tdsskiller das hier( UnsignedFile.Multi.Generic ) GEFUNDEN HAT
    Mülltonne - 19.12.2012 (1)
  10. Skype-Virus - anschließend UDS:DangerousObject.Multi.Generic / Trojan.Win.32.VBKrypt.nqht
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (7)
  11. Kaspersky Gibt warnung vor trojanern gefunden:UDS:DangerousObjekt.Multi.Generic
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (5)
  12. dangerousobject.multi.generic
    Plagegeister aller Art und deren Bekämpfung - 15.04.2012 (1)
  13. Constructor.MSIL.Feka.a und HiddenObject.Multi.Generic
    Log-Analyse und Auswertung - 14.03.2012 (27)
  14. unbekannte Bedrohung UDS: dangerousobject.multi.generic
    Log-Analyse und Auswertung - 22.11.2011 (28)
  15. UDS:DangerousObject.Multi.Generic von Kaspersky - Fehlalarm?
    Plagegeister aller Art und deren Bekämpfung - 06.10.2011 (4)
  16. HiddenObject.Multi.Generic - kasdb.fs.tmp
    Plagegeister aller Art und deren Bekämpfung - 09.03.2011 (5)
  17. Kaspersky meldet UDS:DangerousObject.Multi.Generic
    Plagegeister aller Art und deren Bekämpfung - 14.09.2010 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. - Hallo! Ich mache gerade einen Volluntersuchungscan mit Kaspersky. Dabei erhielt ich folgende Meldung: 30.01.2013 20:01:36 Gefunden: HiddenObject.Multi.Generic c:\Documents and Settings\Rupert Niko\Anwendungsdaten\Microsoft\Templates\~$Normal.dotm Protokolliert 30.01.2013 20:01:36 Nicht desinfizierte Objekte: HiddenObject.Multi.Generic c:\Documents and - Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic....
Archiv
Du betrachtest: Kaspersky Scan: Gefunden: HiddenObject.Multi.Generic. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131