| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU-TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.03.2013, 13:56
| #31 |
 |  GVU-Trojaner System scan completed erscheint nicht-es steht da(konnte das nicht Markieren) Threads detected unsigned file Service:watchmi Suspicious object,medium risk Service start:Auto(0x2) File:C:\Program Files(x86)watchmi\TvdService.exe MD5:63D7250ED2C2E3CD9B11139A608D6C39 |
|
24.03.2013, 14:23
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | GVU-Trojaner Hast du meinen Beitrag nicht gelesen?
__________________
__________________ |
|
24.03.2013, 14:55
| #33 |
| | GVU-Trojaner 14:52:41.0629 5240 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
__________________14:52:41.0832 5240 ============================================================ 14:52:41.0832 5240 Current date / time: 2013/03/24 14:52:41.0832 14:52:41.0832 5240 SystemInfo: 14:52:41.0832 5240 14:52:41.0832 5240 OS Version: 6.1.7601 ServicePack: 1.0 14:52:41.0832 5240 Product type: Workstation 14:52:41.0832 5240 ComputerName: RAKETE-PC 14:52:41.0832 5240 UserName: rakete 14:52:41.0832 5240 Windows directory: C:\Windows 14:52:41.0832 5240 System windows directory: C:\Windows 14:52:41.0832 5240 Running under WOW64 14:52:41.0832 5240 Processor architecture: Intel x64 14:52:41.0832 5240 Number of processors: 8 14:52:41.0832 5240 Page size: 0x1000 14:52:41.0832 5240 Boot type: Normal boot 14:52:41.0832 5240 ============================================================ 14:52:42.0144 5240 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:52:42.0237 5240 ============================================================ 14:52:42.0237 5240 \Device\Harddisk0\DR0: 14:52:42.0237 5240 MBR partitions: 14:52:42.0237 5240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 14:52:42.0237 5240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xA8454800 14:52:42.0237 5240 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA8487000, BlocksNum 0x6400000 14:52:42.0237 5240 ============================================================ 14:52:42.0268 5240 C: <-> \Device\Harddisk0\DR0\Partition2 14:52:42.0315 5240 D: <-> \Device\Harddisk0\DR0\Partition3 14:52:42.0315 5240 ============================================================ 14:52:42.0315 5240 Initialize success 14:52:42.0315 5240 ============================================================ 14:52:50.0536 2348 ============================================================ 14:52:50.0536 2348 Scan started 14:52:50.0536 2348 Mode: Manual; SigCheck; TDLFS; 14:52:50.0536 2348 ============================================================ 14:52:50.0802 2348 ================ Scan system memory ======================== 14:52:50.0802 2348 System memory - ok 14:52:50.0817 2348 ================ Scan services ============================= 14:52:50.0926 2348 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 14:52:50.0989 2348 1394ohci - ok 14:52:51.0067 2348 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys 14:52:51.0098 2348 a2acc - ok 14:52:51.0176 2348 [ 521C7DB6FA2B4DC01610B7A7D741F2BB ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe 14:52:51.0223 2348 a2AntiMalware - ok 14:52:51.0254 2348 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys 14:52:51.0270 2348 A2DDA - ok 14:52:51.0301 2348 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 14:52:51.0316 2348 ACPI - ok 14:52:51.0316 2348 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 14:52:51.0332 2348 AcpiPmi - ok 14:52:51.0379 2348 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 14:52:51.0394 2348 AdobeARMservice - ok 14:52:51.0410 2348 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 14:52:51.0426 2348 adp94xx - ok 14:52:51.0441 2348 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 14:52:51.0441 2348 adpahci - ok 14:52:51.0457 2348 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 14:52:51.0457 2348 adpu320 - ok 14:52:51.0504 2348 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 14:52:51.0535 2348 AeLookupSvc - ok 14:52:51.0550 2348 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 14:52:51.0566 2348 AFD - ok 14:52:51.0582 2348 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 14:52:51.0582 2348 agp440 - ok 14:52:51.0613 2348 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 14:52:51.0613 2348 ALG - ok 14:52:51.0628 2348 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 14:52:51.0644 2348 aliide - ok 14:52:51.0644 2348 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 14:52:51.0644 2348 amdide - ok 14:52:51.0660 2348 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 14:52:51.0675 2348 AmdK8 - ok 14:52:51.0691 2348 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 14:52:51.0706 2348 AmdPPM - ok 14:52:51.0722 2348 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 14:52:51.0722 2348 amdsata - ok 14:52:51.0738 2348 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 14:52:51.0738 2348 amdsbs - ok 14:52:51.0753 2348 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 14:52:51.0769 2348 amdxata - ok 14:52:51.0769 2348 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 14:52:51.0784 2348 AppID - ok 14:52:51.0784 2348 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 14:52:51.0800 2348 AppIDSvc - ok 14:52:51.0862 2348 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 14:52:51.0894 2348 Appinfo - ok 14:52:51.0894 2348 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 14:52:51.0909 2348 arc - ok 14:52:51.0909 2348 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 14:52:51.0925 2348 arcsas - ok 14:52:51.0940 2348 [ D6D2BB2F4F5868549DDE75F3146BC84E ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys 14:52:51.0956 2348 asmthub3 - ok 14:52:51.0956 2348 [ 1E758172367DC2A3653F16586D62A3F0 ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys 14:52:51.0972 2348 asmtxhci - ok 14:52:51.0987 2348 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 14:52:52.0003 2348 AsyncMac - ok 14:52:52.0018 2348 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 14:52:52.0018 2348 atapi - ok 14:52:52.0034 2348 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 14:52:52.0065 2348 AudioEndpointBuilder - ok 14:52:52.0065 2348 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 14:52:52.0081 2348 AudioSrv - ok 14:52:52.0206 2348 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe 14:52:52.0252 2348 AVGIDSAgent - ok 14:52:52.0284 2348 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 14:52:52.0284 2348 AVGIDSDriver - ok 14:52:52.0299 2348 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 14:52:52.0299 2348 AVGIDSHA - ok 14:52:52.0315 2348 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 14:52:52.0330 2348 Avgldx64 - ok 14:52:52.0346 2348 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys 14:52:52.0346 2348 Avgloga - ok 14:52:52.0362 2348 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 14:52:52.0362 2348 Avgmfx64 - ok 14:52:52.0393 2348 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 14:52:52.0408 2348 Avgrkx64 - ok 14:52:52.0424 2348 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 14:52:52.0424 2348 Avgtdia - ok 14:52:52.0455 2348 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe 14:52:52.0471 2348 avgwd - ok 14:52:52.0486 2348 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 14:52:52.0518 2348 AxInstSV - ok 14:52:52.0533 2348 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 14:52:52.0533 2348 b06bdrv - ok 14:52:52.0549 2348 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 14:52:52.0564 2348 b57nd60a - ok 14:52:52.0564 2348 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 14:52:52.0580 2348 BDESVC - ok 14:52:52.0596 2348 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 14:52:52.0627 2348 Beep - ok 14:52:52.0658 2348 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 14:52:52.0674 2348 BFE - ok 14:52:52.0689 2348 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 14:52:52.0720 2348 BITS - ok 14:52:52.0736 2348 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 14:52:52.0736 2348 blbdrive - ok 14:52:52.0736 2348 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 14:52:52.0752 2348 bowser - ok 14:52:52.0752 2348 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 14:52:52.0767 2348 BrFiltLo - ok 14:52:52.0767 2348 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 14:52:52.0783 2348 BrFiltUp - ok 14:52:52.0798 2348 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 14:52:52.0814 2348 Browser - ok 14:52:52.0814 2348 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 14:52:52.0830 2348 Brserid - ok 14:52:52.0845 2348 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 14:52:52.0845 2348 BrSerWdm - ok 14:52:52.0876 2348 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 14:52:52.0876 2348 BrUsbMdm - ok 14:52:52.0876 2348 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 14:52:52.0892 2348 BrUsbSer - ok 14:52:52.0892 2348 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 14:52:52.0908 2348 BTHMODEM - ok 14:52:52.0908 2348 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 14:52:52.0923 2348 bthserv - ok 14:52:52.0939 2348 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 14:52:52.0954 2348 cdfs - ok 14:52:52.0954 2348 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 14:52:52.0970 2348 cdrom - ok 14:52:52.0986 2348 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 14:52:53.0001 2348 CertPropSvc - ok 14:52:53.0017 2348 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 14:52:53.0017 2348 circlass - ok 14:52:53.0048 2348 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 14:52:53.0048 2348 CLFS - ok 14:52:53.0110 2348 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:52:53.0126 2348 clr_optimization_v2.0.50727_32 - ok 14:52:53.0157 2348 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:52:53.0173 2348 clr_optimization_v2.0.50727_64 - ok 14:52:53.0188 2348 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:52:53.0204 2348 clr_optimization_v4.0.30319_32 - ok 14:52:53.0220 2348 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:52:53.0235 2348 clr_optimization_v4.0.30319_64 - ok 14:52:53.0251 2348 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 14:52:53.0266 2348 CmBatt - ok 14:52:53.0282 2348 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 14:52:53.0282 2348 cmdide - ok 14:52:53.0313 2348 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 14:52:53.0344 2348 CNG - ok 14:52:53.0360 2348 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 14:52:53.0360 2348 Compbatt - ok 14:52:53.0376 2348 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 14:52:53.0391 2348 CompositeBus - ok 14:52:53.0391 2348 COMSysApp - ok 14:52:53.0407 2348 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 14:52:53.0407 2348 crcdisk - ok 14:52:53.0438 2348 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 14:52:53.0438 2348 CryptSvc - ok 14:52:53.0469 2348 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 14:52:53.0500 2348 DcomLaunch - ok 14:52:53.0516 2348 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 14:52:53.0547 2348 defragsvc - ok 14:52:53.0547 2348 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 14:52:53.0563 2348 DfsC - ok 14:52:53.0594 2348 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 14:52:53.0594 2348 Dhcp - ok 14:52:53.0610 2348 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 14:52:53.0625 2348 discache - ok 14:52:53.0625 2348 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 14:52:53.0625 2348 Disk - ok 14:52:53.0656 2348 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 14:52:53.0672 2348 Dnscache - ok 14:52:53.0688 2348 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 14:52:53.0703 2348 dot3svc - ok 14:52:53.0703 2348 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 14:52:53.0719 2348 DPS - ok 14:52:53.0734 2348 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 14:52:53.0750 2348 drmkaud - ok 14:52:53.0766 2348 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 14:52:53.0781 2348 DXGKrnl - ok 14:52:53.0812 2348 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 14:52:53.0828 2348 EapHost - ok 14:52:53.0890 2348 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 14:52:53.0922 2348 ebdrv - ok 14:52:53.0953 2348 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 14:52:53.0953 2348 EFS - ok 14:52:53.0984 2348 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 14:52:54.0000 2348 ehRecvr - ok 14:52:54.0015 2348 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 14:52:54.0015 2348 ehSched - ok 14:52:54.0031 2348 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 14:52:54.0031 2348 elxstor - ok 14:52:54.0046 2348 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 14:52:54.0046 2348 ErrDev - ok 14:52:54.0078 2348 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 14:52:54.0093 2348 EventSystem - ok 14:52:54.0124 2348 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 14:52:54.0140 2348 exfat - ok 14:52:54.0140 2348 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 14:52:54.0156 2348 fastfat - ok 14:52:54.0187 2348 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 14:52:54.0202 2348 Fax - ok 14:52:54.0218 2348 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 14:52:54.0218 2348 fdc - ok 14:52:54.0234 2348 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 14:52:54.0249 2348 fdPHost - ok 14:52:54.0265 2348 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 14:52:54.0280 2348 FDResPub - ok 14:52:54.0296 2348 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 14:52:54.0296 2348 FileInfo - ok 14:52:54.0296 2348 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 14:52:54.0312 2348 Filetrace - ok 14:52:54.0327 2348 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 14:52:54.0343 2348 flpydisk - ok 14:52:54.0343 2348 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 14:52:54.0358 2348 FltMgr - ok 14:52:54.0390 2348 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 14:52:54.0452 2348 FontCache - ok 14:52:54.0483 2348 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:52:54.0483 2348 FontCache3.0.0.0 - ok 14:52:54.0483 2348 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 14:52:54.0483 2348 FsDepends - ok 14:52:54.0514 2348 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 14:52:54.0514 2348 Fs_Rec - ok 14:52:54.0530 2348 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 14:52:54.0530 2348 fvevol - ok 14:52:54.0546 2348 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 14:52:54.0546 2348 gagp30kx - ok 14:52:54.0577 2348 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 14:52:54.0592 2348 gpsvc - ok 14:52:54.0639 2348 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:52:54.0639 2348 gupdate - ok 14:52:54.0655 2348 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:52:54.0670 2348 gupdatem - ok 14:52:54.0670 2348 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 14:52:54.0686 2348 hcw85cir - ok 14:52:54.0702 2348 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 14:52:54.0717 2348 HdAudAddService - ok 14:52:54.0717 2348 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 14:52:54.0717 2348 HDAudBus - ok 14:52:54.0733 2348 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 14:52:54.0748 2348 HidBatt - ok 14:52:54.0748 2348 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 14:52:54.0764 2348 HidBth - ok 14:52:54.0764 2348 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 14:52:54.0780 2348 HidIr - ok 14:52:54.0780 2348 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 14:52:54.0795 2348 hidserv - ok 14:52:54.0811 2348 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 14:52:54.0811 2348 HidUsb - ok 14:52:54.0826 2348 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 14:52:54.0842 2348 hkmsvc - ok 14:52:54.0858 2348 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 14:52:54.0873 2348 HomeGroupListener - ok 14:52:54.0889 2348 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 14:52:54.0920 2348 HomeGroupProvider - ok 14:52:54.0920 2348 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 14:52:54.0936 2348 HpSAMD - ok 14:52:54.0951 2348 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 14:52:54.0998 2348 HTTP - ok 14:52:54.0998 2348 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 14:52:55.0014 2348 hwpolicy - ok 14:52:55.0014 2348 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 14:52:55.0029 2348 i8042prt - ok 14:52:55.0045 2348 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\drivers\iaStor.sys 14:52:55.0045 2348 iaStor - ok 14:52:55.0092 2348 [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 14:52:55.0092 2348 IAStorDataMgrSvc - ok 14:52:55.0107 2348 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 14:52:55.0107 2348 iaStorV - ok 14:52:55.0154 2348 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:52:55.0170 2348 idsvc - ok 14:52:55.0263 2348 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 14:52:55.0388 2348 igfx - ok 14:52:55.0388 2348 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 14:52:55.0388 2348 iirsp - ok 14:52:55.0435 2348 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 14:52:55.0466 2348 IKEEXT - ok 14:52:55.0560 2348 [ ACACD1B925D448558C1C9D0258749451 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 14:52:55.0669 2348 IntcAzAudAddService - ok 14:52:55.0716 2348 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 14:52:55.0731 2348 Intel(R) Capability Licensing Service Interface - ok 14:52:55.0731 2348 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 14:52:55.0747 2348 intelide - ok 14:52:55.0762 2348 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 14:52:55.0778 2348 intelppm - ok 14:52:55.0809 2348 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 14:52:55.0825 2348 IPBusEnum - ok 14:52:55.0840 2348 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:52:55.0856 2348 IpFilterDriver - ok 14:52:55.0887 2348 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 14:52:55.0903 2348 iphlpsvc - ok 14:52:55.0918 2348 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 14:52:55.0918 2348 IPMIDRV - ok 14:52:55.0934 2348 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 14:52:55.0965 2348 IPNAT - ok 14:52:55.0965 2348 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 14:52:55.0981 2348 IRENUM - ok 14:52:55.0981 2348 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 14:52:55.0981 2348 isapnp - ok 14:52:55.0996 2348 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 14:52:56.0012 2348 iScsiPrt - ok 14:52:56.0043 2348 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 14:52:56.0043 2348 jhi_service - ok 14:52:56.0059 2348 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 14:52:56.0059 2348 kbdclass - ok 14:52:56.0059 2348 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 14:52:56.0074 2348 kbdhid - ok 14:52:56.0090 2348 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 14:52:56.0090 2348 KeyIso - ok 14:52:56.0121 2348 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 14:52:56.0121 2348 KSecDD - ok 14:52:56.0137 2348 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 14:52:56.0137 2348 KSecPkg - ok 14:52:56.0152 2348 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 14:52:56.0168 2348 ksthunk - ok 14:52:56.0184 2348 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 14:52:56.0199 2348 KtmRm - ok 14:52:56.0230 2348 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 14:52:56.0246 2348 LanmanServer - ok 14:52:56.0277 2348 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 14:52:56.0293 2348 LanmanWorkstation - ok 14:52:56.0308 2348 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 14:52:56.0324 2348 lltdio - ok 14:52:56.0340 2348 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 14:52:56.0371 2348 lltdsvc - ok 14:52:56.0371 2348 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 14:52:56.0386 2348 lmhosts - ok 14:52:56.0418 2348 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 14:52:56.0418 2348 LMS - ok 14:52:56.0418 2348 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 14:52:56.0433 2348 LSI_FC - ok 14:52:56.0449 2348 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 14:52:56.0449 2348 LSI_SAS - ok 14:52:56.0449 2348 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 14:52:56.0464 2348 LSI_SAS2 - ok 14:52:56.0464 2348 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 14:52:56.0480 2348 LSI_SCSI - ok 14:52:56.0480 2348 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 14:52:56.0496 2348 luafv - ok 14:52:56.0605 2348 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 14:52:56.0714 2348 LVUVC64 - ok 14:52:56.0730 2348 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 14:52:56.0745 2348 MBAMProtector - ok 14:52:56.0808 2348 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 14:52:56.0823 2348 MBAMScheduler - ok 14:52:56.0854 2348 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 14:52:56.0886 2348 MBAMService - ok 14:52:56.0901 2348 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 14:52:56.0917 2348 Mcx2Svc - ok 14:52:56.0917 2348 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 14:52:56.0932 2348 megasas - ok 14:52:56.0964 2348 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 14:52:56.0964 2348 MegaSR - ok 14:52:56.0979 2348 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys 14:52:56.0979 2348 MEIx64 - ok 14:52:57.0010 2348 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe 14:52:57.0010 2348 MemeoBackgroundService - ok 14:52:57.0042 2348 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 14:52:57.0057 2348 MMCSS - ok 14:52:57.0073 2348 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 14:52:57.0088 2348 Modem - ok 14:52:57.0088 2348 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 14:52:57.0104 2348 monitor - ok 14:52:57.0104 2348 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 14:52:57.0120 2348 mouclass - ok 14:52:57.0120 2348 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 14:52:57.0120 2348 mouhid - ok 14:52:57.0135 2348 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 14:52:57.0135 2348 mountmgr - ok 14:52:57.0135 2348 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 14:52:57.0151 2348 mpio - ok 14:52:57.0151 2348 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 14:52:57.0166 2348 mpsdrv - ok 14:52:57.0213 2348 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 14:52:57.0244 2348 MpsSvc - ok 14:52:57.0244 2348 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 14:52:57.0260 2348 MRxDAV - ok 14:52:57.0260 2348 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 14:52:57.0276 2348 mrxsmb - ok 14:52:57.0291 2348 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:52:57.0291 2348 mrxsmb10 - ok 14:52:57.0307 2348 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:52:57.0307 2348 mrxsmb20 - ok 14:52:57.0322 2348 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 14:52:57.0322 2348 msahci - ok 14:52:57.0322 2348 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 14:52:57.0338 2348 msdsm - ok 14:52:57.0338 2348 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 14:52:57.0354 2348 MSDTC - ok 14:52:57.0354 2348 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 14:52:57.0369 2348 Msfs - ok 14:52:57.0385 2348 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 14:52:57.0416 2348 mshidkmdf - ok 14:52:57.0416 2348 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 14:52:57.0416 2348 msisadrv - ok 14:52:57.0432 2348 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 14:52:57.0447 2348 MSiSCSI - ok 14:52:57.0447 2348 msiserver - ok 14:52:57.0478 2348 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 14:52:57.0494 2348 MSKSSRV - ok 14:52:57.0525 2348 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 14:52:57.0541 2348 MSPCLOCK - ok 14:52:57.0541 2348 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 14:52:57.0556 2348 MSPQM - ok 14:52:57.0556 2348 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 14:52:57.0572 2348 MsRPC - ok 14:52:57.0572 2348 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 14:52:57.0588 2348 mssmbios - ok 14:52:57.0588 2348 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 14:52:57.0603 2348 MSTEE - ok 14:52:57.0619 2348 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 14:52:57.0634 2348 MTConfig - ok 14:52:57.0634 2348 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 14:52:57.0634 2348 Mup - ok 14:52:57.0666 2348 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 14:52:57.0681 2348 napagent - ok 14:52:57.0712 2348 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 14:52:57.0712 2348 NativeWifiP - ok 14:52:57.0759 2348 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 14:52:57.0775 2348 NDIS - ok 14:52:57.0775 2348 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 14:52:57.0806 2348 NdisCap - ok 14:52:57.0806 2348 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 14:52:57.0822 2348 NdisTapi - ok 14:52:57.0822 2348 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 14:52:57.0837 2348 Ndisuio - ok 14:52:57.0853 2348 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 14:52:57.0868 2348 NdisWan - ok 14:52:57.0868 2348 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 14:52:57.0884 2348 NDProxy - ok 14:52:57.0884 2348 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 14:52:57.0900 2348 NetBIOS - ok 14:52:57.0915 2348 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 14:52:57.0946 2348 NetBT - ok 14:52:57.0946 2348 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 14:52:57.0946 2348 Netlogon - ok 14:52:57.0978 2348 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 14:52:57.0993 2348 Netman - ok 14:52:58.0009 2348 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 14:52:58.0040 2348 netprofm - ok 14:52:58.0056 2348 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:52:58.0056 2348 NetTcpPortSharing - ok 14:52:58.0071 2348 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 14:52:58.0071 2348 nfrd960 - ok 14:52:58.0102 2348 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 14:52:58.0102 2348 NlaSvc - ok 14:52:58.0102 2348 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 14:52:58.0134 2348 Npfs - ok 14:52:58.0149 2348 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 14:52:58.0165 2348 nsi - ok 14:52:58.0165 2348 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 14:52:58.0180 2348 nsiproxy - ok 14:52:58.0227 2348 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 14:52:58.0290 2348 Ntfs - ok 14:52:58.0305 2348 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 14:52:58.0321 2348 Null - ok 14:52:58.0352 2348 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 14:52:58.0368 2348 NVENETFD - ok 14:52:58.0368 2348 [ DD743DC997F26EDDFDCEBE7146B458B8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 14:52:58.0383 2348 NVHDA - ok 14:52:58.0570 2348 [ 996687BDB58C2E580100BE98DF996D02 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 14:52:58.0820 2348 nvlddmkm - ok 14:52:58.0836 2348 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 14:52:58.0851 2348 nvraid - ok 14:52:58.0851 2348 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 14:52:58.0867 2348 nvstor - ok 14:52:58.0882 2348 [ 50F3224D4FBAD6A4316E65E05D384AC6 ] nvsvc C:\Windows\system32\nvvsvc.exe 14:52:58.0898 2348 nvsvc - ok 14:52:58.0960 2348 [ 58590AE97F0A7118466FA20279EF587C ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 14:52:58.0992 2348 nvUpdatusService - ok 14:52:59.0023 2348 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 14:52:59.0023 2348 nv_agp - ok 14:52:59.0038 2348 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 14:52:59.0038 2348 ohci1394 - ok 14:52:59.0070 2348 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 14:52:59.0070 2348 p2pimsvc - ok 14:52:59.0101 2348 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 14:52:59.0101 2348 p2psvc - ok 14:52:59.0116 2348 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 14:52:59.0116 2348 Parport - ok 14:52:59.0163 2348 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 14:52:59.0179 2348 partmgr - ok 14:52:59.0179 2348 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 14:52:59.0194 2348 PcaSvc - ok 14:52:59.0210 2348 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 14:52:59.0226 2348 pci - ok 14:52:59.0241 2348 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 14:52:59.0257 2348 pciide - ok 14:52:59.0257 2348 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 14:52:59.0272 2348 pcmcia - ok 14:52:59.0272 2348 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 14:52:59.0272 2348 pcw - ok 14:52:59.0288 2348 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 14:52:59.0319 2348 PEAUTH - ok 14:52:59.0382 2348 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 14:52:59.0397 2348 PerfHost - ok 14:52:59.0428 2348 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 14:52:59.0491 2348 pla - ok 14:52:59.0522 2348 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 14:52:59.0522 2348 PlugPlay - ok 14:52:59.0538 2348 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 14:52:59.0553 2348 PNRPAutoReg - ok 14:52:59.0569 2348 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 14:52:59.0569 2348 PNRPsvc - ok 14:52:59.0600 2348 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 14:52:59.0616 2348 PolicyAgent - ok 14:52:59.0616 2348 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 14:52:59.0647 2348 Power - ok 14:52:59.0662 2348 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 14:52:59.0678 2348 PptpMiniport - ok 14:52:59.0678 2348 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 14:52:59.0694 2348 Processor - ok 14:52:59.0709 2348 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 14:52:59.0709 2348 ProfSvc - ok 14:52:59.0725 2348 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 14:52:59.0725 2348 ProtectedStorage - ok 14:52:59.0740 2348 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 14:52:59.0772 2348 Psched - ok 14:52:59.0787 2348 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 14:52:59.0803 2348 ql2300 - ok 14:52:59.0850 2348 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 14:52:59.0865 2348 ql40xx - ok 14:52:59.0881 2348 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 14:52:59.0912 2348 QWAVE - ok 14:52:59.0912 2348 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 14:52:59.0943 2348 QWAVEdrv - ok 14:52:59.0943 2348 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 14:52:59.0974 2348 RasAcd - ok 14:52:59.0990 2348 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 14:53:00.0021 2348 RasAgileVpn - ok 14:53:00.0021 2348 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 14:53:00.0037 2348 RasAuto - ok 14:53:00.0052 2348 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 14:53:00.0068 2348 Rasl2tp - ok 14:53:00.0099 2348 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 14:53:00.0115 2348 RasMan - ok 14:53:00.0115 2348 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 14:53:00.0130 2348 RasPppoe - ok 14:53:00.0130 2348 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 14:53:00.0162 2348 RasSstp - ok 14:53:00.0162 2348 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 14:53:00.0177 2348 rdbss - ok 14:53:00.0193 2348 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 14:53:00.0193 2348 rdpbus - ok 14:53:00.0208 2348 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 14:53:00.0224 2348 RDPCDD - ok 14:53:00.0240 2348 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 14:53:00.0255 2348 RDPENCDD - ok 14:53:00.0255 2348 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 14:53:00.0271 2348 RDPREFMP - ok 14:53:00.0286 2348 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 14:53:00.0302 2348 RDPWD - ok 14:53:00.0318 2348 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 14:53:00.0333 2348 rdyboost - ok 14:53:00.0333 2348 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 14:53:00.0364 2348 RemoteAccess - ok 14:53:00.0364 2348 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 14:53:00.0396 2348 RemoteRegistry - ok 14:53:00.0396 2348 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 14:53:00.0411 2348 RpcEptMapper - ok 14:53:00.0427 2348 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 14:53:00.0442 2348 RpcLocator - ok 14:53:00.0442 2348 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 14:53:00.0474 2348 RpcSs - ok 14:53:00.0474 2348 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 14:53:00.0505 2348 rspndr - ok 14:53:00.0520 2348 [ 6CF9DB101A75360E98659F823852E540 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 14:53:00.0520 2348 RTL8167 - ok 14:53:00.0552 2348 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 14:53:00.0583 2348 RTL8192su - ok 14:53:00.0598 2348 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 14:53:00.0598 2348 SamSs - ok 14:53:00.0598 2348 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 14:53:00.0614 2348 sbp2port - ok 14:53:00.0614 2348 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 14:53:00.0630 2348 SCardSvr - ok 14:53:00.0645 2348 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 14:53:00.0661 2348 scfilter - ok 14:53:00.0676 2348 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 14:53:00.0723 2348 Schedule - ok 14:53:00.0739 2348 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 14:53:00.0754 2348 SCPolicySvc - ok 14:53:00.0786 2348 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 14:53:00.0786 2348 SDRSVC - ok 14:53:00.0801 2348 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 14:53:00.0817 2348 secdrv - ok 14:53:00.0832 2348 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 14:53:00.0848 2348 seclogon - ok 14:53:00.0864 2348 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 14:53:00.0879 2348 SENS - ok 14:53:00.0895 2348 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 14:53:00.0895 2348 SensrSvc - ok 14:53:00.0910 2348 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 14:53:00.0926 2348 Serenum - ok 14:53:00.0942 2348 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 14:53:00.0942 2348 Serial - ok 14:53:00.0957 2348 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 14:53:00.0957 2348 sermouse - ok 14:53:00.0973 2348 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 14:53:01.0004 2348 SessionEnv - ok 14:53:01.0004 2348 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 14:53:01.0020 2348 sffdisk - ok 14:53:01.0020 2348 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 14:53:01.0035 2348 sffp_mmc - ok 14:53:01.0035 2348 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 14:53:01.0051 2348 sffp_sd - ok 14:53:01.0066 2348 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 14:53:01.0066 2348 sfloppy - ok 14:53:01.0098 2348 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 14:53:01.0113 2348 SharedAccess - ok 14:53:01.0129 2348 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 14:53:01.0144 2348 ShellHWDetection - ok 14:53:01.0160 2348 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 14:53:01.0160 2348 SiSRaid2 - ok 14:53:01.0160 2348 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 14:53:01.0176 2348 SiSRaid4 - ok 14:53:01.0222 2348 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 14:53:01.0238 2348 SkypeUpdate - ok 14:53:01.0254 2348 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 14:53:01.0300 2348 Smb - ok 14:53:01.0316 2348 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 14:53:01.0316 2348 SNMPTRAP - ok 14:53:01.0316 2348 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 14:53:01.0332 2348 spldr - ok 14:53:01.0347 2348 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 14:53:01.0363 2348 Spooler - ok 14:53:01.0425 2348 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 14:53:01.0519 2348 sppsvc - ok 14:53:01.0519 2348 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 14:53:01.0550 2348 sppuinotify - ok 14:53:01.0566 2348 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 14:53:01.0581 2348 srv - ok 14:53:01.0581 2348 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 14:53:01.0597 2348 srv2 - ok 14:53:01.0597 2348 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 14:53:01.0597 2348 srvnet - ok 14:53:01.0628 2348 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 14:53:01.0644 2348 SSDPSRV - ok 14:53:01.0644 2348 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 14:53:01.0675 2348 SstpSvc - ok 14:53:01.0675 2348 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 14:53:01.0675 2348 stexstor - ok 14:53:01.0706 2348 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 14:53:01.0722 2348 stisvc - ok 14:53:01.0722 2348 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 14:53:01.0737 2348 swenum - ok 14:53:01.0737 2348 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 14:53:01.0768 2348 swprv - ok 14:53:01.0800 2348 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 14:53:01.0862 2348 SysMain - ok 14:53:01.0862 2348 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 14:53:01.0878 2348 TabletInputService - ok 14:53:01.0878 2348 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 14:53:01.0893 2348 TapiSrv - ok 14:53:01.0909 2348 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 14:53:01.0924 2348 TBS - ok 14:53:01.0971 2348 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 14:53:02.0002 2348 Tcpip - ok 14:53:02.0049 2348 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 14:53:02.0065 2348 TCPIP6 - ok 14:53:02.0096 2348 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 14:53:02.0096 2348 tcpipreg - ok 14:53:02.0112 2348 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 14:53:02.0112 2348 TDPIPE - ok 14:53:02.0112 2348 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 14:53:02.0127 2348 TDTCP - ok 14:53:02.0127 2348 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 14:53:02.0158 2348 tdx - ok 14:53:02.0174 2348 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 14:53:02.0174 2348 TermDD - ok 14:53:02.0190 2348 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 14:53:02.0221 2348 TermService - ok 14:53:02.0221 2348 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 14:53:02.0236 2348 Themes - ok 14:53:02.0252 2348 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 14:53:02.0268 2348 THREADORDER - ok 14:53:02.0283 2348 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 14:53:02.0299 2348 TrkWks - ok 14:53:02.0330 2348 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 14:53:02.0346 2348 TrustedInstaller - ok 14:53:02.0361 2348 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 14:53:02.0377 2348 tssecsrv - ok 14:53:02.0392 2348 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 14:53:02.0408 2348 TsUsbFlt - ok 14:53:02.0408 2348 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 14:53:02.0424 2348 TsUsbGD - ok 14:53:02.0424 2348 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 14:53:02.0455 2348 tunnel - ok 14:53:02.0455 2348 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 14:53:02.0470 2348 uagp35 - ok 14:53:02.0486 2348 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 14:53:02.0502 2348 udfs - ok 14:53:02.0517 2348 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 14:53:02.0517 2348 UI0Detect - ok 14:53:02.0533 2348 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 14:53:02.0533 2348 uliagpkx - ok 14:53:02.0548 2348 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 14:53:02.0548 2348 umbus - ok 14:53:02.0564 2348 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 14:53:02.0580 2348 UmPass - ok 14:53:02.0642 2348 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 14:53:02.0658 2348 UMVPFSrv - ok 14:53:02.0704 2348 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 14:53:02.0720 2348 UNS - ok 14:53:02.0751 2348 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 14:53:02.0798 2348 upnphost - ok 14:53:02.0860 2348 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 14:53:02.0876 2348 usbaudio - ok 14:53:02.0876 2348 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 14:53:02.0892 2348 usbccgp - ok 14:53:02.0907 2348 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 14:53:02.0923 2348 usbcir - ok 14:53:02.0923 2348 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 14:53:02.0938 2348 usbehci - ok 14:53:02.0970 2348 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys 14:53:02.0985 2348 usbhub - ok 14:53:03.0001 2348 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 14:53:03.0016 2348 usbohci - ok 14:53:03.0016 2348 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 14:53:03.0032 2348 usbprint - ok 14:53:03.0079 2348 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 14:53:03.0094 2348 usbscan - ok 14:53:03.0110 2348 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:53:03.0126 2348 USBSTOR - ok 14:53:03.0126 2348 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 14:53:03.0141 2348 usbuhci - ok 14:53:03.0157 2348 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 14:53:03.0172 2348 usbvideo - ok 14:53:03.0188 2348 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 14:53:03.0204 2348 UxSms - ok 14:53:03.0219 2348 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 14:53:03.0219 2348 VaultSvc - ok 14:53:03.0235 2348 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 14:53:03.0235 2348 vdrvroot - ok 14:53:03.0250 2348 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 14:53:03.0282 2348 vds - ok 14:53:03.0282 2348 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 14:53:03.0282 2348 vga - ok 14:53:03.0282 2348 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 14:53:03.0313 2348 VgaSave - ok 14:53:03.0313 2348 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 14:53:03.0313 2348 vhdmp - ok 14:53:03.0328 2348 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 14:53:03.0328 2348 viaide - ok 14:53:03.0328 2348 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 14:53:03.0344 2348 volmgr - ok 14:53:03.0344 2348 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 14:53:03.0344 2348 volmgrx - ok 14:53:03.0375 2348 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 14:53:03.0391 2348 volsnap - ok 14:53:03.0391 2348 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 14:53:03.0406 2348 vsmraid - ok 14:53:03.0438 2348 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 14:53:03.0484 2348 VSS - ok 14:53:03.0484 2348 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 14:53:03.0500 2348 vwifibus - ok 14:53:03.0500 2348 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 14:53:03.0516 2348 vwififlt - ok 14:53:03.0516 2348 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 14:53:03.0531 2348 W32Time - ok 14:53:03.0547 2348 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 14:53:03.0547 2348 WacomPen - ok 14:53:03.0547 2348 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 14:53:03.0562 2348 WANARP - ok 14:53:03.0578 2348 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 14:53:03.0594 2348 Wanarpv6 - ok 14:53:03.0625 2348 [ 63D7250ED2C2E3CD9B11139A608D6C39 ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe 14:53:03.0625 2348 watchmi ( UnsignedFile.Multi.Generic ) - warning 14:53:03.0625 2348 watchmi - detected UnsignedFile.Multi.Generic (1) 14:53:03.0656 2348 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 14:53:03.0703 2348 wbengine - ok 14:53:03.0718 2348 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 14:53:03.0734 2348 WbioSrvc - ok 14:53:03.0734 2348 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 14:53:03.0750 2348 wcncsvc - ok 14:53:03.0750 2348 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 14:53:03.0765 2348 WcsPlugInService - ok 14:53:03.0765 2348 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 14:53:03.0765 2348 Wd - ok 14:53:03.0796 2348 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 14:53:03.0812 2348 Wdf01000 - ok 14:53:03.0812 2348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 14:53:03.0828 2348 WdiServiceHost - ok 14:53:03.0828 2348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 14:53:03.0843 2348 WdiSystemHost - ok 14:53:03.0859 2348 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 14:53:03.0874 2348 WebClient - ok 14:53:03.0890 2348 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 14:53:03.0906 2348 Wecsvc - ok 14:53:03.0906 2348 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 14:53:03.0937 2348 wercplsupport - ok 14:53:03.0952 2348 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 14:53:03.0968 2348 WerSvc - ok 14:53:03.0984 2348 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 14:53:03.0999 2348 WfpLwf - ok 14:53:03.0999 2348 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 14:53:04.0015 2348 WIMMount - ok 14:53:04.0015 2348 WinDefend - ok 14:53:04.0030 2348 WinHttpAutoProxySvc - ok 14:53:04.0062 2348 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 14:53:04.0077 2348 Winmgmt - ok 14:53:04.0108 2348 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 14:53:04.0171 2348 WinRM - ok 14:53:04.0186 2348 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 14:53:04.0202 2348 Wlansvc - ok 14:53:04.0264 2348 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 14:53:04.0280 2348 wlcrasvc - ok 14:53:04.0342 2348 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:53:04.0405 2348 wlidsvc - ok 14:53:04.0405 2348 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 14:53:04.0420 2348 WmiAcpi - ok 14:53:04.0436 2348 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 14:53:04.0452 2348 wmiApSrv - ok 14:53:04.0452 2348 WMPNetworkSvc - ok 14:53:04.0467 2348 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 14:53:04.0483 2348 WPCSvc - ok 14:53:04.0498 2348 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 14:53:04.0498 2348 WPDBusEnum - ok 14:53:04.0514 2348 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 14:53:04.0530 2348 ws2ifsl - ok 14:53:04.0530 2348 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 14:53:04.0545 2348 wscsvc - ok 14:53:04.0576 2348 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 14:53:04.0592 2348 WSDPrintDevice - ok 14:53:04.0592 2348 WSearch - ok 14:53:04.0623 2348 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys 14:53:04.0639 2348 wsvd - ok 14:53:04.0701 2348 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 14:53:04.0732 2348 wuauserv - ok 14:53:04.0764 2348 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 14:53:04.0764 2348 WudfPf - ok 14:53:04.0795 2348 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 14:53:04.0810 2348 WUDFRd - ok 14:53:04.0826 2348 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 14:53:04.0842 2348 wudfsvc - ok 14:53:04.0842 2348 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 14:53:04.0857 2348 WwanSvc - ok 14:53:04.0873 2348 ================ Scan global =============================== 14:53:04.0888 2348 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 14:53:04.0920 2348 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 14:53:04.0935 2348 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 14:53:04.0951 2348 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 14:53:04.0982 2348 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 14:53:04.0982 2348 [Global] - ok 14:53:04.0982 2348 ================ Scan MBR ================================== 14:53:04.0998 2348 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0 14:53:06.0370 2348 \Device\Harddisk0\DR0 - ok 14:53:06.0370 2348 ================ Scan VBR ================================== 14:53:06.0370 2348 [ 7B5F3A29AAF0AD50A50A9FAE4173BAF7 ] \Device\Harddisk0\DR0\Partition1 14:53:06.0370 2348 \Device\Harddisk0\DR0\Partition1 - ok 14:53:06.0417 2348 [ 7D978745279E04CCF39C4DA4B5ABC5C9 ] \Device\Harddisk0\DR0\Partition2 14:53:06.0417 2348 \Device\Harddisk0\DR0\Partition2 - ok 14:53:06.0448 2348 [ D204B579F72F0EBFD2362350B4CD7EA2 ] \Device\Harddisk0\DR0\Partition3 14:53:06.0448 2348 \Device\Harddisk0\DR0\Partition3 - ok 14:53:06.0448 2348 ============================================================ 14:53:06.0448 2348 Scan finished 14:53:06.0448 2348 ============================================================ 14:53:06.0464 1716 Detected object count: 1 14:53:06.0464 1716 Actual detected object count: 1 14:53:21.0315 1716 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user 14:53:21.0315 1716 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:53:44.0294 5756 Deinitialize success |
|
24.03.2013, 15:09
| #34 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner Warum postest du nicht wie schon mehrfach erwähnt in CODE-Tags? Bitte die nächsten Logs in CODE-Tags posten! Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
30.03.2013, 19:29
| #35 |
| | GVU-TrojanerCode:
ATTFilter Da ich nichts mehr gehört habe,gehe ich davon aus,dass alles in Ordnung ist.Deshalb herzlichen Dank für die Hilfe und für die Geduld mit einem"Nichtwissenden"
|
|
30.03.2013, 19:33
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner Was bitte soll das denn jetzt? Du sollst nur Logs in CODE-Tags posten
__________________ --> GVU-Trojaner |
|
30.03.2013, 19:46
| #37 |
| | GVU-TrojanerCode:
ATTFilter Wenn Du mir jetzt noch sagst,welche Logs,dann versuch ich es
|
|
30.03.2013, 19:53
| #38 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner Sry, langsam fühl ich mir hier verarscht  Poste das letze angeforderte Log von aswMBR in CODE-Tags, deine normalen Mitteilungen nicht in CODE-Tags, sondern nur die Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.03.2013, 20:03
| #39 |
| | GVU-Trojaner [CODE][/CODE Code:
ATTFilter 19:46:08.0325 5504 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:46:08.0559 5504 ============================================================
19:46:08.0559 5504 Current date / time: 2013/03/26 19:46:08.0559
19:46:08.0559 5504 SystemInfo:
19:46:08.0559 5504
19:46:08.0559 5504 OS Version: 6.1.7601 ServicePack: 1.0
19:46:08.0559 5504 Product type: Workstation
19:46:08.0559 5504 ComputerName: RAKETE-PC
19:46:08.0559 5504 UserName: rakete
19:46:08.0559 5504 Windows directory: C:\Windows
19:46:08.0559 5504 System windows directory: C:\Windows
19:46:08.0559 5504 Running under WOW64
19:46:08.0559 5504 Processor architecture: Intel x64
19:46:08.0559 5504 Number of processors: 8
19:46:08.0559 5504 Page size: 0x1000
19:46:08.0559 5504 Boot type: Normal boot
19:46:08.0559 5504 ============================================================
19:46:08.0964 5504 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:46:09.0058 5504 ============================================================
19:46:09.0058 5504 \Device\Harddisk0\DR0:
19:46:09.0058 5504 MBR partitions:
19:46:09.0058 5504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:46:09.0058 5504 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xA8454800
19:46:09.0058 5504 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA8487000, BlocksNum 0x6400000
19:46:09.0058 5504 ============================================================
19:46:09.0089 5504 C: <-> \Device\Harddisk0\DR0\Partition2
19:46:09.0136 5504 D: <-> \Device\Harddisk0\DR0\Partition3
19:46:09.0136 5504 ============================================================
19:46:09.0136 5504 Initialize success
19:46:09.0136 5504 ============================================================
19:46:17.0420 5336 ============================================================
19:46:17.0420 5336 Scan started
19:46:17.0420 5336 Mode: Manual; SigCheck; TDLFS;
19:46:17.0420 5336 ============================================================
19:46:18.0387 5336 ================ Scan system memory ========================
19:46:18.0387 5336 System memory - ok
19:46:18.0387 5336 ================ Scan services =============================
19:46:18.0496 5336 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:46:18.0605 5336 1394ohci - ok
19:46:18.0668 5336 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
19:46:18.0699 5336 a2acc - ok
19:46:18.0777 5336 [ 521C7DB6FA2B4DC01610B7A7D741F2BB ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
19:46:18.0824 5336 a2AntiMalware - ok
19:46:18.0855 5336 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
19:46:18.0855 5336 A2DDA - ok
19:46:18.0886 5336 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:46:18.0886 5336 ACPI - ok
19:46:18.0917 5336 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:46:18.0948 5336 AcpiPmi - ok
19:46:18.0980 5336 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:46:18.0995 5336 AdobeARMservice - ok
19:46:19.0011 5336 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:46:19.0042 5336 adp94xx - ok
19:46:19.0042 5336 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:46:19.0058 5336 adpahci - ok
19:46:19.0058 5336 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:46:19.0073 5336 adpu320 - ok
19:46:19.0089 5336 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:46:19.0182 5336 AeLookupSvc - ok
19:46:19.0198 5336 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:46:19.0245 5336 AFD - ok
19:46:19.0276 5336 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:46:19.0292 5336 agp440 - ok
19:46:19.0307 5336 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:46:19.0354 5336 ALG - ok
19:46:19.0385 5336 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:46:19.0401 5336 aliide - ok
19:46:19.0401 5336 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:46:19.0416 5336 amdide - ok
19:46:19.0432 5336 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:46:19.0479 5336 AmdK8 - ok
19:46:19.0494 5336 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:46:19.0541 5336 AmdPPM - ok
19:46:19.0541 5336 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:46:19.0557 5336 amdsata - ok
19:46:19.0588 5336 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:46:19.0604 5336 amdsbs - ok
19:46:19.0619 5336 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:46:19.0635 5336 amdxata - ok
19:46:19.0666 5336 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:46:19.0697 5336 AppID - ok
19:46:19.0744 5336 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:46:19.0806 5336 AppIDSvc - ok
19:46:19.0838 5336 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:46:19.0884 5336 Appinfo - ok
19:46:19.0900 5336 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:46:19.0900 5336 arc - ok
19:46:19.0916 5336 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:46:19.0916 5336 arcsas - ok
19:46:19.0931 5336 [ D6D2BB2F4F5868549DDE75F3146BC84E ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys
19:46:19.0962 5336 asmthub3 - ok
19:46:19.0962 5336 [ 1E758172367DC2A3653F16586D62A3F0 ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys
19:46:19.0994 5336 asmtxhci - ok
19:46:20.0009 5336 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:46:20.0103 5336 AsyncMac - ok
19:46:20.0118 5336 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:46:20.0134 5336 atapi - ok
19:46:20.0150 5336 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:46:20.0181 5336 AudioEndpointBuilder - ok
19:46:20.0196 5336 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:46:20.0212 5336 AudioSrv - ok
19:46:20.0337 5336 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:46:20.0384 5336 AVGIDSAgent - ok
19:46:20.0415 5336 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:46:20.0415 5336 AVGIDSDriver - ok
19:46:20.0430 5336 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:46:20.0430 5336 AVGIDSHA - ok
19:46:20.0446 5336 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:46:20.0462 5336 Avgldx64 - ok
19:46:20.0477 5336 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
19:46:20.0477 5336 Avgloga - ok
19:46:20.0493 5336 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:46:20.0508 5336 Avgmfx64 - ok
19:46:20.0555 5336 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:46:20.0555 5336 Avgrkx64 - ok
19:46:20.0571 5336 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:46:20.0586 5336 Avgtdia - ok
19:46:20.0618 5336 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:46:20.0633 5336 avgwd - ok
19:46:20.0680 5336 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:46:20.0727 5336 AxInstSV - ok
19:46:20.0758 5336 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:46:20.0789 5336 b06bdrv - ok
19:46:20.0820 5336 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:46:20.0867 5336 b57nd60a - ok
19:46:20.0898 5336 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:46:20.0930 5336 BDESVC - ok
19:46:20.0961 5336 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:46:21.0023 5336 Beep - ok
19:46:21.0070 5336 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:46:21.0148 5336 BFE - ok
19:46:21.0210 5336 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:46:21.0288 5336 BITS - ok
19:46:21.0304 5336 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:46:21.0335 5336 blbdrive - ok
19:46:21.0335 5336 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:46:21.0366 5336 bowser - ok
19:46:21.0382 5336 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:46:21.0398 5336 BrFiltLo - ok
19:46:21.0413 5336 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:46:21.0444 5336 BrFiltUp - ok
19:46:21.0476 5336 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:46:21.0491 5336 Browser - ok
19:46:21.0507 5336 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:46:21.0554 5336 Brserid - ok
19:46:21.0569 5336 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:46:21.0600 5336 BrSerWdm - ok
19:46:21.0616 5336 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:46:21.0647 5336 BrUsbMdm - ok
19:46:21.0647 5336 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:46:21.0663 5336 BrUsbSer - ok
19:46:21.0694 5336 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:46:21.0710 5336 BTHMODEM - ok
19:46:21.0756 5336 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:46:21.0803 5336 bthserv - ok
19:46:21.0819 5336 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:46:21.0866 5336 cdfs - ok
19:46:21.0912 5336 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:46:21.0944 5336 cdrom - ok
19:46:21.0975 5336 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:46:22.0053 5336 CertPropSvc - ok
19:46:22.0084 5336 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:46:22.0115 5336 circlass - ok
19:46:22.0131 5336 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:46:22.0146 5336 CLFS - ok
19:46:22.0209 5336 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:46:22.0224 5336 clr_optimization_v2.0.50727_32 - ok
19:46:22.0256 5336 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:46:22.0271 5336 clr_optimization_v2.0.50727_64 - ok
19:46:22.0302 5336 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:46:22.0302 5336 clr_optimization_v4.0.30319_32 - ok
19:46:22.0334 5336 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:46:22.0349 5336 clr_optimization_v4.0.30319_64 - ok
19:46:22.0365 5336 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:46:22.0396 5336 CmBatt - ok
19:46:22.0412 5336 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:46:22.0427 5336 cmdide - ok
19:46:22.0458 5336 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:46:22.0490 5336 CNG - ok
19:46:22.0505 5336 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:46:22.0521 5336 Compbatt - ok
19:46:22.0536 5336 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:46:22.0552 5336 CompositeBus - ok
19:46:22.0568 5336 COMSysApp - ok
19:46:22.0568 5336 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:46:22.0583 5336 crcdisk - ok
19:46:22.0599 5336 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:46:22.0630 5336 CryptSvc - ok
19:46:22.0661 5336 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:46:22.0724 5336 DcomLaunch - ok
19:46:22.0817 5336 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:46:22.0864 5336 defragsvc - ok
19:46:22.0895 5336 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:46:22.0942 5336 DfsC - ok
19:46:22.0989 5336 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:46:23.0036 5336 Dhcp - ok
19:46:23.0036 5336 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:46:23.0067 5336 discache - ok
19:46:23.0098 5336 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:46:23.0114 5336 Disk - ok
19:46:23.0129 5336 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:46:23.0145 5336 Dnscache - ok
19:46:23.0160 5336 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:46:23.0223 5336 dot3svc - ok
19:46:23.0223 5336 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:46:23.0238 5336 DPS - ok
19:46:23.0270 5336 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:46:23.0285 5336 drmkaud - ok
19:46:23.0316 5336 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:46:23.0332 5336 DXGKrnl - ok
19:46:23.0348 5336 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:46:23.0379 5336 EapHost - ok
19:46:23.0441 5336 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:46:23.0535 5336 ebdrv - ok
19:46:23.0582 5336 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:46:23.0613 5336 EFS - ok
19:46:23.0644 5336 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:46:23.0691 5336 ehRecvr - ok
19:46:23.0706 5336 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:46:23.0738 5336 ehSched - ok
19:46:23.0753 5336 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:46:23.0784 5336 elxstor - ok
19:46:23.0784 5336 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:46:23.0816 5336 ErrDev - ok
19:46:23.0847 5336 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:46:23.0909 5336 EventSystem - ok
19:46:23.0956 5336 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:46:24.0003 5336 exfat - ok
19:46:24.0003 5336 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:46:24.0050 5336 fastfat - ok
19:46:24.0096 5336 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:46:24.0112 5336 Fax - ok
19:46:24.0128 5336 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:46:24.0159 5336 fdc - ok
19:46:24.0174 5336 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:46:24.0237 5336 fdPHost - ok
19:46:24.0237 5336 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:46:24.0268 5336 FDResPub - ok
19:46:24.0299 5336 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:46:24.0299 5336 FileInfo - ok
19:46:24.0299 5336 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:46:24.0330 5336 Filetrace - ok
19:46:24.0408 5336 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:46:24.0424 5336 flpydisk - ok
19:46:24.0440 5336 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:46:24.0455 5336 FltMgr - ok
19:46:24.0486 5336 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
19:46:24.0549 5336 FontCache - ok
19:46:24.0596 5336 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:46:24.0596 5336 FontCache3.0.0.0 - ok
19:46:24.0611 5336 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:46:24.0611 5336 FsDepends - ok
19:46:24.0642 5336 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:46:24.0658 5336 Fs_Rec - ok
19:46:24.0658 5336 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:46:24.0689 5336 fvevol - ok
19:46:24.0689 5336 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:46:24.0705 5336 gagp30kx - ok
19:46:24.0752 5336 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:46:24.0814 5336 gpsvc - ok
19:46:24.0876 5336 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:46:24.0876 5336 gupdate - ok
19:46:24.0892 5336 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:46:24.0908 5336 gupdatem - ok
19:46:24.0923 5336 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:46:24.0939 5336 hcw85cir - ok
19:46:24.0954 5336 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:46:24.0986 5336 HdAudAddService - ok
19:46:25.0017 5336 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:46:25.0048 5336 HDAudBus - ok
19:46:25.0064 5336 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:46:25.0079 5336 HidBatt - ok
19:46:25.0110 5336 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:46:25.0142 5336 HidBth - ok
19:46:25.0157 5336 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:46:25.0173 5336 HidIr - ok
19:46:25.0173 5336 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:46:25.0220 5336 hidserv - ok
19:46:25.0235 5336 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:46:25.0235 5336 HidUsb - ok
19:46:25.0266 5336 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:46:25.0313 5336 hkmsvc - ok
19:46:25.0329 5336 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:46:25.0344 5336 HomeGroupListener - ok
19:46:25.0376 5336 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:46:25.0407 5336 HomeGroupProvider - ok
19:46:25.0407 5336 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:46:25.0422 5336 HpSAMD - ok
19:46:25.0438 5336 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:46:25.0500 5336 HTTP - ok
19:46:25.0516 5336 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:46:25.0532 5336 hwpolicy - ok
19:46:25.0563 5336 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:46:25.0578 5336 i8042prt - ok
19:46:25.0594 5336 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:46:25.0594 5336 iaStor - ok
19:46:25.0641 5336 [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:46:25.0641 5336 IAStorDataMgrSvc - ok
19:46:25.0656 5336 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:46:25.0688 5336 iaStorV - ok
19:46:25.0719 5336 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:46:25.0750 5336 idsvc - ok
19:46:25.0859 5336 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:46:26.0000 5336 igfx - ok
19:46:26.0000 5336 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:46:26.0000 5336 iirsp - ok
19:46:26.0031 5336 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:46:26.0078 5336 IKEEXT - ok
19:46:26.0187 5336 [ ACACD1B925D448558C1C9D0258749451 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:46:26.0296 5336 IntcAzAudAddService - ok
19:46:26.0374 5336 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:46:26.0390 5336 Intel(R) Capability Licensing Service Interface - ok
19:46:26.0421 5336 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:46:26.0421 5336 intelide - ok
19:46:26.0436 5336 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:46:26.0452 5336 intelppm - ok
19:46:26.0499 5336 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:46:26.0546 5336 IPBusEnum - ok
19:46:26.0577 5336 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:46:26.0608 5336 IpFilterDriver - ok
19:46:26.0624 5336 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:46:26.0655 5336 iphlpsvc - ok
19:46:26.0670 5336 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:46:26.0702 5336 IPMIDRV - ok
19:46:26.0717 5336 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:46:26.0748 5336 IPNAT - ok
19:46:26.0748 5336 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:46:26.0795 5336 IRENUM - ok
19:46:26.0795 5336 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:46:26.0795 5336 isapnp - ok
19:46:26.0811 5336 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:46:26.0826 5336 iScsiPrt - ok
19:46:26.0842 5336 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:46:26.0858 5336 jhi_service - ok
19:46:26.0858 5336 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:46:26.0858 5336 kbdclass - ok
19:46:26.0873 5336 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:46:26.0889 5336 kbdhid - ok
19:46:26.0904 5336 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:46:26.0904 5336 KeyIso - ok
19:46:26.0936 5336 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:46:26.0936 5336 KSecDD - ok
19:46:26.0951 5336 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:46:26.0951 5336 KSecPkg - ok
19:46:26.0951 5336 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:46:26.0998 5336 ksthunk - ok
19:46:27.0014 5336 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:46:27.0045 5336 KtmRm - ok
19:46:27.0076 5336 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:46:27.0123 5336 LanmanServer - ok
19:46:27.0154 5336 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:46:27.0216 5336 LanmanWorkstation - ok
19:46:27.0232 5336 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:46:27.0294 5336 lltdio - ok
19:46:27.0326 5336 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:46:27.0357 5336 lltdsvc - ok
19:46:27.0357 5336 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:46:27.0388 5336 lmhosts - ok
19:46:27.0419 5336 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:46:27.0435 5336 LMS - ok
19:46:27.0435 5336 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:46:27.0450 5336 LSI_FC - ok
19:46:27.0450 5336 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:46:27.0450 5336 LSI_SAS - ok
19:46:27.0466 5336 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:46:27.0466 5336 LSI_SAS2 - ok
19:46:27.0466 5336 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:46:27.0482 5336 LSI_SCSI - ok
19:46:27.0482 5336 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:46:27.0513 5336 luafv - ok
19:46:27.0622 5336 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:46:27.0731 5336 LVUVC64 - ok
19:46:27.0762 5336 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:46:27.0762 5336 MBAMProtector - ok
19:46:27.0840 5336 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:46:27.0856 5336 MBAMScheduler - ok
19:46:27.0887 5336 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:46:27.0903 5336 MBAMService - ok
19:46:27.0918 5336 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:46:27.0934 5336 Mcx2Svc - ok
19:46:27.0950 5336 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:46:27.0950 5336 megasas - ok
19:46:27.0965 5336 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:46:27.0981 5336 MegaSR - ok
19:46:27.0981 5336 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
19:46:27.0996 5336 MEIx64 - ok
19:46:28.0028 5336 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
19:46:28.0028 5336 MemeoBackgroundService - ok
19:46:28.0028 5336 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:46:28.0074 5336 MMCSS - ok
19:46:28.0090 5336 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:46:28.0121 5336 Modem - ok
19:46:28.0137 5336 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:46:28.0168 5336 monitor - ok
19:46:28.0184 5336 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:46:28.0184 5336 mouclass - ok
19:46:28.0184 5336 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:46:28.0199 5336 mouhid - ok
19:46:28.0215 5336 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:46:28.0215 5336 mountmgr - ok
19:46:28.0215 5336 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:46:28.0230 5336 mpio - ok
19:46:28.0230 5336 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:46:28.0262 5336 mpsdrv - ok
19:46:28.0293 5336 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:46:28.0324 5336 MpsSvc - ok
19:46:28.0355 5336 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:46:28.0402 5336 MRxDAV - ok
19:46:28.0402 5336 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:46:28.0433 5336 mrxsmb - ok
19:46:28.0449 5336 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:46:28.0480 5336 mrxsmb10 - ok
19:46:28.0496 5336 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:46:28.0527 5336 mrxsmb20 - ok
19:46:28.0527 5336 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:46:28.0527 5336 msahci - ok
19:46:28.0542 5336 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:46:28.0558 5336 msdsm - ok
19:46:28.0558 5336 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:46:28.0574 5336 MSDTC - ok
19:46:28.0574 5336 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:46:28.0605 5336 Msfs - ok
19:46:28.0620 5336 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:46:28.0636 5336 mshidkmdf - ok
19:46:28.0636 5336 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:46:28.0636 5336 msisadrv - ok
19:46:28.0683 5336 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:46:28.0745 5336 MSiSCSI - ok
19:46:28.0745 5336 msiserver - ok
19:46:28.0761 5336 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:46:28.0823 5336 MSKSSRV - ok
19:46:28.0839 5336 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:46:28.0870 5336 MSPCLOCK - ok
19:46:28.0886 5336 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:46:28.0917 5336 MSPQM - ok
19:46:28.0932 5336 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:46:28.0932 5336 MsRPC - ok
19:46:28.0948 5336 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:46:28.0948 5336 mssmbios - ok
19:46:28.0964 5336 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:46:28.0995 5336 MSTEE - ok
19:46:29.0010 5336 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:46:29.0042 5336 MTConfig - ok
19:46:29.0042 5336 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:46:29.0057 5336 Mup - ok
19:46:29.0088 5336 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:46:29.0135 5336 napagent - ok
19:46:29.0166 5336 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:46:29.0198 5336 NativeWifiP - ok
19:46:29.0229 5336 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:46:29.0260 5336 NDIS - ok
19:46:29.0276 5336 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:46:29.0291 5336 NdisCap - ok
19:46:29.0307 5336 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:46:29.0322 5336 NdisTapi - ok
19:46:29.0338 5336 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:46:29.0354 5336 Ndisuio - ok
19:46:29.0354 5336 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:46:29.0385 5336 NdisWan - ok
19:46:29.0400 5336 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:46:29.0432 5336 NDProxy - ok
19:46:29.0432 5336 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:46:29.0478 5336 NetBIOS - ok
19:46:29.0478 5336 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:46:29.0510 5336 NetBT - ok
19:46:29.0525 5336 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:46:29.0525 5336 Netlogon - ok
19:46:29.0556 5336 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:46:29.0588 5336 Netman - ok
19:46:29.0603 5336 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:46:29.0666 5336 netprofm - ok
19:46:29.0681 5336 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:46:29.0697 5336 NetTcpPortSharing - ok
19:46:29.0697 5336 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:46:29.0697 5336 nfrd960 - ok
19:46:29.0728 5336 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:46:29.0759 5336 NlaSvc - ok
19:46:29.0759 5336 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:46:29.0775 5336 Npfs - ok
19:46:29.0806 5336 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:46:29.0837 5336 nsi - ok
19:46:29.0837 5336 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:46:29.0853 5336 nsiproxy - ok
19:46:29.0900 5336 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:46:29.0915 5336 Ntfs - ok
19:46:29.0931 5336 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:46:29.0962 5336 Null - ok
19:46:29.0993 5336 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
19:46:30.0040 5336 NVENETFD - ok
19:46:30.0056 5336 [ DD743DC997F26EDDFDCEBE7146B458B8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:46:30.0071 5336 NVHDA - ok
19:46:30.0274 5336 [ 996687BDB58C2E580100BE98DF996D02 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:46:30.0524 5336 nvlddmkm - ok
19:46:30.0555 5336 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:46:30.0555 5336 nvraid - ok
19:46:30.0570 5336 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:46:30.0586 5336 nvstor - ok
19:46:30.0602 5336 [ 50F3224D4FBAD6A4316E65E05D384AC6 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:46:30.0617 5336 nvsvc - ok
19:46:30.0695 5336 [ 58590AE97F0A7118466FA20279EF587C ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:46:30.0742 5336 nvUpdatusService - ok
19:46:30.0773 5336 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:46:30.0789 5336 nv_agp - ok
19:46:30.0804 5336 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:46:30.0867 5336 ohci1394 - ok
19:46:30.0882 5336 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:46:30.0929 5336 p2pimsvc - ok
19:46:30.0945 5336 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:46:30.0976 5336 p2psvc - ok
19:46:31.0007 5336 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:46:31.0023 5336 Parport - ok
19:46:31.0054 5336 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:46:31.0070 5336 partmgr - ok
19:46:31.0085 5336 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:46:31.0132 5336 PcaSvc - ok
19:46:31.0148 5336 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:46:31.0163 5336 pci - ok
19:46:31.0179 5336 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:46:31.0194 5336 pciide - ok
19:46:31.0210 5336 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:46:31.0226 5336 pcmcia - ok
19:46:31.0226 5336 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:46:31.0241 5336 pcw - ok
19:46:31.0241 5336 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:46:31.0272 5336 PEAUTH - ok
19:46:31.0335 5336 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:46:31.0366 5336 PerfHost - ok
19:46:31.0413 5336 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:46:31.0475 5336 pla - ok
19:46:31.0506 5336 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:46:31.0538 5336 PlugPlay - ok
19:46:31.0569 5336 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:46:31.0584 5336 PNRPAutoReg - ok
19:46:31.0600 5336 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:46:31.0616 5336 PNRPsvc - ok
19:46:31.0647 5336 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:46:31.0694 5336 PolicyAgent - ok
19:46:31.0709 5336 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:46:31.0725 5336 Power - ok
19:46:31.0756 5336 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:46:31.0818 5336 PptpMiniport - ok
19:46:31.0834 5336 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:46:31.0850 5336 Processor - ok
19:46:31.0881 5336 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:46:31.0912 5336 ProfSvc - ok
19:46:31.0928 5336 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:46:31.0943 5336 ProtectedStorage - ok
19:46:31.0959 5336 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:46:32.0006 5336 Psched - ok
19:46:32.0068 5336 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:46:32.0115 5336 ql2300 - ok
19:46:32.0130 5336 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:46:32.0130 5336 ql40xx - ok
19:46:32.0146 5336 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:46:32.0162 5336 QWAVE - ok
19:46:32.0177 5336 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:46:32.0208 5336 QWAVEdrv - ok
19:46:32.0224 5336 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:46:32.0271 5336 RasAcd - ok
19:46:32.0302 5336 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:46:32.0364 5336 RasAgileVpn - ok
19:46:32.0380 5336 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:46:32.0427 5336 RasAuto - ok
19:46:32.0442 5336 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:46:32.0520 5336 Rasl2tp - ok
19:46:32.0536 5336 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:46:32.0583 5336 RasMan - ok
19:46:32.0583 5336 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:46:32.0614 5336 RasPppoe - ok
19:46:32.0614 5336 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:46:32.0645 5336 RasSstp - ok
19:46:32.0645 5336 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:46:32.0676 5336 rdbss - ok
19:46:32.0692 5336 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:46:32.0708 5336 rdpbus - ok
19:46:32.0723 5336 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:46:32.0786 5336 RDPCDD - ok
19:46:32.0786 5336 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:46:32.0817 5336 RDPENCDD - ok
19:46:32.0817 5336 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:46:32.0848 5336 RDPREFMP - ok
19:46:32.0879 5336 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:46:32.0895 5336 RDPWD - ok
19:46:32.0910 5336 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:46:32.0926 5336 rdyboost - ok
19:46:32.0942 5336 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:46:32.0973 5336 RemoteAccess - ok
19:46:33.0004 5336 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:46:33.0051 5336 RemoteRegistry - ok
19:46:33.0066 5336 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:46:33.0098 5336 RpcEptMapper - ok
19:46:33.0113 5336 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:46:33.0129 5336 RpcLocator - ok
19:46:33.0160 5336 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:46:33.0176 5336 RpcSs - ok
19:46:33.0176 5336 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:46:33.0207 5336 rspndr - ok
19:46:33.0238 5336 [ 6CF9DB101A75360E98659F823852E540 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:46:33.0254 5336 RTL8167 - ok
19:46:33.0269 5336 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
19:46:33.0285 5336 RTL8192su - ok
19:46:33.0300 5336 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:46:33.0300 5336 SamSs - ok
19:46:33.0316 5336 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:46:33.0316 5336 sbp2port - ok
19:46:33.0316 5336 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:46:33.0347 5336 SCardSvr - ok
19:46:33.0347 5336 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:46:33.0378 5336 scfilter - ok
19:46:33.0410 5336 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:46:33.0488 5336 Schedule - ok
19:46:33.0519 5336 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:46:33.0566 5336 SCPolicySvc - ok
19:46:33.0566 5336 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:46:33.0581 5336 SDRSVC - ok
19:46:33.0597 5336 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:46:33.0628 5336 secdrv - ok
19:46:33.0644 5336 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:46:33.0675 5336 seclogon - ok
19:46:33.0690 5336 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:46:33.0706 5336 SENS - ok
19:46:33.0722 5336 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:46:33.0753 5336 SensrSvc - ok
19:46:33.0784 5336 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:46:33.0800 5336 Serenum - ok
19:46:33.0815 5336 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:46:33.0846 5336 Serial - ok
19:46:33.0878 5336 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:46:33.0909 5336 sermouse - ok
19:46:33.0924 5336 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:46:33.0987 5336 SessionEnv - ok
19:46:34.0002 5336 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:46:34.0018 5336 sffdisk - ok
19:46:34.0018 5336 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:46:34.0034 5336 sffp_mmc - ok
19:46:34.0049 5336 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:46:34.0049 5336 sffp_sd - ok
19:46:34.0065 5336 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:46:34.0080 5336 sfloppy - ok
19:46:34.0112 5336 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:46:34.0158 5336 SharedAccess - ok
19:46:34.0174 5336 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:46:34.0190 5336 ShellHWDetection - ok
19:46:34.0205 5336 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:46:34.0205 5336 SiSRaid2 - ok
19:46:34.0205 5336 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:46:34.0221 5336 SiSRaid4 - ok
19:46:34.0252 5336 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:46:34.0268 5336 SkypeUpdate - ok
19:46:34.0283 5336 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:46:34.0314 5336 Smb - ok
19:46:34.0330 5336 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:46:34.0361 5336 SNMPTRAP - ok
19:46:34.0361 5336 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:46:34.0361 5336 spldr - ok
19:46:34.0392 5336 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:46:34.0424 5336 Spooler - ok
19:46:34.0502 5336 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:46:34.0595 5336 sppsvc - ok
19:46:34.0611 5336 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:46:34.0673 5336 sppuinotify - ok
19:46:34.0689 5336 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:46:34.0704 5336 srv - ok
19:46:34.0720 5336 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:46:34.0736 5336 srv2 - ok
19:46:34.0736 5336 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:46:34.0751 5336 srvnet - ok
19:46:34.0782 5336 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:46:34.0798 5336 SSDPSRV - ok
19:46:34.0814 5336 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:46:34.0845 5336 SstpSvc - ok
19:46:34.0860 5336 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:46:34.0860 5336 stexstor - ok
19:46:34.0892 5336 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:46:34.0938 5336 stisvc - ok
19:46:34.0938 5336 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:46:34.0938 5336 swenum - ok
19:46:34.0954 5336 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:46:34.0985 5336 swprv - ok
19:46:35.0016 5336 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:46:35.0094 5336 SysMain - ok
19:46:35.0094 5336 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:46:35.0126 5336 TabletInputService - ok
19:46:35.0126 5336 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:46:35.0172 5336 TapiSrv - ok
19:46:35.0172 5336 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:46:35.0204 5336 TBS - ok
19:46:35.0250 5336 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:46:35.0282 5336 Tcpip - ok
19:46:35.0328 5336 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:46:35.0360 5336 TCPIP6 - ok
19:46:35.0391 5336 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:46:35.0422 5336 tcpipreg - ok
19:46:35.0453 5336 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:46:35.0469 5336 TDPIPE - ok
19:46:35.0500 5336 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:46:35.0500 5336 TDTCP - ok
19:46:35.0516 5336 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:46:35.0547 5336 tdx - ok
19:46:35.0562 5336 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:46:35.0562 5336 TermDD - ok
19:46:35.0594 5336 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:46:35.0625 5336 TermService - ok
19:46:35.0640 5336 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:46:35.0656 5336 Themes - ok
19:46:35.0672 5336 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:46:35.0687 5336 THREADORDER - ok
19:46:35.0703 5336 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:46:35.0718 5336 TrkWks - ok
19:46:35.0765 5336 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:46:35.0812 5336 TrustedInstaller - ok
19:46:35.0828 5336 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:46:35.0843 5336 tssecsrv - ok
19:46:35.0859 5336 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:46:35.0874 5336 TsUsbFlt - ok
19:46:35.0890 5336 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:46:35.0890 5336 TsUsbGD - ok
19:46:35.0921 5336 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:46:35.0968 5336 tunnel - ok
19:46:35.0984 5336 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:46:35.0984 5336 uagp35 - ok
19:46:35.0999 5336 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:46:36.0046 5336 udfs - ok
19:46:36.0077 5336 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:46:36.0093 5336 UI0Detect - ok
19:46:36.0108 5336 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:46:36.0108 5336 uliagpkx - ok
19:46:36.0124 5336 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:46:36.0155 5336 umbus - ok
19:46:36.0171 5336 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:46:36.0186 5336 UmPass - ok
19:46:36.0249 5336 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:46:36.0264 5336 UMVPFSrv - ok
19:46:36.0311 5336 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:46:36.0327 5336 UNS - ok
19:46:36.0342 5336 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:46:36.0389 5336 upnphost - ok
19:46:36.0452 5336 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:46:36.0483 5336 usbaudio - ok
19:46:36.0483 5336 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:46:36.0498 5336 usbccgp - ok
19:46:36.0530 5336 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:46:36.0561 5336 usbcir - ok
19:46:36.0576 5336 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:46:36.0608 5336 usbehci - ok
19:46:36.0639 5336 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:46:36.0654 5336 usbhub - ok
19:46:36.0670 5336 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:46:36.0670 5336 usbohci - ok
19:46:36.0686 5336 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:46:36.0701 5336 usbprint - ok
19:46:36.0748 5336 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:46:36.0779 5336 usbscan - ok
19:46:36.0795 5336 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:46:36.0826 5336 USBSTOR - ok
19:46:36.0842 5336 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:46:36.0857 5336 usbuhci - ok
19:46:36.0873 5336 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:46:36.0904 5336 usbvideo - ok
19:46:36.0920 5336 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:46:36.0951 5336 UxSms - ok
19:46:36.0951 5336 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:46:36.0966 5336 VaultSvc - ok
19:46:36.0966 5336 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:46:36.0966 5336 vdrvroot - ok
19:46:36.0982 5336 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:46:37.0013 5336 vds - ok
19:46:37.0013 5336 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:46:37.0029 5336 vga - ok
19:46:37.0029 5336 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:46:37.0060 5336 VgaSave - ok
19:46:37.0076 5336 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:46:37.0076 5336 vhdmp - ok
19:46:37.0076 5336 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:46:37.0091 5336 viaide - ok
19:46:37.0107 5336 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:46:37.0122 5336 volmgr - ok
19:46:37.0122 5336 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:46:37.0138 5336 volmgrx - ok
19:46:37.0138 5336 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:46:37.0154 5336 volsnap - ok
19:46:37.0154 5336 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:46:37.0154 5336 vsmraid - ok
19:46:37.0185 5336 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:46:37.0263 5336 VSS - ok
19:46:37.0278 5336 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:46:37.0310 5336 vwifibus - ok
19:46:37.0341 5336 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:46:37.0372 5336 vwififlt - ok
19:46:37.0388 5336 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:46:37.0434 5336 W32Time - ok
19:46:37.0434 5336 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:46:37.0450 5336 WacomPen - ok
19:46:37.0466 5336 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:46:37.0497 5336 WANARP - ok
19:46:37.0497 5336 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:46:37.0512 5336 Wanarpv6 - ok
19:46:37.0544 5336 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:46:37.0590 5336 wbengine - ok
19:46:37.0606 5336 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:46:37.0622 5336 WbioSrvc - ok
19:46:37.0622 5336 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:46:37.0653 5336 wcncsvc - ok
19:46:37.0668 5336 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:46:37.0684 5336 WcsPlugInService - ok
19:46:37.0700 5336 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:46:37.0700 5336 Wd - ok
19:46:37.0731 5336 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:46:37.0762 5336 Wdf01000 - ok
19:46:37.0762 5336 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:46:37.0778 5336 WdiServiceHost - ok
19:46:37.0778 5336 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:46:37.0793 5336 WdiSystemHost - ok
19:46:37.0809 5336 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:46:37.0840 5336 WebClient - ok
19:46:37.0871 5336 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:46:37.0934 5336 Wecsvc - ok
19:46:37.0949 5336 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:46:37.0996 5336 wercplsupport - ok
19:46:38.0012 5336 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:46:38.0043 5336 WerSvc - ok
19:46:38.0058 5336 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:46:38.0074 5336 WfpLwf - ok
19:46:38.0074 5336 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:46:38.0090 5336 WIMMount - ok
19:46:38.0090 5336 WinDefend - ok
19:46:38.0105 5336 WinHttpAutoProxySvc - ok
19:46:38.0136 5336 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:46:38.0183 5336 Winmgmt - ok
19:46:38.0230 5336 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:46:38.0292 5336 WinRM - ok
19:46:38.0324 5336 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:46:38.0355 5336 Wlansvc - ok
19:46:38.0402 5336 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:46:38.0417 5336 wlcrasvc - ok
19:46:38.0480 5336 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:46:38.0511 5336 wlidsvc - ok
19:46:38.0526 5336 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:46:38.0542 5336 WmiAcpi - ok
19:46:38.0573 5336 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:46:38.0589 5336 wmiApSrv - ok
19:46:38.0604 5336 WMPNetworkSvc - ok
19:46:38.0604 5336 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:46:38.0620 5336 WPCSvc - ok
19:46:38.0620 5336 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:46:38.0636 5336 WPDBusEnum - ok
19:46:38.0636 5336 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:46:38.0667 5336 ws2ifsl - ok
19:46:38.0682 5336 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:46:38.0698 5336 wscsvc - ok
19:46:38.0745 5336 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
19:46:38.0760 5336 WSDPrintDevice - ok
19:46:38.0776 5336 WSearch - ok
19:46:38.0807 5336 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
19:46:38.0807 5336 wsvd - ok
19:46:38.0963 5336 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:46:39.0026 5336 wuauserv - ok
19:46:39.0041 5336 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:46:39.0057 5336 WudfPf - ok
19:46:39.0072 5336 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:46:39.0104 5336 WUDFRd - ok
19:46:39.0119 5336 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:46:39.0135 5336 wudfsvc - ok
19:46:39.0166 5336 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:46:39.0197 5336 WwanSvc - ok
19:46:39.0213 5336 ================ Scan global ===============================
19:46:39.0228 5336 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:46:39.0260 5336 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:46:39.0260 5336 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:46:39.0291 5336 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:46:39.0306 5336 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:46:39.0322 5336 [Global] - ok
19:46:39.0322 5336 ================ Scan MBR ==================================
19:46:39.0322 5336 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
19:46:40.0757 5336 \Device\Harddisk0\DR0 - ok
19:46:40.0757 5336 ================ Scan VBR ==================================
19:46:40.0757 5336 [ 7B5F3A29AAF0AD50A50A9FAE4173BAF7 ] \Device\Harddisk0\DR0\Partition1
19:46:40.0757 5336 \Device\Harddisk0\DR0\Partition1 - ok
19:46:40.0804 5336 [ 7D978745279E04CCF39C4DA4B5ABC5C9 ] \Device\Harddisk0\DR0\Partition2
19:46:40.0804 5336 \Device\Harddisk0\DR0\Partition2 - ok
19:46:40.0835 5336 [ D204B579F72F0EBFD2362350B4CD7EA2 ] \Device\Harddisk0\DR0\Partition3
19:46:40.0835 5336 \Device\Harddisk0\DR0\Partition3 - ok
19:46:40.0835 5336 ============================================================
19:46:40.0835 5336 Scan finished
19:46:40.0835 5336 ============================================================
19:46:40.0851 5552 Detected object count: 0
19:46:40.0851 5552 Actual detected object count: 0
19:48:19.0677 5176 Deinitialize success
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-23 21:09:21
-----------------------------
21:09:21.270 OS Version: Windows x64 6.1.7601 Service Pack 1
21:09:21.270 Number of processors: 8 586 0x3A09
21:09:21.270 ComputerName: RAKETE-PC UserName: rakete
21:09:24.999 Initialize success
21:16:33.283 AVAST engine defs: 13032302
21:17:14.077 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:17:14.077 Disk 0 Vendor: ST1500DL CC4A Size: 1430799MB BusType: 3
21:17:14.233 Disk 0 MBR read successfully
21:17:14.233 Disk 0 MBR scan
21:17:14.249 Disk 0 unknown MBR code
21:17:14.249 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:17:14.265 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1378473 MB offset 206848
21:17:14.296 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 51200 MB offset 2823319552
21:17:14.311 Disk 0 Partition 4 00 12 Compaq diag NTFS 1024 MB offset 2928177152
21:17:14.389 Disk 0 scanning C:\Windows\system32\drivers
21:17:20.739 Service scanning
21:17:33.562 Modules scanning
21:17:33.562 Disk 0 trace - called modules:
21:17:33.577 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
21:17:33.577 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f35790]
21:17:33.593 3 CLASSPNP.SYS[fffff880015ca43f] -> nt!IofCallDriver -> [0xfffffa80059ad7e0]
21:17:33.593 5 ACPI.sys[fffff88000f577a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80059b2050]
21:17:40.519 AVAST engine scan C:\Windows
21:17:49.567 AVAST engine scan C:\Windows\system32
21:19:58.907 AVAST engine scan C:\Windows\system32\drivers
21:20:13.259 AVAST engine scan C:\Users\rakete
21:21:23.210 AVAST engine scan C:\ProgramData
21:21:52.429 Scan finished successfully
21:22:14.238 Disk 0 MBR has been saved successfully to "C:\Users\rakete\Documents\MBR.dat"
21:22:14.238 The log file has been saved successfully to "C:\Users\rakete\Documents\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-23 21:33:56
-----------------------------
21:33:56.095 OS Version: Windows x64 6.1.7601 Service Pack 1
21:33:56.095 Number of processors: 8 586 0x3A09
21:33:56.095 ComputerName: RAKETE-PC UserName: rakete
21:33:57.171 Initialize success
21:34:02.195 AVAST engine defs: 13032302
21:34:12.132 The log file has been saved successfully to "C:\Users\rakete\Documents\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-30 20:08:45
-----------------------------
20:08:45.666 OS Version: Windows x64 6.1.7601 Service Pack 1
20:08:45.666 Number of processors: 8 586 0x3A09
20:08:45.666 ComputerName: RAKETE-PC UserName: rakete
20:08:50.536 Initialize success
20:09:13.672 The log file has been saved successfully to "C:\Users\rakete\Documents\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-30 20:10:07
-----------------------------
20:10:07.061 OS Version: Windows x64 6.1.7601 Service Pack 1
20:10:07.061 Number of processors: 8 586 0x3A09
20:10:07.061 ComputerName: RAKETE-PC UserName: rakete
20:10:09.423 Initialize success
20:13:06.860 AVAST engine defs: 13033000
20:13:40.016 The log file has been saved successfully to "C:\Users\rakete\Documents\aswMBR.txt"
|
|
30.03.2013, 20:18
| #40 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner Geht doch! Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.03.2013, 20:37
| #41 |
| | GVU-Trojaner [CODECombofix Logfile: Code:
ATTFilter ComboFix 13-03-30.01 - rakete 30.03.2013 20:29:19.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6111.4231 [GMT 1:00]
ausgeführt von:: c:\users\rakete\Downloads\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-28 bis 2013-03-30 ))))))))))))))))))))))))))))))
.
.
2013-03-30 19:31 . 2013-03-30 19:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-30 19:31 . 2013-03-30 19:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-26 18:33 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-23 19:27 . 2013-03-23 20:51 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2013-03-19 18:50 . 2013-03-20 16:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-19 18:50 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-18 20:04 . 2013-03-18 20:04 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-18 20:04 . 2013-03-18 20:04 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-17 19:54 . 2013-03-17 19:55 -------- d-----w- c:\programdata\AVG2013
2013-03-17 19:54 . 2013-03-17 19:54 -------- d-----w- C:\$AVG
2013-03-17 19:53 . 2013-03-17 19:53 -------- d-----w- c:\program files (x86)\AVG
2013-03-17 19:50 . 2013-03-17 19:50 -------- d--h--w- c:\programdata\Common Files
2013-03-17 19:50 . 2013-03-30 18:59 -------- d-----w- c:\programdata\MFAData
2013-03-17 19:44 . 2013-03-17 19:44 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-03-17 16:21 . 2013-03-17 16:21 -------- d-----w- c:\programdata\Malwarebytes
2013-03-17 14:38 . 2013-03-20 20:41 -------- dc----w- c:\windows\system32\DRVSTORE
2013-03-17 13:18 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-03-17 13:13 . 2013-03-17 13:13 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-17 08:39 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-03-17 08:39 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-03-17 08:39 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-03-17 08:39 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-03-17 08:36 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-03-17 08:28 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-03-17 08:28 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-03-17 08:28 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-03-17 08:28 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-03-17 08:28 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-03-17 08:28 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-03-17 08:28 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-03-17 08:28 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-03-17 08:28 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-03-17 08:28 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-03-17 08:28 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-03-17 08:26 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-03-17 08:26 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-03-17 08:26 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-03-17 08:26 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-03-17 08:26 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-03-17 08:14 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-03-17 08:13 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-03-16 20:01 . 2008-10-17 19:04 179712 ------w- c:\windows\system32\BrfxDA5b.dll
2013-03-16 20:01 . 2009-05-19 16:39 3072 ------w- c:\windows\SysWow64\BrDctF2S.dll
2013-03-16 20:01 . 2007-12-13 21:16 73728 ------w- c:\windows\SysWow64\BrDctF2.dll
2013-03-16 20:01 . 2007-12-13 21:16 5632 ------w- c:\windows\SysWow64\BrDctF2L.dll
2013-03-16 20:01 . 2006-12-28 12:39 176128 ------w- c:\windows\SysWow64\BroSNMP.dll
2013-03-16 20:01 . 2009-04-07 11:02 1560576 ----a-w- c:\windows\system32\BrWia09b.dll
2013-03-16 20:01 . 2009-02-24 09:37 50176 ----a-w- c:\windows\system32\BrUsi09a.dll
2013-03-16 20:00 . 2009-01-19 08:29 57344 ----a-w- c:\windows\SysWow64\brprtink.dll
2013-03-16 20:00 . 2013-03-16 20:01 -------- d-----w- c:\program files (x86)\Brother
2013-03-16 20:00 . 2008-06-17 14:33 167936 ------w- c:\windows\SysWow64\NSSearch.dll
2013-03-16 19:52 . 2013-03-16 19:52 -------- d-----w- c:\program files\Nuance
2013-03-16 19:45 . 2013-03-16 19:45 -------- d-----w- c:\program files (x86)\Common Files\ScanSoft Shared
2013-03-16 19:45 . 2013-03-16 19:45 -------- d-----w- c:\programdata\ScanSoft
2013-03-16 19:45 . 2013-03-16 19:45 -------- d-----w- c:\program files (x86)\ScanSoft
2013-03-16 19:44 . 2013-03-16 19:44 -------- d-----w- c:\programdata\Brother
2013-03-16 19:02 . 2013-03-16 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-03-16 19:02 . 2013-03-16 19:02 -------- d-----r- c:\program files (x86)\Skype
2013-03-16 19:02 . 2013-03-17 08:30 -------- d-----w- c:\programdata\Skype
2013-03-16 17:47 . 2013-03-16 17:47 -------- d-----w- c:\program files\Common Files\logishrd
2013-03-16 17:47 . 2013-03-16 17:47 -------- d-----w- c:\program files (x86)\Common Files\logishrd
2013-03-16 17:43 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-03-16 17:43 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-03-16 17:43 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-03-16 17:43 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-03-16 17:42 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-03-16 17:42 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-03-16 17:42 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-03-16 17:42 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-03-16 17:42 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-03-16 17:03 . 2013-03-17 20:32 -------- d-----w- c:\users\rakete
2013-03-16 17:03 . 2013-03-16 17:03 -------- d-----w- c:\program files (x86)\Mediathek
2013-03-16 17:03 . 2013-03-16 17:03 -------- d-----w- c:\program files (x86)\Common Files\Memeo
2013-03-16 17:03 . 2013-03-16 17:03 -------- d-----w- c:\program files (x86)\Memeo
2013-03-16 17:03 . 2013-03-16 17:03 -------- d-----w- c:\programdata\Kaspersky Rescue Disk 10
2013-03-16 17:02 . 2013-03-20 20:42 -------- d-----w- c:\programdata\Kaspersky Lab
2013-03-16 17:01 . 2013-03-16 17:01 -------- d-----w- c:\program files\PlayReady
2013-03-16 17:01 . 2013-03-17 13:19 -------- d-----w- c:\programdata\Partner
2013-03-16 17:01 . 2013-03-17 13:19 -------- d-----w- c:\program files\Google
2013-03-16 17:01 . 2013-03-17 13:19 -------- d-----w- c:\program files (x86)\Google
2013-03-16 16:58 . 2013-03-16 16:58 -------- d-sh--we C:\Documents and Settings
2013-03-16 16:58 . 2013-03-16 16:58 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-04 13:53 . 2011-07-18 20:31 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-02-26 22:40 . 2013-02-26 22:40 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-02-14 02:52 . 2013-02-14 02:52 239416 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2013-02-12 05:45 . 2013-03-17 08:14 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-17 08:14 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-17 08:14 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-17 08:14 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-17 08:14 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-17 08:14 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-08 03:37 . 2013-02-08 03:37 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-02-08 03:37 . 2013-02-08 03:37 311096 ----a-w- c:\windows\system32\drivers\avgloga.sys
2013-02-08 03:37 . 2013-02-08 03:37 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-02-08 03:37 . 2013-02-08 03:37 206136 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2013-02-08 03:37 . 2013-02-08 03:37 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-01-04 04:43 . 2013-03-17 08:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-03-13 4394032]
"emsisoft anti-malware"="c:\program files (x86)\Emsisoft Anti-Malware\a2guard.exe" [2013-01-30 3365288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-02-27 4937264]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2012-04-30 66320]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2011-05-19 23208]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-02-26 246072]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-02-14 239416]
S2 a2AntiMalware;Emsisoft Anti-Malware 7.0 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-01-30 3089320]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2013-02-19 1418184]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-02-19 282624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-08-02 129000]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-08-02 391144]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-03-06 648808]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-17 13:16 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-16 17:01]
.
2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-16 17:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-16 12445288]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-30 20:32:49
ComboFix-quarantined-files.txt 2013-03-30 19:32
.
Vor Suchlauf: 8 Verzeichnis(se), 1.384.239.669.248 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 1.384.459.964.416 Bytes frei
.
- - End Of File - - 010A23BE98C822A4A0065FAD3FDCAACF
][/CODE]um dir mein Problem nochmals darzustellen:Ich habe jetzt 5 Minuten vor deiner Antwort gesessen,eh mir einfiel,dass ich die ganze Antwort sehe,wenn ich auf AW klicke,ich habe mit Computern meine Probleme und Sachen,die mich nicht interessieren,vergesse ich ganz schnell-ist leider so |
|
30.03.2013, 20:58
| #42 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.03.2013, 20:58
| #43 |
| | GVU-Trojaner habe ein neues Problem.Nach dem Neustart komme ich nicht mehr ins Internet;d.h. ich sehe die Adresse meiner Startseite,es wird aber keine Verbindung aufgebaut.Wenn ich einen meiner Favoriten anklicke,dann bleibt die Adresse von der Startseite stehen.Internetverbindung habe ich und Skype geht auch bin mit google chrome reingekommen,dh. Intenet Explorer geht nicht mehr.Bevor ich loslege,was bedeutet beende die Schutzsoftware-soll ich die deaktivieren? |
|
30.03.2013, 21:48
| #44 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner Inwiefern schränkt dich das jetzt in der Erstellung der Logs sein, wir hier noch nicht fertig
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.03.2013, 09:01
| #45 |
| | GVU-Trojaner [CODE][~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.7.8 (03.31.2013:1) OS: Windows 7 Home Premium x64 Ran by rakete on 31.03.2013 at 9:52:26,62 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\partner" Successfully deleted: [Empty Folder] C:\Users\rakete\appdata\local\{F9A3CA97-9432-4CB3-8447-2EE85D337232} Successfully deleted: [Empty Folder] C:\Users\rakete\appdata\local\{5F21F10F-3DC3-4267-9390-E3428612F75E} Successfully deleted: [Empty Folder] C:\Users\rakete\appdata\local\{56CBE274-A767-4126-97C8-EBE9B36DD39B} ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 31.03.2013 at 9:56:53,72 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /CODE] AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.115 - Datei am 31/03/2013 um 10:05:02 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : rakete - RAKETE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\rakete\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16521
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Google Chrome v25.0.1364.172
Datei : C:\Users\rakete\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [774 octets] - [31/03/2013 10:05:02]
########## EOF - C:\AdwCleaner[S1].txt - [833 octets] ##########
OTL Logfile: Code:
ATTFilter OTL logfile created on: 31.03.2013 10:10:58 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\rakete\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16521) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,97 Gb Total Physical Memory | 3,75 Gb Available Physical Memory | 62,76% Memory free 11,93 Gb Paging File | 9,46 Gb Available in Paging File | 79,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1346,17 Gb Total Space | 1288,83 Gb Free Space | 95,74% Space Free | Partition Type: NTFS Drive D: | 50,00 Gb Total Space | 25,69 Gb Free Space | 51,37% Space Free | Partition Type: NTFS Drive E: | 4,38 Gb Total Space | 3,16 Gb Free Space | 72,21% Space Free | Partition Type: UDF Computer Name: RAKETE-PC | User Name: rakete | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\rakete\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8c78244854f84b69701fcee19b543645\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\1c402ca365b68a2616ea3a5194d38310\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll () ========== Services (SafeList) ========== SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (MemeoBackgroundService) -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Memeo) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (a2acc) -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys (Emsisoft GmbH) DRV - (A2DDA) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys (Emsi Software GmbH) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3756563201-3654928769-1415867336-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF IE - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\..\SearchScopes\{B99F1B9F-2214-4FAB-A04E-E0B00F8C4EA1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_deDE527 IE - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\rakete\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\rakete\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\rakete\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2013.03.30 21:31:53 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKU\S-1-5-21-3756563201-3654928769-1415867336-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3756563201-3654928769-1415867336-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3756563201-3654928769-1415867336-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3756563201-3654928769-1415867336-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0) O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A04CCCFE-AC16-4F6B-90A9-4A424694D442}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.03.26 21:29:52 | 000,000,000 | RH-- | M] () - E:\autorun.wbcat -- [ UDF ] O32 - AutoRun File - [2013.03.26 21:29:52 | 000,000,131 | ---- | M] () - E:\autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.31 09:52:23 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.03.31 09:51:57 | 000,000,000 | ---D | C] -- C:\JRT [2013.03.30 21:39:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.03.30 21:32:50 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.03.30 21:28:22 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.03.30 21:28:22 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.03.30 21:28:22 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.03.30 21:27:00 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.03.30 21:26:51 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.03.26 21:48:17 | 000,000,000 | R--D | C] -- C:\Users\rakete\Documents\Scanned Documents [2013.03.26 21:48:17 | 000,000,000 | ---D | C] -- C:\Users\rakete\Documents\Fax [2013.03.26 21:46:39 | 000,000,000 | R--D | C] -- C:\Users\rakete\AppData\Roaming\Brother [2013.03.26 20:33:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.03.23 21:28:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2013.03.23 21:27:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware [2013.03.23 21:27:49 | 000,000,000 | ---D | C] -- C:\Users\rakete\Documents\Anti-Malware [2013.03.20 22:53:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.03.20 22:40:16 | 000,000,000 | --SD | C] -- C:\Users\rakete\Documents\Passwords Database [2013.03.19 20:50:12 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.03.19 20:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.19 20:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.03.18 22:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.03.18 22:04:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.03.18 22:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.03.17 22:33:36 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Windows Live Writer [2013.03.17 22:33:36 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Windows Live Writer [2013.03.17 21:55:53 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\AVG2013 [2013.03.17 21:55:23 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\TuneUp Software [2013.03.17 21:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.03.17 21:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2013.03.17 21:54:31 | 000,000,000 | ---D | C] -- C:\$AVG [2013.03.17 21:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2013.03.17 21:50:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.03.17 21:50:38 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\MFAData [2013.03.17 21:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013.03.17 21:50:38 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Avg2013 [2013.03.17 21:44:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2013.03.17 18:21:24 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Malwarebytes [2013.03.17 18:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.17 18:20:16 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Programs [2013.03.17 16:38:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013.03.17 15:18:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2013.03.17 15:14:35 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.03.17 15:14:35 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.17 15:14:35 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.17 15:14:35 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.03.17 15:14:35 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.03.17 15:14:35 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.03.17 15:14:35 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.03.17 15:14:35 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.03.17 15:14:35 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.03.17 15:14:35 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.03.17 15:14:35 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.03.17 15:14:35 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.03.17 15:14:35 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.03.17 15:14:35 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.17 15:14:35 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.03.17 15:14:35 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.03.17 15:14:35 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.03.17 15:14:35 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.03.17 15:14:35 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.03.17 15:14:35 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.03.17 15:14:35 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.17 15:14:35 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.17 15:14:35 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.03.17 15:14:35 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.03.17 15:14:35 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.03.17 15:14:35 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.03.17 15:14:35 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.17 15:14:35 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.03.17 15:14:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.03.17 15:14:35 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.03.17 15:14:35 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.03.17 15:14:35 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.03.17 15:14:35 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.03.17 15:14:35 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.17 15:14:35 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.03.17 15:14:35 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.03.17 15:14:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.03.17 15:14:35 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.03.17 15:14:35 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.03.17 15:14:35 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.03.17 15:14:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.03.17 15:14:35 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.03.17 15:14:35 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.17 15:14:35 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.03.17 15:14:35 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.03.17 15:14:35 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.03.17 15:14:35 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.03.17 15:14:35 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.17 15:14:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.03.17 15:14:35 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.03.17 15:14:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.03.17 15:14:35 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.03.17 15:14:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.03.17 15:14:35 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.03.17 15:14:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.03.17 15:14:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.03.17 15:14:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.03.17 15:14:35 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.03.17 15:14:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.03.17 15:14:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.03.17 15:14:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.03.17 15:14:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.03.17 15:14:35 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.03.17 15:14:35 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.03.17 15:14:35 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.03.17 15:14:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.03.17 15:14:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.03.17 15:14:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.03.17 15:13:40 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.03.17 15:13:40 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.03.17 15:13:40 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.03.17 15:13:40 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.03.17 15:13:40 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.03.17 15:13:40 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.03.17 15:13:40 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.03.17 15:13:40 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.03.17 15:13:40 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.03.17 15:13:40 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.03.17 15:13:40 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.03.17 15:13:40 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.03.17 15:13:40 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.03.17 15:13:40 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.03.17 15:13:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.03.17 15:13:40 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.03.17 15:13:40 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.03.17 15:13:40 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.03.17 15:13:40 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.03.17 15:13:40 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.03.17 15:13:40 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.03.17 15:13:40 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.03.17 15:13:40 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.03.17 15:13:40 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.03.17 15:13:40 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.03.17 15:13:40 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.03.17 15:13:40 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.03.17 15:13:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.03.17 15:13:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.03.17 15:13:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.03.17 15:13:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.03.17 15:13:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.03.17 15:13:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.03.17 15:13:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.03.17 15:13:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.03.17 15:13:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.03.17 15:13:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.03.17 15:13:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.03.17 15:13:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.03.17 15:13:40 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.03.17 15:13:40 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.03.17 10:39:53 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2013.03.17 10:39:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2013.03.17 10:36:53 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2013.03.17 10:28:32 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013.03.17 10:28:32 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013.03.17 10:28:32 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013.03.17 10:28:32 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013.03.17 10:28:01 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2013.03.17 10:28:00 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2013.03.17 10:28:00 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2013.03.17 10:28:00 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2013.03.17 10:26:33 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2013.03.17 10:26:33 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2013.03.17 10:15:36 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.03.17 10:15:35 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.03.17 10:15:35 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.03.17 10:15:34 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.03.17 10:15:34 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013.03.17 10:15:30 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2013.03.17 10:15:30 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2013.03.17 10:15:30 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2013.03.17 10:15:20 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2013.03.17 10:15:20 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2013.03.17 10:15:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2013.03.17 10:15:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2013.03.17 10:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2013.03.17 10:15:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2013.03.17 10:15:18 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2013.03.17 10:15:18 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2013.03.17 10:15:18 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2013.03.17 10:15:18 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2013.03.17 10:15:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2013.03.17 10:15:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2013.03.17 10:15:09 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013.03.17 10:15:09 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2013.03.17 10:15:09 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013.03.17 10:15:09 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2013.03.17 10:15:08 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.03.17 10:15:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.03.17 10:15:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.03.17 10:15:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.03.17 10:15:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.03.17 10:15:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.03.17 10:15:06 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2013.03.17 10:14:50 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013.03.17 10:14:49 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2013.03.17 10:14:49 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.03.17 10:14:49 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013.03.17 10:14:49 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013.03.17 10:14:49 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013.03.17 10:14:49 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013.03.17 10:14:49 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013.03.17 10:14:49 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013.03.17 10:14:49 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013.03.17 10:14:49 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013.03.17 10:14:49 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013.03.17 10:14:49 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013.03.17 10:14:49 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013.03.17 10:14:49 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013.03.17 10:14:49 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013.03.17 10:14:49 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013.03.17 10:14:49 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013.03.17 10:14:48 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013.03.17 10:14:48 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013.03.17 10:14:48 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013.03.17 10:14:48 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013.03.17 10:14:48 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013.03.17 10:14:48 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013.03.17 10:14:48 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013.03.17 10:14:48 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013.03.17 10:14:48 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013.03.17 10:14:48 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013.03.17 10:14:48 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013.03.17 10:14:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013.03.17 10:14:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013.03.17 10:14:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013.03.17 10:14:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013.03.17 10:14:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013.03.17 10:14:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013.03.17 10:14:26 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2013.03.17 10:14:23 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013.03.17 10:14:23 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013.03.17 10:14:23 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013.03.17 10:14:23 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013.03.17 10:14:23 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013.03.17 10:14:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013.03.17 10:14:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013.03.17 10:14:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013.03.17 10:14:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013.03.17 10:14:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013.03.17 10:14:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013.03.17 10:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013.03.17 10:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013.03.17 10:14:14 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2013.03.17 10:14:14 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2013.03.17 10:14:13 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013.03.17 10:14:10 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2013.03.17 10:14:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2013.03.17 10:14:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2013.03.17 10:14:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2013.03.17 10:14:02 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2013.03.17 10:13:43 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2013.03.17 10:13:43 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2013.03.17 10:13:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2013.03.17 10:13:40 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.03.17 10:13:40 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013.03.16 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Scansoft [2013.03.16 22:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother [2013.03.16 22:01:13 | 000,179,712 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrfxDA5b.dll [2013.03.16 22:01:02 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll [2013.03.16 22:01:02 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll [2013.03.16 22:01:02 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll [2013.03.16 22:01:02 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll [2013.03.16 22:01:00 | 001,560,576 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrWia09b.dll [2013.03.16 22:01:00 | 000,050,176 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrUsi09a.dll [2013.03.16 22:00:57 | 000,057,344 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\brprtink.dll [2013.03.16 22:00:51 | 000,167,936 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll [2013.03.16 22:00:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother [2013.03.16 22:00:10 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\InstallShield [2013.03.16 21:58:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.03.16 21:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance [2013.03.16 21:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 11 [2013.03.16 21:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ScanSoft Shared [2013.03.16 21:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft [2013.03.16 21:45:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScanSoft [2013.03.16 21:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2013.03.16 21:40:13 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\ElevatedDiagnostics [2013.03.16 21:02:12 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Skype [2013.03.16 21:02:07 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.03.16 21:02:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.03.16 21:02:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.03.16 21:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.03.16 19:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2013.03.16 19:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd [2013.03.16 19:45:05 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Google [2013.03.16 19:43:13 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013.03.16 19:43:13 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013.03.16 19:43:13 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2013.03.16 19:42:52 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013.03.16 19:42:52 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013.03.16 19:42:52 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013.03.16 19:42:35 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.03.16 19:42:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013.03.16 19:36:34 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Adobe [2013.03.16 19:36:34 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Adobe [2013.03.16 19:33:14 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Google [2013.03.16 19:05:29 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Intel Corporation [2013.03.16 19:04:30 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Power2Go [2013.03.16 19:04:11 | 000,000,000 | R--D | C] -- C:\Users\rakete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.03.16 19:04:11 | 000,000,000 | R--D | C] -- C:\Users\rakete\Searches [2013.03.16 19:04:11 | 000,000,000 | R--D | C] -- C:\Users\rakete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.03.16 19:04:04 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Identities [2013.03.16 19:04:02 | 000,000,000 | R--D | C] -- C:\Users\rakete\Contacts [2013.03.16 19:04:00 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\VirtualStore [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Vorlagen [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\AppData\Local\Verlauf [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\AppData\Local\Temporary Internet Files [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Startmenü [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\SendTo [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Recent [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Netzwerkumgebung [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Lokale Einstellungen [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Documents\Eigene Videos [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Documents\Eigene Musik [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Eigene Dateien [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Documents\Eigene Bilder [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Druckumgebung [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Cookies [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\AppData\Local\Anwendungsdaten [2013.03.16 19:03:55 | 000,000,000 | -HSD | C] -- C:\Users\rakete\Anwendungsdaten [2013.03.16 19:03:54 | 000,000,000 | --SD | C] -- C:\Users\rakete\AppData\Roaming\Microsoft [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Videos [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Saved Games [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Pictures [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Music [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Links [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Favorites [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Downloads [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Documents [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\Desktop [2013.03.16 19:03:54 | 000,000,000 | R--D | C] -- C:\Users\rakete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.03.16 19:03:54 | 000,000,000 | -H-D | C] -- C:\Users\rakete\AppData [2013.03.16 19:03:54 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveEditor [2013.03.16 19:03:54 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Temp [2013.03.16 19:03:54 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Local\Microsoft [2013.03.16 19:03:54 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Media Center Programs [2013.03.16 19:03:54 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Macromedia [2013.03.16 19:03:54 | 000,000,000 | ---D | C] -- C:\Users\rakete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover [2013.03.16 19:03:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mediathek [2013.03.16 19:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo [2013.03.16 19:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Memeo [2013.03.16 19:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Memeo [2013.03.16 19:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Rescue Disk 10 [2013.03.16 19:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013.03.16 19:01:44 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2013.03.16 19:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013.03.16 19:01:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2013.03.16 19:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.03.16 18:58:16 | 000,000,000 | -HSD | C] -- C:\Documents and Settings [2013.03.16 18:58:16 | 000,000,000 | ---D | C] -- C:\Recovery ========== Files - Modified Within 30 Days ========== [2013.03.31 10:13:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.31 10:12:36 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.31 10:12:36 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.31 10:12:36 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.31 10:12:36 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.31 10:12:36 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.03.31 10:07:18 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.31 10:06:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.31 10:06:55 | 510,828,543 | -HS- | M] () -- C:\hiberfil.sys [2013.03.31 09:52:05 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.31 09:52:05 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.30 22:39:23 | 531,286,979 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.03.30 21:31:53 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.03.29 16:10:59 | 000,001,111 | ---- | M] () -- C:\Users\rakete\Desktop\USB-Massenspeichergerät - Verknüpfung.lnk [2013.03.27 21:34:14 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013.03.23 22:22:14 | 000,000,512 | ---- | M] () -- C:\Users\rakete\Documents\MBR.dat [2013.03.23 21:28:09 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2013.03.21 21:01:11 | 000,186,853 | ---- | M] () -- C:\Users\rakete\Documents\3CB3DECD-9561-4260-B5E6-4C19B9DA99BB.jpg [2013.03.20 18:47:08 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.20 16:17:17 | 000,205,992 | ---- | M] () -- C:\Users\rakete\Documents\Zum Kaputt Lachen!!!.jpg [2013.03.20 15:00:41 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2013.03.17 15:16:41 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.03.17 15:14:35 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.03.17 15:14:35 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.17 15:14:35 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.17 15:14:35 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.03.17 15:14:35 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.03.17 15:14:35 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.03.17 15:14:35 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.03.17 15:14:35 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.03.17 15:14:35 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.03.17 15:14:35 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.03.17 15:14:35 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.03.17 15:14:35 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.03.17 15:14:35 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.03.17 15:14:35 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.17 15:14:35 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.03.17 15:14:35 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.03.17 15:14:35 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.03.17 15:14:35 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.03.17 15:14:35 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.03.17 15:14:35 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.03.17 15:14:35 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.17 15:14:35 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.17 15:14:35 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.03.17 15:14:35 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.03.17 15:14:35 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.03.17 15:14:35 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.03.17 15:14:35 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.17 15:14:35 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.03.17 15:14:35 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.03.17 15:14:35 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.03.17 15:14:35 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.03.17 15:14:35 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.03.17 15:14:35 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.03.17 15:14:35 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.17 15:14:35 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.03.17 15:14:35 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.03.17 15:14:35 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.03.17 15:14:35 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.03.17 15:14:35 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.03.17 15:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.03.17 15:14:35 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.03.17 15:14:35 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.03.17 15:14:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.17 15:14:35 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.03.17 15:14:35 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.03.17 15:14:35 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.03.17 15:14:35 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.03.17 15:14:35 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.17 15:14:35 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.03.17 15:14:35 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.03.17 15:14:35 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.03.17 15:14:35 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.03.17 15:14:35 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.03.17 15:14:35 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.03.17 15:14:35 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.03.17 15:14:35 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.03.17 15:14:35 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.03.17 15:14:35 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.03.17 15:14:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.03.17 15:14:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.03.17 15:14:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.03.17 15:14:35 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.03.17 15:14:35 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.03.17 15:14:35 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.03.17 15:14:35 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.17 15:14:35 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.17 15:14:35 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.03.17 15:14:35 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.03.17 15:14:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.03.17 15:14:35 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.03.17 15:13:40 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.03.17 15:13:40 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.03.17 15:13:40 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.03.17 15:13:40 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.03.17 15:13:40 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.03.17 15:13:40 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.03.17 15:13:40 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.03.17 15:13:40 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.03.17 15:13:40 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.03.17 15:13:40 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.03.17 15:13:40 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.03.17 15:13:40 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.03.17 15:13:40 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.03.17 15:13:40 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.03.17 15:13:40 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.03.17 15:13:40 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.03.17 15:13:40 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.03.17 15:13:40 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.03.17 15:13:40 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.03.17 15:13:40 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.03.17 15:13:40 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.03.17 15:13:40 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.03.17 15:13:40 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.03.17 15:13:40 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.03.17 15:13:40 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.03.17 15:13:40 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.03.17 15:13:40 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.03.17 15:13:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.03.17 15:13:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.03.17 15:13:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.03.17 15:13:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.03.17 15:13:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.03.17 15:13:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.03.17 15:13:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.03.17 15:13:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.03.17 15:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.03.17 15:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.03.17 15:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.03.17 15:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.03.17 15:13:40 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.03.17 15:13:40 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.03.17 14:56:41 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2013.03.17 14:55:23 | 000,291,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.03.17 10:30:12 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013.03.16 22:25:32 | 000,017,408 | ---- | M] () -- C:\Users\rakete\AppData\Local\WebpageIcons.db [2013.03.16 22:02:25 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk [2013.03.16 22:02:02 | 000,000,254 | ---- | M] () -- C:\Windows\Brpfx04a.ini [2013.03.16 22:02:02 | 000,000,093 | ---- | M] () -- C:\Windows\brpcfx.ini [2013.03.16 22:01:32 | 000,000,050 | ---- | M] () -- C:\Windows\SysNative\bridf08b.dat [2013.03.16 22:01:31 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.03.16 21:57:52 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013.03.16 21:57:52 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2013.03.30 21:28:22 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.03.30 21:28:22 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.03.30 21:28:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.03.30 21:28:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.03.30 21:28:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.03.29 16:10:59 | 000,001,111 | ---- | C] () -- C:\Users\rakete\Desktop\USB-Massenspeichergerät - Verknüpfung.lnk [2013.03.23 22:22:14 | 000,000,512 | ---- | C] () -- C:\Users\rakete\Documents\MBR.dat [2013.03.23 21:28:09 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2013.03.21 21:00:56 | 000,186,853 | ---- | C] () -- C:\Users\rakete\Documents\3CB3DECD-9561-4260-B5E6-4C19B9DA99BB.jpg [2013.03.20 22:53:51 | 531,286,979 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.03.20 16:17:13 | 000,205,992 | ---- | C] () -- C:\Users\rakete\Documents\Zum Kaputt Lachen!!!.jpg [2013.03.20 15:00:41 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2013.03.19 20:50:12 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.17 21:55:23 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013.03.17 15:14:35 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.17 15:14:35 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.17 14:56:41 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2013.03.17 10:39:54 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.03.17 10:28:00 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.03.16 22:25:32 | 000,017,408 | ---- | C] () -- C:\Users\rakete\AppData\Local\WebpageIcons.db [2013.03.16 22:02:25 | 000,002,148 | ---- | C] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk [2013.03.16 22:02:02 | 000,000,254 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2013.03.16 22:02:02 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini [2013.03.16 22:01:32 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\bridf08b.dat [2013.03.16 22:01:28 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.03.16 22:01:13 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2013.03.16 21:02:07 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2013.03.16 20:07:18 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\MEDION_PC_MT 802G_20052363.mrk [2013.03.16 20:02:01 | 510,828,543 | -HS- | C] () -- C:\hiberfil.sys [2013.03.16 19:04:12 | 000,001,417 | ---- | C] () -- C:\Users\rakete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.03.16 19:03:48 | 000,002,526 | ---- | C] () -- C:\Users\Public\Desktop\MEDION mediathek.lnk [2013.03.16 19:01:46 | 000,002,786 | ---- | C] () -- C:\Users\Public\Desktop\MEDIONmail.lnk [2013.03.16 19:01:46 | 000,002,291 | ---- | C] () -- C:\Users\Public\Desktop\MEDIONplay.lnk [2013.03.16 19:01:46 | 000,002,101 | ---- | C] () -- C:\Users\Public\Desktop\Erstellen Sie Ihre Support-DVD.lnk [2013.03.16 19:01:46 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\MEDION Serviceportal.lnk [2013.03.16 19:01:46 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\LIFESTORE.lnk [2013.03.16 19:01:29 | 000,002,360 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [2013.03.16 19:01:21 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.03.16 19:01:12 | 000,001,110 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.16 19:01:12 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012.01.11 06:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
| Themen zu GVU-Trojaner |
| compu, computer, datei, desktop, englisch, erklären, erschein, erscheint, forum, gvu trojaner, gvu-trojaner, problem, reatogo-x-pe, seite, starte, startet, troja, trojaner, windows, windows 7, windows xp |
WARNUNG an die MITLESER: 
Linear-Darstellung
