| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.05.2013, 10:36
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
09.05.2013, 18:31
| #17 |
 | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Die aswMBR.exe hat mich nciht nach der aktuellen Virendefinition gefragt. Habe einfach gescannt... Hier das Log
__________________Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-09 19:21:35
-----------------------------
19:21:35.029 OS Version: Windows x64 6.2.9200
19:21:35.029 Number of processors: 4 586 0x3A09
19:21:35.030 ComputerName: BÄR UserName:
19:21:35.255 Initialze error 1
19:21:36.235 AVAST engine defs: 13050800
19:22:11.626 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003b
19:22:11.628 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
19:22:11.643 Disk 0 MBR read successfully
19:22:11.646 Disk 0 MBR scan
19:22:11.648 Disk 0 unknown MBR code
19:22:11.650 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
19:22:11.653 Disk 0 scanning C:\Windows\system32\drivers
19:22:11.656 Service scanning
19:22:12.361 Modules scanning
19:22:12.366 Disk 0 trace - called modules:
19:22:12.375 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
19:22:12.381 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051d4060]
19:22:12.387 3 CLASSPNP.SYS[fffff88001201fea] -> nt!IofCallDriver -> [0xfffffa8004635430]
19:22:12.396 5 ACPI.sys[fffff88001183a91] -> nt!IofCallDriver -> \Device\0000003b[0xfffffa8004630230]
19:22:12.403 AVAST engine scan C:\Windows
19:22:12.411 AVAST engine scan C:\Windows\system32
19:22:12.418 AVAST engine scan C:\Windows\system32\drivers
19:22:12.426 AVAST engine scan C:\Users\henning
19:22:12.434 AVAST engine scan C:\ProgramData
19:22:12.441 Scan finished successfully
19:22:53.264 Disk 0 MBR has been saved successfully to "C:\Users\henning\Desktop\MBR.dat"
19:22:53.280 The log file has been saved successfully to "C:\Users\henning\Desktop\aswMBR.txt"
Und das andere Code:
ATTFilter 19:26:30.0605 4484 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:26:30.0605 4484 UEFI system
19:26:30.0824 4484 ============================================================
19:26:30.0824 4484 Current date / time: 2013/05/09 19:26:30.0824
19:26:30.0824 4484 SystemInfo:
19:26:30.0824 4484
19:26:30.0824 4484 OS Version: 6.2.9200 ServicePack: 0.0
19:26:30.0824 4484 Product type: Workstation
19:26:30.0824 4484 ComputerName: BÄR
19:26:30.0824 4484 UserName: henning
19:26:30.0824 4484 Windows directory: C:\Windows
19:26:30.0824 4484 System windows directory: C:\Windows
19:26:30.0824 4484 Running under WOW64
19:26:30.0824 4484 Processor architecture: Intel x64
19:26:30.0824 4484 Number of processors: 4
19:26:30.0824 4484 Page size: 0x1000
19:26:30.0824 4484 Boot type: Normal boot
19:26:30.0824 4484 ============================================================
19:26:31.0731 4484 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:26:31.0731 4484 ============================================================
19:26:31.0731 4484 \Device\Harddisk0\DR0:
19:26:31.0731 4484 GPT partitions:
19:26:31.0731 4484 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {ED8A7604-9430-4EAE-8C6A-3C3A23273634}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
19:26:31.0731 4484 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {19BFAB54-0AC1-468B-982B-1CE87B02647A}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
19:26:31.0731 4484 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {910C2AE2-B224-4000-B8D6-29913B5BE3C1}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
19:26:31.0731 4484 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {68382FB2-A422-4901-AA8C-725A01BAB5F0}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
19:26:31.0731 4484 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7922F0A1-A429-45BD-8631-30874705F313}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0x6CB9A000
19:26:31.0731 4484 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {64928DD1-57DD-4AD6-9F83-FE0763D3E4B9}, Name: Basic data partition, StartLBA 0x6CF06000, BlocksNum 0x77FE000
19:26:31.0731 4484 MBR partitions:
19:26:31.0731 4484 ============================================================
19:26:31.0762 4484 C: <-> \Device\Harddisk0\DR0\Partition5
19:26:31.0825 4484 D: <-> \Device\Harddisk0\DR0\Partition6
19:26:31.0825 4484 ============================================================
19:26:31.0825 4484 Initialize success
19:26:31.0825 4484 ============================================================
19:26:41.0348 5760 ============================================================
19:26:41.0348 5760 Scan started
19:26:41.0348 5760 Mode: Manual; SigCheck; TDLFS;
19:26:41.0348 5760 ============================================================
19:26:42.0101 5760 ================ Scan system memory ========================
19:26:42.0101 5760 System memory - ok
19:26:42.0101 5760 ================ Scan services =============================
19:26:42.0321 5760 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
19:26:42.0524 5760 1394ohci - ok
19:26:42.0539 5760 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\Windows\system32\drivers\3ware.sys
19:26:42.0571 5760 3ware - ok
19:26:42.0602 5760 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:26:42.0633 5760 ACPI - ok
19:26:42.0649 5760 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\Windows\system32\Drivers\acpiex.sys
19:26:42.0664 5760 acpiex - ok
19:26:42.0696 5760 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
19:26:42.0727 5760 acpipagr - ok
19:26:42.0727 5760 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
19:26:42.0774 5760 AcpiPmi - ok
19:26:42.0789 5760 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\Windows\System32\drivers\acpitime.sys
19:26:42.0836 5760 acpitime - ok
19:26:42.0961 5760 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:26:42.0977 5760 AdobeFlashPlayerUpdateSvc - ok
19:26:43.0024 5760 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:26:43.0055 5760 adp94xx - ok
19:26:43.0102 5760 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:26:43.0133 5760 adpahci - ok
19:26:43.0164 5760 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:26:43.0196 5760 adpu320 - ok
19:26:43.0243 5760 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:26:43.0305 5760 AeLookupSvc - ok
19:26:43.0336 5760 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\Windows\system32\drivers\afd.sys
19:26:43.0399 5760 AFD - ok
19:26:43.0399 5760 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:26:43.0414 5760 agp440 - ok
19:26:43.0446 5760 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\Windows\System32\alg.exe
19:26:43.0493 5760 ALG - ok
19:26:43.0539 5760 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
19:26:43.0555 5760 AllUserInstallAgent - ok
19:26:43.0633 5760 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
19:26:43.0664 5760 AmdK8 - ok
19:26:43.0680 5760 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
19:26:43.0727 5760 AmdPPM - ok
19:26:43.0758 5760 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:26:43.0774 5760 amdsata - ok
19:26:43.0805 5760 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:26:43.0821 5760 amdsbs - ok
19:26:43.0836 5760 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:26:43.0852 5760 amdxata - ok
19:26:43.0883 5760 [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5 ] AMPPAL C:\Windows\System32\drivers\AMPPAL.sys
19:26:43.0914 5760 AMPPAL - ok
19:26:43.0914 5760 [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
19:26:43.0914 5760 AMPPALP - ok
19:26:43.0993 5760 [ 11DA9AEDEDE229C6BDF6889298E91FDD ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:26:44.0024 5760 AMPPALR3 - ok
19:26:44.0055 5760 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\Windows\system32\drivers\appid.sys
19:26:44.0086 5760 AppID - ok
19:26:44.0118 5760 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:26:44.0149 5760 AppIDSvc - ok
19:26:44.0164 5760 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\Windows\System32\appinfo.dll
19:26:44.0211 5760 Appinfo - ok
19:26:44.0258 5760 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device c:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:26:44.0274 5760 Apple Mobile Device - ok
19:26:44.0312 5760 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\Windows\system32\drivers\arc.sys
19:26:44.0328 5760 arc - ok
19:26:44.0359 5760 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:26:44.0375 5760 arcsas - ok
19:26:44.0406 5760 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:26:44.0421 5760 aswFsBlk - ok
19:26:44.0437 5760 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:26:44.0453 5760 aswMonFlt - ok
19:26:44.0468 5760 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:26:44.0484 5760 aswRdr - ok
19:26:44.0515 5760 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:26:44.0531 5760 aswRvrt - ok
19:26:44.0562 5760 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:26:44.0609 5760 aswSnx - ok
19:26:44.0609 5760 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:26:44.0625 5760 aswSP - ok
19:26:44.0625 5760 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:26:44.0640 5760 aswTdi - ok
19:26:44.0656 5760 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:26:44.0671 5760 aswVmm - ok
19:26:44.0687 5760 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:26:44.0718 5760 AsyncMac - ok
19:26:44.0718 5760 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\Windows\system32\drivers\atapi.sys
19:26:44.0734 5760 atapi - ok
19:26:44.0765 5760 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
19:26:44.0797 5760 AudioEndpointBuilder - ok
19:26:44.0835 5760 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:26:44.0897 5760 Audiosrv - ok
19:26:44.0991 5760 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:26:45.0007 5760 avast! Antivirus - ok
19:26:45.0038 5760 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:26:45.0069 5760 AxInstSV - ok
19:26:45.0116 5760 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:26:45.0147 5760 b06bdrv - ok
19:26:45.0163 5760 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
19:26:45.0226 5760 BasicDisplay - ok
19:26:45.0257 5760 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
19:26:45.0288 5760 BasicRender - ok
19:26:45.0319 5760 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\Windows\System32\bdesvc.dll
19:26:45.0382 5760 BDESVC - ok
19:26:45.0382 5760 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\Windows\system32\drivers\Beep.sys
19:26:45.0429 5760 Beep - ok
19:26:45.0476 5760 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\Windows\System32\bfe.dll
19:26:45.0523 5760 BFE - ok
19:26:45.0554 5760 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\Windows\System32\qmgr.dll
19:26:45.0726 5760 BITS - ok
19:26:45.0866 5760 [ BAE8683BE3463B25E51875B380AB695A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:26:45.0913 5760 Bluetooth Device Monitor - ok
19:26:45.0944 5760 [ AF06006C7A8B6CE409ABD351867A9544 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:26:45.0991 5760 Bluetooth OBEX Service - ok
19:26:46.0047 5760 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service c:\Program Files\Bonjour\mDNSResponder.exe
19:26:46.0078 5760 Bonjour Service - ok
19:26:46.0109 5760 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:26:46.0141 5760 bowser - ok
19:26:46.0203 5760 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
19:26:46.0234 5760 BrokerInfrastructure - ok
19:26:46.0266 5760 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\Windows\System32\browser.dll
19:26:46.0297 5760 Browser - ok
19:26:46.0359 5760 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
19:26:46.0406 5760 BthAvrcpTg - ok
19:26:46.0438 5760 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
19:26:46.0469 5760 BthEnum - ok
19:26:46.0500 5760 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
19:26:46.0563 5760 BthHFEnum - ok
19:26:46.0594 5760 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
19:26:46.0625 5760 bthhfhid - ok
19:26:46.0641 5760 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
19:26:46.0719 5760 BthLEEnum - ok
19:26:46.0719 5760 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
19:26:46.0766 5760 BTHMODEM - ok
19:26:46.0797 5760 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:26:46.0875 5760 BthPan - ok
19:26:46.0938 5760 [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:26:46.0969 5760 BTHPORT - ok
19:26:47.0000 5760 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\Windows\system32\bthserv.dll
19:26:47.0031 5760 bthserv - ok
19:26:47.0047 5760 [ 53ECA72327243009C4D49BF934134A1B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:26:47.0063 5760 BTHSSecurityMgr - ok
19:26:47.0078 5760 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:26:47.0110 5760 BTHUSB - ok
19:26:47.0141 5760 [ 8F5E4E166C19A1B60F508057CF2FF96E ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
19:26:47.0156 5760 btmaux - ok
19:26:47.0191 5760 [ FD6DCB9E986D4B88655370C7F3976F78 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
19:26:47.0238 5760 btmhsf - ok
19:26:47.0269 5760 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:26:47.0347 5760 cdfs - ok
19:26:47.0378 5760 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\Windows\System32\drivers\cdrom.sys
19:26:47.0430 5760 cdrom - ok
19:26:47.0461 5760 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\Windows\System32\certprop.dll
19:26:47.0493 5760 CertPropSvc - ok
19:26:47.0508 5760 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\Windows\System32\drivers\circlass.sys
19:26:47.0555 5760 circlass - ok
19:26:47.0571 5760 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\Windows\system32\drivers\CLFS.sys
19:26:47.0602 5760 CLFS - ok
19:26:47.0618 5760 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
19:26:47.0649 5760 CmBatt - ok
19:26:47.0727 5760 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\Windows\system32\Drivers\cng.sys
19:26:47.0758 5760 CNG - ok
19:26:47.0774 5760 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
19:26:47.0805 5760 CompositeBus - ok
19:26:47.0805 5760 COMSysApp - ok
19:26:47.0821 5760 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\Windows\system32\drivers\condrv.sys
19:26:47.0853 5760 condrv - ok
19:26:47.0916 5760 [ 7324EC715932A12B09715B50891396F7 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:26:47.0931 5760 cphs - ok
19:26:47.0994 5760 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:26:48.0025 5760 CryptSvc - ok
19:26:48.0056 5760 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\Windows\system32\drivers\dam.sys
19:26:48.0072 5760 dam - ok
19:26:48.0134 5760 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\Windows\system32\rpcss.dll
19:26:48.0197 5760 DcomLaunch - ok
19:26:48.0259 5760 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:26:48.0306 5760 defragsvc - ok
19:26:48.0338 5760 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
19:26:48.0384 5760 DeviceAssociationService - ok
19:26:48.0416 5760 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
19:26:48.0463 5760 DeviceInstall - ok
19:26:48.0494 5760 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
19:26:48.0525 5760 Dfsc - ok
19:26:48.0572 5760 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:26:48.0619 5760 Dhcp - ok
19:26:48.0634 5760 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\Windows\system32\drivers\discache.sys
19:26:48.0666 5760 discache - ok
19:26:48.0681 5760 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\Windows\system32\drivers\disk.sys
19:26:48.0713 5760 disk - ok
19:26:48.0728 5760 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
19:26:48.0759 5760 dmvsc - ok
19:26:48.0775 5760 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:26:48.0869 5760 Dnscache - ok
19:26:48.0900 5760 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\Windows\System32\dot3svc.dll
19:26:48.0947 5760 dot3svc - ok
19:26:48.0978 5760 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\Windows\system32\dps.dll
19:26:49.0025 5760 DPS - ok
19:26:49.0056 5760 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:26:49.0088 5760 drmkaud - ok
19:26:49.0103 5760 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
19:26:49.0134 5760 DsmSvc - ok
19:26:49.0197 5760 [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:26:49.0259 5760 DXGKrnl - ok
19:26:49.0275 5760 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\Windows\System32\eapsvc.dll
19:26:49.0291 5760 Eaphost - ok
19:26:49.0384 5760 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:26:49.0478 5760 ebdrv - ok
19:26:49.0509 5760 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\Windows\System32\lsass.exe
19:26:49.0541 5760 EFS - ok
19:26:49.0572 5760 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
19:26:49.0588 5760 EhStorClass - ok
19:26:49.0619 5760 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
19:26:49.0634 5760 EhStorTcgDrv - ok
19:26:49.0650 5760 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\Windows\System32\drivers\errdev.sys
19:26:49.0681 5760 ErrDev - ok
19:26:49.0728 5760 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\Windows\system32\es.dll
19:26:49.0759 5760 EventSystem - ok
19:26:49.0838 5760 [ 933723A47E9B7B22208F79F0F40A249A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:26:49.0869 5760 EvtEng - ok
19:26:49.0884 5760 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\Windows\system32\drivers\exfat.sys
19:26:49.0931 5760 exfat - ok
19:26:49.0947 5760 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:26:49.0978 5760 fastfat - ok
19:26:50.0025 5760 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\Windows\system32\fxssvc.exe
19:26:50.0072 5760 Fax - ok
19:26:50.0088 5760 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\Windows\System32\drivers\fdc.sys
19:26:50.0119 5760 fdc - ok
19:26:50.0134 5760 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\Windows\system32\fdPHost.dll
19:26:50.0181 5760 fdPHost - ok
19:26:50.0197 5760 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\Windows\system32\fdrespub.dll
19:26:50.0228 5760 FDResPub - ok
19:26:50.0260 5760 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\Windows\system32\fhsvc.dll
19:26:50.0291 5760 fhsvc - ok
19:26:50.0322 5760 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:26:50.0338 5760 FileInfo - ok
19:26:50.0353 5760 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:26:50.0400 5760 Filetrace - ok
19:26:50.0416 5760 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
19:26:50.0463 5760 flpydisk - ok
19:26:50.0494 5760 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:26:50.0525 5760 FltMgr - ok
19:26:50.0572 5760 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\Windows\system32\FntCache.dll
19:26:50.0635 5760 FontCache - ok
19:26:50.0713 5760 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:26:50.0728 5760 FontCache3.0.0.0 - ok
19:26:50.0760 5760 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:26:50.0791 5760 FsDepends - ok
19:26:50.0806 5760 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:26:50.0822 5760 Fs_Rec - ok
19:26:50.0869 5760 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:26:50.0885 5760 fvevol - ok
19:26:50.0900 5760 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
19:26:50.0931 5760 FxPPM - ok
19:26:50.0947 5760 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:26:50.0947 5760 gagp30kx - ok
19:26:50.0978 5760 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:26:50.0994 5760 GEARAspiWDM - ok
19:26:51.0010 5760 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
19:26:51.0041 5760 gencounter - ok
19:26:51.0119 5760 [ 9162ECA694162A77679950CF2E27D3C1 ] GFNEXSrv C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
19:26:51.0150 5760 GFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
19:26:51.0150 5760 GFNEXSrv - detected UnsignedFile.Multi.Generic (1)
19:26:51.0181 5760 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
19:26:51.0197 5760 GPIOClx0101 - ok
19:26:51.0260 5760 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\Windows\System32\gpsvc.dll
19:26:51.0322 5760 gpsvc - ok
19:26:51.0369 5760 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:26:51.0400 5760 HdAudAddService - ok
19:26:51.0431 5760 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
19:26:51.0463 5760 HDAudBus - ok
19:26:51.0494 5760 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
19:26:51.0525 5760 HidBatt - ok
19:26:51.0541 5760 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\Windows\System32\drivers\hidbth.sys
19:26:51.0588 5760 HidBth - ok
19:26:51.0619 5760 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
19:26:51.0650 5760 hidi2c - ok
19:26:51.0666 5760 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\Windows\System32\drivers\hidir.sys
19:26:51.0713 5760 HidIr - ok
19:26:51.0744 5760 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\Windows\system32\hidserv.dll
19:26:51.0775 5760 hidserv - ok
19:26:51.0791 5760 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
19:26:51.0822 5760 HidUsb - ok
19:26:51.0838 5760 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:26:51.0885 5760 hkmsvc - ok
19:26:51.0900 5760 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:26:51.0947 5760 HomeGroupListener - ok
19:26:52.0025 5760 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:26:52.0072 5760 HomeGroupProvider - ok
19:26:52.0088 5760 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:26:52.0119 5760 HpSAMD - ok
19:26:52.0150 5760 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:26:52.0213 5760 HTTP - ok
19:26:52.0228 5760 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:26:52.0244 5760 hwpolicy - ok
19:26:52.0244 5760 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
19:26:52.0322 5760 hyperkbd - ok
19:26:52.0322 5760 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
19:26:52.0338 5760 HyperVideo - ok
19:26:52.0369 5760 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
19:26:52.0385 5760 i8042prt - ok
19:26:52.0416 5760 [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
19:26:52.0447 5760 iaStorA - ok
19:26:52.0510 5760 [ 0AB254994A460550258446950BB58311 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:26:52.0525 5760 IAStorDataMgrSvc - ok
19:26:52.0557 5760 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:26:52.0588 5760 iaStorV - ok
19:26:52.0603 5760 [ C430482AC892D52CED021EDDD4D368A2 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
19:26:52.0619 5760 ibtfltcoex - ok
19:26:52.0728 5760 [ FCAA07539A6137EF78AAB39CC455CC5E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:26:52.0900 5760 igfx - ok
19:26:52.0932 5760 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:26:52.0947 5760 iirsp - ok
19:26:52.0994 5760 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\Windows\System32\ikeext.dll
19:26:53.0041 5760 IKEEXT - ok
19:26:53.0072 5760 [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:26:53.0088 5760 intaud_WaveExtensible - ok
19:26:53.0182 5760 [ 900A45658DCB6BAE1003764991BB5FAB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:26:53.0307 5760 IntcAzAudAddService - ok
19:26:53.0339 5760 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:26:53.0370 5760 IntcDAud - ok
19:26:53.0417 5760 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:26:53.0448 5760 Intel(R) Capability Licensing Service Interface - ok
19:26:53.0448 5760 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\Windows\system32\drivers\intelide.sys
19:26:53.0464 5760 intelide - ok
19:26:53.0495 5760 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\Windows\System32\drivers\intelppm.sys
19:26:53.0526 5760 intelppm - ok
19:26:53.0542 5760 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:53.0558 5760 IpFilterDriver - ok
19:26:53.0589 5760 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:26:53.0651 5760 iphlpsvc - ok
19:26:53.0667 5760 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
19:26:53.0683 5760 IPMIDRV - ok
19:26:53.0698 5760 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:26:53.0745 5760 IPNAT - ok
19:26:53.0776 5760 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:26:53.0808 5760 iPod Service - ok
19:26:53.0823 5760 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:26:53.0855 5760 IRENUM - ok
19:26:53.0855 5760 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:26:53.0870 5760 isapnp - ok
19:26:53.0901 5760 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
19:26:53.0933 5760 iScsiPrt - ok
19:26:53.0948 5760 [ C59B9CE2855E667809F9E63C20FC44A5 ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
19:26:53.0964 5760 iwdbus - ok
19:26:54.0011 5760 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:26:54.0026 5760 jhi_service - ok
19:26:54.0042 5760 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
19:26:54.0058 5760 kbdclass - ok
19:26:54.0089 5760 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
19:26:54.0105 5760 kbdhid - ok
19:26:54.0120 5760 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
19:26:54.0151 5760 kdnic - ok
19:26:54.0167 5760 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\Windows\system32\lsass.exe
19:26:54.0198 5760 KeyIso - ok
19:26:54.0245 5760 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:26:54.0276 5760 KSecDD - ok
19:26:54.0292 5760 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:26:54.0308 5760 KSecPkg - ok
19:26:54.0339 5760 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:26:54.0355 5760 ksthunk - ok
19:26:54.0386 5760 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:26:54.0464 5760 KtmRm - ok
19:26:54.0495 5760 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\Windows\system32\srvsvc.dll
19:26:54.0526 5760 LanmanServer - ok
19:26:54.0558 5760 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:26:54.0620 5760 LanmanWorkstation - ok
19:26:54.0636 5760 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:26:54.0683 5760 lltdio - ok
19:26:54.0730 5760 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:26:54.0808 5760 lltdsvc - ok
19:26:54.0839 5760 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:26:54.0870 5760 lmhosts - ok
19:26:54.0902 5760 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:26:54.0917 5760 LMS - ok
19:26:54.0948 5760 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:26:54.0995 5760 LSI_SAS - ok
19:26:55.0026 5760 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:26:55.0042 5760 LSI_SAS2 - ok
19:26:55.0058 5760 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:26:55.0073 5760 LSI_SCSI - ok
19:26:55.0089 5760 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
19:26:55.0105 5760 LSI_SSS - ok
19:26:55.0152 5760 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\Windows\System32\lsm.dll
19:26:55.0198 5760 LSM - ok
19:26:55.0214 5760 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\Windows\system32\drivers\luafv.sys
19:26:55.0261 5760 luafv - ok
19:26:55.0261 5760 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\Windows\system32\drivers\megasas.sys
19:26:55.0292 5760 megasas - ok
19:26:55.0308 5760 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:26:55.0339 5760 MegaSR - ok
19:26:55.0370 5760 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
19:26:55.0386 5760 MEIx64 - ok
19:26:55.0417 5760 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\Windows\system32\mmcss.dll
19:26:55.0433 5760 MMCSS - ok
19:26:55.0448 5760 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\Windows\system32\drivers\modem.sys
19:26:55.0480 5760 Modem - ok
19:26:55.0511 5760 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\Windows\System32\drivers\monitor.sys
19:26:55.0542 5760 monitor - ok
19:26:55.0558 5760 [ 618446B98C79776654340CE27C73485E ] mouclass C:\Windows\System32\drivers\mouclass.sys
19:26:55.0573 5760 mouclass - ok
19:26:55.0605 5760 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\Windows\System32\drivers\mouhid.sys
19:26:55.0636 5760 mouhid - ok
19:26:55.0652 5760 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:26:55.0667 5760 mountmgr - ok
19:26:55.0698 5760 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:26:55.0745 5760 MozillaMaintenance - ok
19:26:55.0777 5760 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:26:55.0808 5760 mpsdrv - ok
19:26:55.0855 5760 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:26:55.0933 5760 MpsSvc - ok
19:26:55.0964 5760 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:26:56.0011 5760 MRxDAV - ok
19:26:56.0042 5760 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:26:56.0120 5760 mrxsmb - ok
19:26:56.0167 5760 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:26:56.0183 5760 mrxsmb10 - ok
19:26:56.0214 5760 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:26:56.0230 5760 mrxsmb20 - ok
19:26:56.0277 5760 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
19:26:56.0308 5760 MsBridge - ok
19:26:56.0323 5760 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\Windows\System32\msdtc.exe
19:26:56.0339 5760 MSDTC - ok
19:26:56.0370 5760 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:26:56.0386 5760 Msfs - ok
19:26:56.0417 5760 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
19:26:56.0433 5760 msgpiowin32 - ok
19:26:56.0448 5760 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:26:56.0495 5760 mshidkmdf - ok
19:26:56.0511 5760 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
19:26:56.0542 5760 mshidumdf - ok
19:26:56.0542 5760 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:26:56.0573 5760 msisadrv - ok
19:26:56.0605 5760 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:26:56.0636 5760 MSiSCSI - ok
19:26:56.0652 5760 msiserver - ok
19:26:56.0667 5760 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:26:56.0698 5760 MSKSSRV - ok
19:26:56.0714 5760 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
19:26:56.0745 5760 MsLldp - ok
19:26:56.0761 5760 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:56.0792 5760 MSPCLOCK - ok
19:26:56.0808 5760 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:26:56.0839 5760 MSPQM - ok
19:26:56.0870 5760 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:26:56.0902 5760 MsRPC - ok
19:26:56.0917 5760 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
19:26:56.0948 5760 mssmbios - ok
19:26:56.0964 5760 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:26:56.0980 5760 MSTEE - ok
19:26:56.0995 5760 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
19:26:57.0027 5760 MTConfig - ok
19:26:57.0042 5760 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\Windows\system32\Drivers\mup.sys
19:26:57.0058 5760 Mup - ok
19:26:57.0073 5760 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\Windows\system32\drivers\mvumis.sys
19:26:57.0105 5760 mvumis - ok
19:26:57.0136 5760 [ D8C1FE237762249C879760E7F3ABFC1F ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:26:57.0152 5760 MyWiFiDHCPDNS - ok
19:26:57.0183 5760 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\Windows\system32\qagentRT.dll
19:26:57.0261 5760 napagent - ok
19:26:57.0292 5760 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:26:57.0339 5760 NativeWifiP - ok
19:26:57.0370 5760 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\Windows\System32\ncasvc.dll
19:26:57.0433 5760 NcaSvc - ok
19:26:57.0449 5760 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
19:26:57.0480 5760 NcdAutoSetup - ok
19:26:57.0527 5760 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:26:57.0573 5760 NDIS - ok
19:26:57.0636 5760 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:57.0667 5760 NdisCap - ok
19:26:57.0698 5760 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
19:26:57.0714 5760 NdisImPlatform - ok
19:26:57.0730 5760 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:57.0761 5760 NdisTapi - ok
19:26:57.0777 5760 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:57.0808 5760 Ndisuio - ok
19:26:57.0808 5760 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:57.0855 5760 NdisWan - ok
19:26:57.0855 5760 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:57.0886 5760 NDISWANLEGACY - ok
19:26:57.0949 5760 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:26:57.0980 5760 NDProxy - ok
19:26:57.0995 5760 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\Windows\system32\drivers\Ndu.sys
19:26:58.0027 5760 Ndu - ok
19:26:58.0042 5760 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:26:58.0074 5760 NetBIOS - ok
19:26:58.0105 5760 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:26:58.0136 5760 NetBT - ok
19:26:58.0167 5760 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\Windows\system32\lsass.exe
19:26:58.0183 5760 Netlogon - ok
19:26:58.0214 5760 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\Windows\System32\netman.dll
19:26:58.0261 5760 Netman - ok
19:26:58.0292 5760 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\Windows\System32\netprofmsvc.dll
19:26:58.0339 5760 netprofm - ok
19:26:58.0386 5760 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:58.0433 5760 NetTcpPortSharing - ok
19:26:58.0532 5760 [ 8CEF52F56EE6E9C4DDD374CE8E2E3DC6 ] NETwNe64 C:\Windows\system32\DRIVERS\NETwew00.sys
19:26:58.0689 5760 NETwNe64 - ok
19:26:58.0705 5760 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:26:58.0705 5760 nfrd960 - ok
19:26:58.0736 5760 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:26:58.0767 5760 NlaSvc - ok
19:26:58.0783 5760 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:26:58.0876 5760 Npfs - ok
19:26:58.0908 5760 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
19:26:58.0955 5760 npsvctrig - ok
19:26:58.0986 5760 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\Windows\system32\nsisvc.dll
19:26:59.0017 5760 nsi - ok
19:26:59.0033 5760 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:26:59.0064 5760 nsiproxy - ok
19:26:59.0142 5760 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:26:59.0205 5760 Ntfs - ok
19:26:59.0220 5760 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\Windows\system32\drivers\Null.sys
19:26:59.0251 5760 Null - ok
19:26:59.0495 5760 [ 076C32433B06AAAD72742774E56FB854 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:26:59.0859 5760 nvlddmkm - ok
19:26:59.0875 5760 [ 0AFB4857ADD1D11012E6B38C9F4B625B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
19:26:59.0891 5760 nvpciflt - ok
19:26:59.0906 5760 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:26:59.0938 5760 nvraid - ok
19:26:59.0953 5760 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:26:59.0969 5760 nvstor - ok
19:27:00.0000 5760 [ A9495A3AAAB5E470F2460F85849A5F66 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:27:00.0047 5760 nvsvc - ok
19:27:00.0109 5760 [ FAA2048284D763409F7BB84F61601C80 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:27:00.0156 5760 nvUpdatusService - ok
19:27:00.0172 5760 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:27:00.0203 5760 nv_agp - ok
19:27:00.0234 5760 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:27:00.0266 5760 p2pimsvc - ok
19:27:00.0297 5760 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\Windows\system32\p2psvc.dll
19:27:00.0344 5760 p2psvc - ok
19:27:00.0359 5760 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\Windows\System32\drivers\parport.sys
19:27:00.0391 5760 Parport - ok
19:27:00.0422 5760 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:27:00.0453 5760 partmgr - ok
19:27:00.0485 5760 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:27:00.0516 5760 PcaSvc - ok
19:27:00.0531 5760 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\Windows\system32\drivers\pci.sys
19:27:00.0563 5760 pci - ok
19:27:00.0578 5760 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\Windows\system32\drivers\pciide.sys
19:27:00.0610 5760 pciide - ok
19:27:00.0610 5760 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:27:00.0641 5760 pcmcia - ok
19:27:00.0656 5760 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\Windows\system32\drivers\pcw.sys
19:27:00.0672 5760 pcw - ok
19:27:00.0703 5760 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\Windows\system32\drivers\pdc.sys
19:27:00.0719 5760 pdc - ok
19:27:00.0766 5760 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:27:00.0797 5760 PEAUTH - ok
19:27:00.0813 5760 [ EE926C59CBD4DC4DC9FBB85014A2F1A5 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys
19:27:00.0828 5760 PEGAGFN - ok
19:27:00.0891 5760 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:27:00.0922 5760 PerfHost - ok
19:27:00.0985 5760 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\Windows\system32\pla.dll
19:27:01.0063 5760 pla - ok
19:27:01.0094 5760 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:27:01.0110 5760 PlugPlay - ok
19:27:01.0125 5760 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:27:01.0156 5760 PNRPAutoReg - ok
19:27:01.0172 5760 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:27:01.0188 5760 PNRPsvc - ok
19:27:01.0219 5760 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:27:01.0266 5760 PolicyAgent - ok
19:27:01.0297 5760 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\Windows\system32\umpo.dll
19:27:01.0313 5760 Power - ok
19:27:01.0344 5760 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:27:01.0391 5760 PptpMiniport - ok
19:27:01.0469 5760 [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
19:27:01.0532 5760 PrintNotify - ok
19:27:01.0563 5760 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\Windows\System32\drivers\processr.sys
19:27:01.0579 5760 Processor - ok
19:27:01.0610 5760 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\Windows\system32\profsvc.dll
19:27:01.0657 5760 ProfSvc - ok
19:27:01.0688 5760 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:27:01.0719 5760 Psched - ok
19:27:01.0750 5760 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\Windows\system32\qwave.dll
19:27:01.0797 5760 QWAVE - ok
19:27:01.0813 5760 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:27:01.0844 5760 QWAVEdrv - ok
19:27:01.0860 5760 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:27:01.0907 5760 RasAcd - ok
19:27:01.0938 5760 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:27:01.0954 5760 RasAgileVpn - ok
19:27:01.0985 5760 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\Windows\System32\rasauto.dll
19:27:02.0016 5760 RasAuto - ok
19:27:02.0032 5760 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:27:02.0063 5760 Rasl2tp - ok
19:27:02.0094 5760 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\Windows\System32\rasmans.dll
19:27:02.0141 5760 RasMan - ok
19:27:02.0157 5760 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:27:02.0204 5760 RasPppoe - ok
19:27:02.0219 5760 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:27:02.0250 5760 RasSstp - ok
19:27:02.0282 5760 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:27:02.0297 5760 rdbss - ok
19:27:02.0329 5760 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
19:27:02.0344 5760 rdpbus - ok
19:27:02.0360 5760 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:27:02.0391 5760 RDPDR - ok
19:27:02.0422 5760 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:27:02.0438 5760 RdpVideoMiniport - ok
19:27:02.0454 5760 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:27:02.0485 5760 RDPWD - ok
19:27:02.0516 5760 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:27:02.0532 5760 rdyboost - ok
19:27:02.0610 5760 [ 695C4AC7D0B5002040C7540364C43940 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:27:02.0625 5760 RegSrvc - ok
19:27:02.0641 5760 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:27:02.0672 5760 RemoteAccess - ok
19:27:02.0704 5760 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:27:02.0750 5760 RemoteRegistry - ok
19:27:02.0782 5760 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
19:27:02.0844 5760 RFCOMM - ok
19:27:02.0922 5760 [ 0B169FE016039571ECC6DB70073F8979 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
19:27:02.0938 5760 RichVideo64 - ok
19:27:02.0969 5760 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:27:03.0016 5760 RpcEptMapper - ok
19:27:03.0047 5760 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\Windows\system32\locator.exe
19:27:03.0079 5760 RpcLocator - ok
19:27:03.0141 5760 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\Windows\system32\rpcss.dll
19:27:03.0172 5760 RpcSs - ok
19:27:03.0188 5760 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:27:03.0204 5760 rspndr - ok
19:27:03.0235 5760 [ 0E32A8922DCFD28EA00AAEC07CB3F331 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
19:27:03.0235 5760 RSUSBSTOR - ok
19:27:03.0266 5760 [ 34DA0D14F5C3F1883A331AFB975AB434 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
19:27:03.0282 5760 RTL8168 - ok
19:27:03.0313 5760 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\Windows\System32\drivers\vms3cap.sys
19:27:03.0329 5760 s3cap - ok
19:27:03.0360 5760 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\Windows\system32\lsass.exe
19:27:03.0376 5760 SamSs - ok
19:27:03.0391 5760 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:27:03.0407 5760 sbp2port - ok
19:27:03.0438 5760 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:27:03.0469 5760 SCardSvr - ok
19:27:03.0485 5760 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:27:03.0516 5760 scfilter - ok
19:27:03.0547 5760 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\Windows\system32\schedsvc.dll
19:27:03.0594 5760 Schedule - ok
19:27:03.0610 5760 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:27:03.0626 5760 SCPolicySvc - ok
19:27:03.0657 5760 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\Windows\System32\drivers\sdbus.sys
19:27:03.0672 5760 sdbus - ok
19:27:03.0719 5760 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:27:03.0735 5760 SDRSVC - ok
19:27:03.0766 5760 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\Windows\System32\drivers\sdstor.sys
19:27:03.0782 5760 sdstor - ok
19:27:03.0797 5760 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:27:03.0813 5760 secdrv - ok
19:27:03.0829 5760 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\Windows\system32\seclogon.dll
19:27:03.0877 5760 seclogon - ok
19:27:03.0892 5760 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\Windows\System32\sens.dll
19:27:03.0923 5760 SENS - ok
19:27:03.0939 5760 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:27:03.0955 5760 SensrSvc - ok
19:27:03.0970 5760 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\Windows\system32\drivers\SerCx.sys
19:27:04.0002 5760 SerCx - ok
19:27:04.0017 5760 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\Windows\System32\drivers\serenum.sys
19:27:04.0033 5760 Serenum - ok
19:27:04.0048 5760 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\Windows\System32\drivers\serial.sys
19:27:04.0064 5760 Serial - ok
19:27:04.0064 5760 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\Windows\System32\drivers\sermouse.sys
19:27:04.0083 5760 sermouse - ok
19:27:04.0099 5760 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\Windows\system32\sessenv.dll
19:27:04.0130 5760 SessionEnv - ok
19:27:04.0130 5760 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
19:27:04.0146 5760 sfloppy - ok
19:27:04.0193 5760 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:27:04.0255 5760 SharedAccess - ok
19:27:04.0287 5760 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:27:04.0333 5760 ShellHWDetection - ok
19:27:04.0365 5760 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:27:04.0380 5760 SiSRaid2 - ok
19:27:04.0396 5760 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:27:04.0427 5760 SiSRaid4 - ok
19:27:04.0458 5760 [ 07CEDCCDB208905867EBAD761EA4E057 ] SmbDrv C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
19:27:04.0474 5760 SmbDrv - ok
19:27:04.0521 5760 [ 74BF7AF7D1B642044BE5CCC93884C2F3 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
19:27:04.0537 5760 SmbDrvI - ok
19:27:04.0537 5760 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:27:04.0583 5760 SNMPTRAP - ok
19:27:04.0615 5760 [ 739A739DCC5D02FE30EDEADEBD7B9898 ] spaceport C:\Windows\system32\drivers\spaceport.sys
19:27:04.0646 5760 spaceport - ok
19:27:04.0662 5760 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
19:27:04.0677 5760 SpbCx - ok
19:27:04.0724 5760 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\Windows\System32\spoolsv.exe
19:27:04.0771 5760 Spooler - ok
19:27:04.0880 5760 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\Windows\system32\sppsvc.exe
19:27:05.0037 5760 sppsvc - ok
19:27:05.0068 5760 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:27:05.0115 5760 srv - ok
19:27:05.0146 5760 [ 9912FDF63EC78E1977083E20DEAE4889 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:27:05.0193 5760 srv2 - ok
19:27:05.0224 5760 [ FD8B4F201B681C555A4AF41922C52557 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:27:05.0255 5760 srvnet - ok
19:27:05.0287 5760 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:27:05.0333 5760 SSDPSRV - ok
19:27:05.0349 5760 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:27:05.0380 5760 SstpSvc - ok
19:27:05.0396 5760 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:27:05.0412 5760 stexstor - ok
19:27:05.0459 5760 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\Windows\System32\wiaservc.dll
19:27:05.0490 5760 stisvc - ok
19:27:05.0521 5760 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\Windows\system32\drivers\storahci.sys
19:27:05.0552 5760 storahci - ok
19:27:05.0568 5760 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
19:27:05.0615 5760 storflt - ok
19:27:05.0646 5760 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\Windows\system32\storsvc.dll
19:27:05.0677 5760 StorSvc - ok
19:27:05.0693 5760 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:27:05.0709 5760 storvsc - ok
19:27:05.0724 5760 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\Windows\system32\svsvc.dll
19:27:05.0771 5760 svsvc - ok
19:27:05.0803 5760 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\Windows\System32\drivers\swenum.sys
19:27:05.0818 5760 swenum - ok
19:27:05.0850 5760 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\Windows\System32\swprv.dll
19:27:05.0896 5760 swprv - ok
19:27:05.0943 5760 [ 530EF17999990539CC56474252802364 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:27:05.0959 5760 SynTP - ok
19:27:06.0006 5760 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\Windows\system32\sysmain.dll
19:27:06.0053 5760 SysMain - ok
19:27:06.0100 5760 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
19:27:06.0115 5760 SystemEventsBroker - ok
19:27:06.0131 5760 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
19:27:06.0146 5760 TabletInputService - ok
19:27:06.0162 5760 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\Windows\System32\tapisrv.dll
19:27:06.0193 5760 TapiSrv - ok
19:27:06.0256 5760 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:27:06.0318 5760 Tcpip - ok
19:27:06.0350 5760 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:27:06.0396 5760 TCPIP6 - ok
19:27:06.0412 5760 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:27:06.0428 5760 tcpipreg - ok
19:27:06.0448 5760 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:27:06.0465 5760 tdx - ok
19:27:06.0481 5760 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\Windows\System32\drivers\terminpt.sys
19:27:06.0512 5760 terminpt - ok
19:27:06.0559 5760 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\Windows\System32\termsrv.dll
19:27:06.0621 5760 TermService - ok
19:27:06.0637 5760 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\Windows\system32\themeservice.dll
19:27:06.0684 5760 Themes - ok
19:27:06.0700 5760 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\Windows\system32\mmcss.dll
19:27:06.0731 5760 THREADORDER - ok
19:27:06.0762 5760 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
19:27:06.0809 5760 TimeBroker - ok
19:27:06.0840 5760 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\Windows\system32\drivers\tpm.sys
19:27:06.0871 5760 TPM - ok
19:27:06.0903 5760 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\Windows\System32\trkwks.dll
19:27:06.0934 5760 TrkWks - ok
19:27:06.0965 5760 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:27:06.0996 5760 TrustedInstaller - ok
19:27:07.0028 5760 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:27:07.0043 5760 TsUsbFlt - ok
19:27:07.0059 5760 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
19:27:07.0091 5760 TsUsbGD - ok
19:27:07.0123 5760 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:27:07.0154 5760 tunnel - ok
19:27:07.0170 5760 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:27:07.0201 5760 uagp35 - ok
19:27:07.0216 5760 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
19:27:07.0248 5760 UASPStor - ok
19:27:07.0264 5760 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
19:27:07.0295 5760 UCX01000 - ok
19:27:07.0326 5760 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:27:07.0357 5760 udfs - ok
19:27:07.0389 5760 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:27:07.0436 5760 UI0Detect - ok
19:27:07.0436 5760 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:27:07.0467 5760 uliagpkx - ok
19:27:07.0482 5760 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\Windows\System32\drivers\umbus.sys
19:27:07.0514 5760 umbus - ok
19:27:07.0514 5760 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\Windows\System32\drivers\umpass.sys
19:27:07.0545 5760 UmPass - ok
19:27:07.0561 5760 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\Windows\System32\umrdp.dll
19:27:07.0623 5760 UmRdpService - ok
19:27:07.0717 5760 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:27:07.0732 5760 UNS - ok
19:27:07.0779 5760 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\Windows\System32\upnphost.dll
19:27:07.0842 5760 upnphost - ok
19:27:07.0857 5760 [ 8047D8AFA070A4C3B9FCBDBF77A84C45 ] usb3Hub C:\Windows\System32\drivers\usb3Hub.sys
19:27:07.0873 5760 usb3Hub - ok
19:27:07.0904 5760 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
19:27:07.0936 5760 usbccgp - ok
19:27:07.0951 5760 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\Windows\System32\drivers\usbcir.sys
19:27:08.0014 5760 usbcir - ok
19:27:08.0045 5760 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\Windows\System32\drivers\usbehci.sys
19:27:08.0061 5760 usbehci - ok
19:27:08.0107 5760 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\Windows\System32\drivers\usbhub.sys
19:27:08.0139 5760 usbhub - ok
19:27:08.0139 5760 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
19:27:08.0170 5760 USBHUB3 - ok
19:27:08.0186 5760 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\Windows\System32\drivers\usbohci.sys
19:27:08.0201 5760 usbohci - ok
19:27:08.0217 5760 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\Windows\System32\drivers\usbprint.sys
19:27:08.0264 5760 usbprint - ok
19:27:08.0279 5760 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
19:27:08.0311 5760 USBSTOR - ok
19:27:08.0326 5760 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
19:27:08.0357 5760 usbuhci - ok
19:27:08.0389 5760 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:27:08.0420 5760 usbvideo - ok
19:27:08.0451 5760 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
19:27:08.0482 5760 USBXHCI - ok
19:27:08.0498 5760 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\Windows\system32\lsass.exe
19:27:08.0529 5760 VaultSvc - ok
19:27:08.0545 5760 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:27:08.0561 5760 vdrvroot - ok
19:27:08.0608 5760 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\Windows\System32\vds.exe
19:27:08.0654 5760 vds - ok
19:27:08.0670 5760 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
19:27:08.0701 5760 VerifierExt - ok
19:27:08.0733 5760 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
19:27:08.0779 5760 vhdmp - ok
19:27:08.0779 5760 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\Windows\system32\drivers\viaide.sys
19:27:08.0795 5760 viaide - ok
19:27:08.0811 5760 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:27:08.0826 5760 vmbus - ok
19:27:08.0842 5760 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
19:27:08.0858 5760 VMBusHID - ok
19:27:08.0889 5760 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
19:27:08.0936 5760 vmicheartbeat - ok
19:27:08.0936 5760 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
19:27:08.0951 5760 vmickvpexchange - ok
19:27:08.0967 5760 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\Windows\System32\ICSvc.dll
19:27:08.0983 5760 vmicrdv - ok
19:27:08.0983 5760 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\Windows\System32\ICSvc.dll
19:27:08.0998 5760 vmicshutdown - ok
19:27:09.0014 5760 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\Windows\System32\ICSvc.dll
19:27:09.0029 5760 vmictimesync - ok
19:27:09.0029 5760 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\Windows\System32\ICSvc.dll
19:27:09.0045 5760 vmicvss - ok
19:27:09.0061 5760 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:27:09.0076 5760 volmgr - ok
19:27:09.0108 5760 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:27:09.0123 5760 volmgrx - ok
19:27:09.0139 5760 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:27:09.0170 5760 volsnap - ok
19:27:09.0186 5760 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\Windows\System32\drivers\vpci.sys
19:27:09.0201 5760 vpci - ok
19:27:09.0217 5760 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:27:09.0233 5760 vsmraid - ok
19:27:09.0264 5760 [ EA658570314042C914964FC72AB50E6B ] VSS C:\Windows\system32\vssvc.exe
19:27:09.0358 5760 VSS - ok
19:27:09.0389 5760 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
19:27:09.0420 5760 VSTXRAID - ok
19:27:09.0436 5760 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:27:09.0467 5760 vwifibus - ok
19:27:09.0467 5760 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:27:09.0483 5760 vwififlt - ok
19:27:09.0498 5760 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:27:09.0514 5760 vwifimp - ok
19:27:09.0545 5760 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\Windows\system32\w32time.dll
19:27:09.0576 5760 W32Time - ok
19:27:09.0592 5760 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
19:27:09.0608 5760 WacomPen - ok
19:27:09.0639 5760 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:27:09.0654 5760 Wanarp - ok
19:27:09.0654 5760 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:27:09.0670 5760 Wanarpv6 - ok
19:27:09.0717 5760 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\Windows\system32\wbengine.exe
19:27:09.0795 5760 wbengine - ok
19:27:09.0826 5760 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:27:09.0858 5760 WbioSrvc - ok
19:27:09.0889 5760 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
19:27:09.0936 5760 Wcmsvc - ok
19:27:09.0967 5760 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:27:10.0014 5760 wcncsvc - ok
19:27:10.0029 5760 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:27:10.0045 5760 WcsPlugInService - ok
19:27:10.0061 5760 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\Windows\system32\drivers\wd.sys
19:27:10.0108 5760 Wd - ok
19:27:10.0139 5760 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
19:27:10.0154 5760 WdBoot - ok
19:27:10.0201 5760 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:27:10.0248 5760 Wdf01000 - ok
19:27:10.0264 5760 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
19:27:10.0295 5760 WdFilter - ok
19:27:10.0311 5760 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:27:10.0358 5760 WdiServiceHost - ok
19:27:10.0358 5760 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:27:10.0389 5760 WdiSystemHost - ok
19:27:10.0420 5760 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\Windows\System32\webclnt.dll
19:27:10.0451 5760 WebClient - ok
19:27:10.0467 5760 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:27:10.0514 5760 Wecsvc - ok
19:27:10.0530 5760 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:27:10.0561 5760 wercplsupport - ok
19:27:10.0592 5760 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\Windows\System32\WerSvc.dll
19:27:10.0639 5760 WerSvc - ok
19:27:10.0654 5760 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
19:27:10.0670 5760 WFPLWFS - ok
19:27:10.0686 5760 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\Windows\System32\wiarpc.dll
19:27:10.0733 5760 WiaRpc - ok
19:27:10.0748 5760 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:27:10.0748 5760 WIMMount - ok
19:27:10.0780 5760 WinDefend - ok
19:27:10.0826 5760 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
19:27:10.0873 5760 WinHttpAutoProxySvc - ok
19:27:10.0936 5760 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:27:10.0983 5760 Winmgmt - ok
19:27:11.0045 5760 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\Windows\system32\WsmSvc.dll
19:27:11.0108 5760 WinRM - ok
19:27:11.0155 5760 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\Windows\System32\wlansvc.dll
19:27:11.0201 5760 WlanSvc - ok
19:27:11.0264 5760 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\Windows\system32\wlidsvc.dll
19:27:11.0342 5760 wlidsvc - ok
19:27:11.0358 5760 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
19:27:11.0389 5760 WmiAcpi - ok
19:27:11.0436 5760 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:27:11.0467 5760 wmiApSrv - ok
19:27:11.0498 5760 WMPNetworkSvc - ok
19:27:11.0530 5760 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
19:27:11.0545 5760 wpcfltr - ok
19:27:11.0561 5760 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:27:11.0608 5760 WPCSvc - ok
19:27:11.0639 5760 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:27:11.0670 5760 WPDBusEnum - ok
19:27:11.0686 5760 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
19:27:11.0733 5760 WpdUpFltr - ok
19:27:11.0764 5760 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:27:11.0795 5760 ws2ifsl - ok
19:27:11.0811 5760 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\Windows\System32\wscsvc.dll
19:27:11.0860 5760 wscsvc - ok
19:27:11.0860 5760 WSearch - ok
19:27:11.0938 5760 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\Windows\System32\WSService.dll
19:27:12.0016 5760 WSService - ok
19:27:12.0110 5760 [ 79F95469604B77296346DE7DB463EA2A ] wuauserv C:\Windows\system32\wuaueng.dll
19:27:12.0204 5760 wuauserv - ok
19:27:12.0235 5760 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:27:12.0251 5760 WudfPf - ok
19:27:12.0282 5760 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
19:27:12.0313 5760 WUDFRd - ok
19:27:12.0345 5760 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:27:12.0376 5760 wudfsvc - ok
19:27:12.0391 5760 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
19:27:12.0407 5760 WUDFWpdFs - ok
19:27:12.0438 5760 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:27:12.0470 5760 WwanSvc - ok
19:27:12.0501 5760 [ 24E57041608ED6A9D7FDAD0D9EC214E2 ] XHCIPort C:\Windows\System32\drivers\XHCIPort.sys
19:27:12.0516 5760 XHCIPort - ok
19:27:12.0595 5760 [ 7055B389BD0DA0B19236BF43CDDF0E1A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:27:12.0642 5760 ZeroConfigService - ok
19:27:12.0658 5760 ================ Scan global ===============================
19:27:12.0705 5760 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
19:27:12.0720 5760 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
19:27:12.0752 5760 [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
19:27:12.0799 5760 [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
19:27:12.0814 5760 [Global] - ok
19:27:12.0814 5760 ================ Scan MBR ==================================
19:27:12.0830 5760 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:27:12.0911 5760 \Device\Harddisk0\DR0 - ok
19:27:12.0911 5760 ================ Scan VBR ==================================
19:27:12.0942 5760 [ BE2995BDA0BBE6C6504E03FF73933742 ] \Device\Harddisk0\DR0\Partition1
19:27:12.0942 5760 \Device\Harddisk0\DR0\Partition1 - ok
19:27:12.0958 5760 [ 554520A6128FDBE6639D78BC132A50C8 ] \Device\Harddisk0\DR0\Partition2
19:27:12.0958 5760 \Device\Harddisk0\DR0\Partition2 - ok
19:27:12.0974 5760 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
19:27:12.0974 5760 \Device\Harddisk0\DR0\Partition3 - ok
19:27:12.0974 5760 [ C9CD8CC7BBBFCD47D7C2C58E14DAF653 ] \Device\Harddisk0\DR0\Partition4
19:27:12.0989 5760 \Device\Harddisk0\DR0\Partition4 - ok
19:27:12.0989 5760 [ 2FCBA4D71FC047C521D9997B3BB6DE76 ] \Device\Harddisk0\DR0\Partition5
19:27:13.0005 5760 \Device\Harddisk0\DR0\Partition5 - ok
19:27:13.0036 5760 [ 51BF43914CE0D296F8E1984F479757D2 ] \Device\Harddisk0\DR0\Partition6
19:27:13.0036 5760 \Device\Harddisk0\DR0\Partition6 - ok
19:27:13.0036 5760 ============================================================
19:27:13.0036 5760 Scan finished
19:27:13.0036 5760 ============================================================
19:27:13.0052 4420 Detected object count: 1
19:27:13.0052 4420 Actual detected object count: 1
19:27:23.0436 4420 GFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:27:23.0436 4420 GFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
09.05.2013, 20:23
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? JRT - Junkware Removal Tool
__________________Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ |
|
10.05.2013, 07:58
| #19 |
| | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt?Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by henning on 10.05.2013 at 8:24:43,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\henning\AppData\Roaming\mozilla\firefox\profiles\n2ts2czy.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.05.2013 at 8:29:34,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-09 19:21:35
-----------------------------
19:21:35.029 OS Version: Windows x64 6.2.9200
19:21:35.029 Number of processors: 4 586 0x3A09
19:21:35.030 ComputerName: BÄR UserName:
19:21:35.255 Initialze error 1
19:21:36.235 AVAST engine defs: 13050800
19:22:11.626 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003b
19:22:11.628 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
19:22:11.643 Disk 0 MBR read successfully
19:22:11.646 Disk 0 MBR scan
19:22:11.648 Disk 0 unknown MBR code
19:22:11.650 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
19:22:11.653 Disk 0 scanning C:\Windows\system32\drivers
19:22:11.656 Service scanning
19:22:12.361 Modules scanning
19:22:12.366 Disk 0 trace - called modules:
19:22:12.375 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
19:22:12.381 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051d4060]
19:22:12.387 3 CLASSPNP.SYS[fffff88001201fea] -> nt!IofCallDriver -> [0xfffffa8004635430]
19:22:12.396 5 ACPI.sys[fffff88001183a91] -> nt!IofCallDriver -> \Device\0000003b[0xfffffa8004630230]
19:22:12.403 AVAST engine scan C:\Windows
19:22:12.411 AVAST engine scan C:\Windows\system32
19:22:12.418 AVAST engine scan C:\Windows\system32\drivers
19:22:12.426 AVAST engine scan C:\Users\henning
19:22:12.434 AVAST engine scan C:\ProgramData
19:22:12.441 Scan finished successfully
19:22:53.264 Disk 0 MBR has been saved successfully to "C:\Users\henning\Desktop\MBR.dat"
19:22:53.280 The log file has been saved successfully to "C:\Users\henning\Desktop\aswMBR.txt"
Code:
ATTFilter OTL logfile created on: 10.05.2013 08:46:18 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\henning\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,88 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 62,01% Memory free 7,88 Gb Paging File | 6,39 Gb Available in Paging File | 81,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 869,80 Gb Total Space | 717,18 Gb Free Space | 82,45% Space Free | Partition Type: NTFS Drive D: | 60,00 Gb Total Space | 41,38 Gb Free Space | 68,97% Space Free | Partition Type: NTFS Computer Name: BÄR | User Name: henning | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\henning\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\henning\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\PHotkey\PHotkey.exe () PRC - C:\Program Files (x86)\PHotkey\POSD.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\PHotkey\GPMTray.exe () PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () PRC - C:\Program Files (x86)\PHotkey\HCSynApi.exe (TODO: <Company name>) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - c:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - c:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () ========== Services (SafeList) ========== SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (RichVideo64) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe () SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (GFNEXSrv) -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe () SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\Drivers\NETwew00.sys (Intel Corporation) DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\Drivers\intelaud.sys (Intel Corporation) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\Drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (XHCIPort) -- C:\Windows\SysNative\Drivers\xHCIPort.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\Drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\Drivers\btmhsf.sys (Motorola Solutions, Inc.) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\Drivers\btmaux.sys (Motorola Solutions, Inc.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated) DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\Drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (PEGAGFN) -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys (PEGATRON) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1002\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1002\..\SearchScopes\{08C348DD-4A2A-4D8A-8CB0-76ED069C86DE}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1281773549-982182065-3777356010-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.29 12:22:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.23 18:47:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.23 18:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\henning\AppData\Roaming\mozilla\Extensions [2013.04.23 18:47:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.29 12:22:10 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-1281773549-982182065-3777356010-1002..\Run: [AshSnap] C:\Program Files (x86)\Medion MediaPack 3\Ashampoo Snap\ashsnap.exe File not found O4 - HKU\S-1-5-21-1281773549-982182065-3777356010-1002..\Run: [Spotify Web Helper] C:\Users\henning\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ConfirmFileDelete = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - c:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9841AA75-9506-40E5-A902-7CD7ACE4F26D}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.10 08:24:40 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.05.10 08:24:16 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.10 08:23:43 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\henning\Desktop\JRT.exe [2013.05.09 19:24:03 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\henning\Desktop\tdsskiller.exe [2013.05.09 19:19:22 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\henning\Desktop\aswMBR.exe [2013.05.08 09:41:08 | 000,000,000 | ---D | C] -- C:\Users\henning\Desktop\mbar [2013.05.08 09:28:52 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.05.07 09:12:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\henning\Desktop\OTL.exe [2013.05.05 11:44:55 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Malwarebytes [2013.05.05 11:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.05.05 11:44:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.05 11:44:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.05.05 11:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.05.05 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Programs [2013.05.04 09:44:13 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\photoOptimizeHistoryDataBase [2013.05.04 09:44:12 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Ashampoo Photo Optimizer Medion [2013.05.04 09:40:33 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Ashampoo [2013.05.03 10:15:48 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2013.05.03 10:12:30 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\MediaServer [2013.05.03 10:06:15 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\CyberLink [2013.04.29 12:22:42 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.04.29 12:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.04.29 12:22:41 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.04.29 12:22:39 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.04.29 12:22:39 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.04.29 12:22:26 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.04.29 12:22:25 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.04.29 12:22:23 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.04.29 12:21:56 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.04.29 12:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.04.29 12:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013.04.29 11:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics [2013.04.26 10:41:33 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\vlc [2013.04.26 10:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.04.26 10:31:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013.04.26 09:38:01 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\modul5 [2013.04.26 09:37:33 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\Med [2013.04.26 09:37:30 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\LernBär Modul 4 [2013.04.26 09:37:28 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\Krankenkasse [2013.04.26 09:37:27 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\Bilder [2013.04.26 09:37:11 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\Arbeit [2013.04.26 09:02:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.04.26 09:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.04.26 09:01:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.04.26 08:45:31 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll [2013.04.26 08:45:30 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll [2013.04.26 08:45:29 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll [2013.04.26 08:45:22 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013.04.26 08:45:21 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Taskmgr.exe [2013.04.26 08:45:21 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Taskmgr.exe [2013.04.26 08:45:20 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storagewmi.dll [2013.04.26 08:45:20 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WebcamUi.dll [2013.04.26 08:45:20 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WebcamUi.dll [2013.04.26 08:45:19 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserLanguagesCpl.dll [2013.04.26 08:45:19 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpnapps.dll [2013.04.26 08:45:17 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserLanguagesCpl.dll [2013.04.26 08:45:17 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpnapps.dll [2013.04.26 08:45:16 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013.04.26 08:45:15 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\storagewmi.dll [2013.04.26 08:45:15 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013.04.26 08:45:15 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2013.04.26 08:45:15 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll [2013.04.26 08:45:15 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2013.04.26 08:45:15 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll [2013.04.26 08:45:14 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL [2013.04.26 08:45:14 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vds_ps.dll [2013.04.26 08:45:14 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vds_ps.dll [2013.04.26 08:45:14 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsldr.exe [2013.04.25 19:22:33 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll [2013.04.25 19:22:33 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll [2013.04.25 19:22:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDKURD.DLL [2013.04.25 19:22:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDKURD.DLL [2013.04.25 19:22:30 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll [2013.04.25 19:22:30 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll [2013.04.25 19:22:30 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll [2013.04.25 19:22:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2013.04.25 19:22:30 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll [2013.04.25 19:22:30 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2013.04.25 19:22:13 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\glcndFilter.dll [2013.04.25 19:22:11 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\glcndFilter.dll [2013.04.25 19:22:09 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll [2013.04.25 19:22:09 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll [2013.04.25 19:22:08 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2013.04.25 19:22:08 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013.04.25 19:22:07 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2013.04.25 19:22:07 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe [2013.04.25 19:22:07 | 000,490,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll [2013.04.25 19:22:07 | 000,447,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll [2013.04.25 19:22:07 | 000,253,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe [2013.04.25 19:22:03 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll [2013.04.25 19:22:03 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll [2013.04.25 19:22:02 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll [2013.04.25 19:22:02 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll [2013.04.25 19:22:02 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll [2013.04.25 19:22:02 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll [2013.04.25 19:22:02 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe [2013.04.25 19:22:02 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl [2013.04.25 19:22:02 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl [2013.04.25 19:22:02 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFCaptureEngine.dll [2013.04.25 19:22:02 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWCN.dll [2013.04.25 19:22:01 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2013.04.25 19:22:00 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2013.04.25 19:22:00 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCaptureEngine.dll [2013.04.25 19:21:59 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll [2013.04.25 19:21:59 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll [2013.04.25 19:21:59 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll [2013.04.25 19:21:58 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll [2013.04.25 19:21:58 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll [2013.04.25 19:21:58 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnApi.dll [2013.04.25 19:21:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll [2013.04.25 19:21:58 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnApi.dll [2013.04.25 19:21:58 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapAuthProxy.dll [2013.04.25 19:21:57 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll [2013.04.25 19:21:57 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfdprov.dll [2013.04.25 19:21:57 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapPeerProxy.dll [2013.04.25 19:21:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfdprov.dll [2013.04.25 19:21:55 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fxppm.sys [2013.04.25 19:21:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll [2013.04.25 19:21:55 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll [2013.04.25 19:21:55 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll [2013.04.25 18:22:13 | 000,692,576 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.25 18:22:13 | 000,078,176 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.25 18:17:03 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice [2013.04.25 17:52:44 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll [2013.04.25 17:52:44 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appserverai.dll [2013.04.25 17:52:44 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDWebAI.dll [2013.04.25 17:52:44 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmHostAI.dll [2013.04.25 17:52:43 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2013.04.25 17:52:43 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2013.04.25 17:52:09 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe [2013.04.25 17:52:09 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidsvc.dll [2013.04.25 17:52:09 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll [2013.04.25 17:52:08 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe [2013.04.25 17:52:06 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll [2013.04.25 17:52:06 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll [2013.04.25 17:52:06 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll [2013.04.25 17:52:06 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpiowin32.sys [2013.04.25 17:52:05 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.04.25 17:52:05 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll [2013.04.25 17:52:05 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll [2013.04.25 17:52:04 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll [2013.04.25 17:52:04 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL [2013.04.25 17:52:04 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll [2013.04.25 17:52:04 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL [2013.04.25 17:52:04 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll [2013.04.25 17:52:04 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll [2013.04.25 17:52:04 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncbservice.dll [2013.04.25 17:52:04 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll [2013.04.25 17:52:04 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaacmgr.exe [2013.04.25 17:52:04 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaacmgr.exe [2013.04.25 17:52:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll [2013.04.25 17:52:04 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhapi.dll [2013.04.25 17:52:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxp.dll [2013.04.25 17:52:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\keepaliveprovider.dll [2013.04.25 17:51:49 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll [2013.04.25 17:51:48 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll [2013.04.25 17:51:47 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll [2013.04.25 17:51:45 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.04.25 17:51:43 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.04.25 17:51:42 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll [2013.04.25 17:51:42 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2013.04.25 17:51:42 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll [2013.04.25 17:51:42 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll [2013.04.25 17:51:42 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BCP47Langs.dll [2013.04.25 17:51:42 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll [2013.04.25 17:51:42 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys [2013.04.25 17:51:42 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll [2013.04.25 17:51:41 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.04.25 17:51:41 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.04.25 17:51:41 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll [2013.04.25 17:51:41 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013.04.25 17:51:41 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.04.25 17:51:41 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll [2013.04.25 17:51:41 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\BCP47Langs.dll [2013.04.25 17:51:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll [2013.04.25 17:51:40 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.04.25 17:51:40 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll [2013.04.25 17:51:40 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll [2013.04.25 17:51:40 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.04.25 17:51:40 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2013.04.25 17:51:40 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TimeBrokerServer.dll [2013.04.25 17:51:39 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll [2013.04.25 17:51:39 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll [2013.04.25 17:51:39 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2013.04.25 17:51:39 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll [2013.04.25 17:51:39 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.04.25 17:51:39 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll [2013.04.25 17:51:39 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll [2013.04.25 17:51:39 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll [2013.04.25 17:51:39 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2013.04.25 17:51:38 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013.04.25 17:51:38 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll [2013.04.25 17:51:38 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS [2013.04.25 17:51:38 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys [2013.04.25 17:51:38 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll [2013.04.25 17:51:38 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\discan.dll [2013.04.25 17:51:38 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys [2013.04.25 17:51:38 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013.04.25 17:51:38 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys [2013.04.25 17:51:38 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013.04.25 17:51:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013.04.25 17:51:37 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NdisImPlatform.dll [2013.04.25 17:51:36 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe [2013.04.25 17:51:36 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll [2013.04.25 17:51:36 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl [2013.04.25 17:51:36 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys [2013.04.25 17:51:36 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl [2013.04.25 17:51:36 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storahci.sys [2013.04.25 17:51:36 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhostex.exe [2013.04.25 17:51:36 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll [2013.04.25 17:51:35 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.04.25 17:51:35 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll [2013.04.25 17:51:35 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2013.04.25 17:51:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncInfo.dll [2013.04.25 17:51:35 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013.04.25 17:51:35 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2013.04.25 17:51:35 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDPrintProxy.DLL [2013.04.25 17:51:35 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013.04.25 17:51:35 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll [2013.04.25 17:51:35 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2013.04.25 17:51:35 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2013.04.25 17:51:35 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaext.dll [2013.04.25 17:51:34 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wushareduxresources.dll [2013.04.25 17:51:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll [2013.04.25 17:51:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe [2013.04.25 17:51:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll [2013.04.25 17:51:04 | 013,643,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll [2013.04.25 17:51:01 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll [2013.04.25 17:50:56 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.04.25 17:50:56 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\duser.dll [2013.04.25 17:50:56 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlroamextension.dll [2013.04.25 17:50:56 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WWanAPI.dll [2013.04.25 17:50:56 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll [2013.04.25 17:50:56 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS [2013.04.25 17:50:56 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2013.04.25 17:50:56 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WWanAPI.dll [2013.04.25 17:50:56 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.Connectivity.dll [2013.04.25 17:50:56 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hotspotauth.dll [2013.04.25 17:50:56 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2013.04.25 17:50:56 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll [2013.04.25 17:50:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskkill.exe [2013.04.25 17:50:56 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys [2013.04.25 17:50:55 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll [2013.04.25 17:50:55 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlroamextension.dll [2013.04.25 17:50:55 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll [2013.04.25 17:50:55 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll [2013.04.25 17:50:55 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2013.04.25 17:50:55 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tasklist.exe [2013.04.25 17:50:55 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys [2013.04.25 17:50:55 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tasklist.exe [2013.04.25 17:50:55 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskkill.exe [2013.04.25 17:50:55 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys [2013.04.25 17:50:55 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidi2c.sys [2013.04.25 17:50:55 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthhfHid.sys [2013.04.25 17:50:55 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BtaMPM.sys [2013.04.25 17:50:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmproxy.dll [2013.04.25 17:50:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmsprep.dll [2013.04.25 17:50:45 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll [2013.04.25 17:50:45 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll [2013.04.25 17:50:44 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFMediaEngine.dll [2013.04.25 17:50:44 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFMediaEngine.dll [2013.04.25 17:50:42 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll [2013.04.25 17:50:42 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resetengmig.dll [2013.04.25 17:50:42 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll [2013.04.25 17:50:42 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll [2013.04.25 17:50:42 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysreset.exe [2013.04.24 20:28:12 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Macromedia [2013.04.24 20:13:17 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\OpenOffice.org [2013.04.24 20:03:14 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Apple Computer [2013.04.24 20:03:13 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Apple Computer [2013.04.24 20:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.04.24 20:02:23 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2013.04.24 20:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.04.24 20:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013.04.24 20:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.04.24 20:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2013.04.24 20:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013.04.24 20:01:14 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.04.24 20:00:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2013.04.24 19:55:51 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Apple [2013.04.24 19:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2013.04.24 19:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013.04.24 19:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013.04.24 19:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013.04.24 19:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2013.04.24 19:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2013.04.24 19:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.04.24 19:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\redist [2013.04.24 19:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\readmes [2013.04.24 19:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\licenses [2013.04.24 19:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2013.04.24 19:06:13 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Foxit Software [2013.04.24 19:06:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2013.04.24 18:58:05 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Spotify [2013.04.24 18:57:23 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Spotify [2013.04.24 18:35:14 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.24 18:35:10 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013.04.24 18:35:10 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.24 18:35:10 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.24 18:35:10 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.24 18:35:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.24 18:35:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.24 18:35:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.04.24 18:35:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.24 18:35:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll [2013.04.24 18:35:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.24 18:35:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll [2013.04.24 18:35:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.04.24 18:35:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.24 18:35:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptsslp.dll [2013.04.24 18:35:08 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptsslp.dll [2013.04.24 18:34:48 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.24 18:34:46 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013.04.24 18:34:46 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2013.04.24 18:34:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnathlp.dll [2013.04.24 18:34:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnathlp.dll [2013.04.24 18:34:46 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnsvr.exe [2013.04.24 18:34:46 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnsvr.exe [2013.04.24 18:34:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhupnp.dll [2013.04.24 18:34:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhpast.dll [2013.04.24 18:34:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhupnp.dll [2013.04.24 18:34:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhpast.dll [2013.04.24 18:34:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnlobby.dll [2013.04.24 18:34:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll [2013.04.24 18:34:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnlobby.dll [2013.04.24 18:34:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll [2013.04.24 18:34:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.04.24 18:34:36 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys [2013.04.24 18:34:35 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys [2013.04.24 18:34:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll [2013.04.24 18:34:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll [2013.04.24 18:34:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2013.04.24 18:34:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2013.04.24 18:34:27 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013.04.24 18:34:27 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013.04.24 18:34:27 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2013.04.24 18:34:27 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2013.04.24 18:34:27 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013.04.24 18:34:27 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013.04.24 18:34:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2013.04.24 18:34:27 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll [2013.04.23 19:00:07 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Lenovo [2013.04.23 18:59:12 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\My Videos [2013.04.23 18:53:31 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\Avatar [2013.04.23 18:52:41 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\CyberLink [2013.04.23 18:47:13 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Mozilla [2013.04.23 18:47:13 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Mozilla [2013.04.23 18:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.04.23 18:47:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.04.23 18:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.23 18:28:07 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Macromedia [2013.04.23 18:27:10 | 000,000,000 | ---D | C] -- C:\Users\henning\Documents\Youcam [2013.04.23 18:27:07 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\CyberLink [2013.04.23 18:25:42 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Power2Go8 [2013.04.23 18:25:08 | 000,000,000 | R--D | C] -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.04.23 18:25:08 | 000,000,000 | R--D | C] -- C:\Users\henning\Searches [2013.04.23 18:25:08 | 000,000,000 | R--D | C] -- C:\Users\henning\Contacts [2013.04.23 18:25:08 | 000,000,000 | R--D | C] -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.04.23 18:25:03 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Adobe [2013.04.23 18:23:37 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\VirtualStore [2013.04.23 18:23:05 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Packages [2013.04.23 18:22:51 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Intel [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Vorlagen [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\AppData\Local\Verlauf [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\AppData\Local\Temporary Internet Files [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Startmenü [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\SendTo [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Recent [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Netzwerkumgebung [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Lokale Einstellungen [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Documents\Eigene Videos [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Documents\Eigene Musik [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Eigene Dateien [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Documents\Eigene Bilder [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Druckumgebung [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Cookies [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\AppData\Local\Anwendungsdaten [2013.04.23 18:22:47 | 000,000,000 | -HSD | C] -- C:\Users\henning\Anwendungsdaten [2013.04.23 18:22:46 | 000,000,000 | --SD | C] -- C:\Users\henning\AppData\Roaming\Microsoft [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Videos [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Saved Games [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Pictures [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Music [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Links [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Favorites [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Downloads [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Documents [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\Desktop [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.04.23 18:22:46 | 000,000,000 | R--D | C] -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.04.23 18:22:46 | 000,000,000 | -H-D | C] -- C:\Users\henning\AppData [2013.04.23 18:22:46 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Temp [2013.04.23 18:22:46 | 000,000,000 | ---D | C] -- C:\Users\henning\Roaming [2013.04.23 18:22:46 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Local\Microsoft [2013.04.23 18:22:46 | 000,000,000 | ---D | C] -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.04.23 18:22:25 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution ========== Files - Modified Within 30 Days ========== [2013.05.10 08:38:15 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat [2013.05.10 08:36:12 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.10 08:36:08 | 3336,159,232 | -HS- | M] () -- C:\hiberfil.sys [2013.05.10 08:31:28 | 000,628,743 | ---- | M] () -- C:\Users\henning\Desktop\adwcleaner.exe [2013.05.10 08:23:44 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\henning\Desktop\JRT.exe [2013.05.10 08:19:05 | 003,227,868 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.10 08:19:05 | 000,754,172 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.10 08:19:05 | 000,711,282 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.10 08:19:05 | 000,156,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.10 08:19:05 | 000,133,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.09 21:02:00 | 000,076,688 | ---- | M] () -- C:\Users\henning\Desktop\Report-antonia.pdf [2013.05.09 19:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.09 19:24:07 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\henning\Desktop\tdsskiller.exe [2013.05.09 19:22:53 | 000,000,512 | ---- | M] () -- C:\Users\henning\Desktop\MBR.dat [2013.05.09 19:20:50 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\henning\Desktop\aswMBR.exe [2013.05.08 09:41:10 | 000,000,864 | ---- | M] () -- C:\Users\henning\Desktop\mbar-1.05.0.1001.zip [2013.05.08 09:24:50 | 000,024,433 | ---- | M] () -- C:\Users\henning\Desktop\Unbenannt 1.odt [2013.05.08 09:22:21 | 000,377,856 | ---- | M] () -- C:\Users\henning\Desktop\gmer_2.1.19163.exe [2013.05.07 09:12:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\henning\Desktop\OTL.exe [2013.05.05 11:44:47 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.04.29 12:29:22 | 000,326,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.29 12:27:58 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.04.29 12:22:42 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013.04.26 10:32:29 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.04.26 09:49:02 | 000,000,913 | ---- | M] () -- C:\Users\henning\Desktop\Dokumente.lnk [2013.04.24 20:03:09 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.04.24 18:58:04 | 000,001,814 | ---- | M] () -- C:\Users\henning\Desktop\Spotify.lnk [2013.04.23 18:47:04 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk ========== Files Created - No Company Name ========== [2013.05.10 08:31:28 | 000,628,743 | ---- | C] () -- C:\Users\henning\Desktop\adwcleaner.exe [2013.05.09 21:02:00 | 000,076,688 | ---- | C] () -- C:\Users\henning\Desktop\Report-antonia.pdf [2013.05.09 19:22:53 | 000,000,512 | ---- | C] () -- C:\Users\henning\Desktop\MBR.dat [2013.05.08 09:39:24 | 000,000,864 | ---- | C] () -- C:\Users\henning\Desktop\mbar-1.05.0.1001.zip [2013.05.08 09:24:45 | 000,024,433 | ---- | C] () -- C:\Users\henning\Desktop\Unbenannt 1.odt [2013.05.08 09:22:20 | 000,377,856 | ---- | C] () -- C:\Users\henning\Desktop\gmer_2.1.19163.exe [2013.05.05 11:44:47 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.04.29 12:29:10 | 000,326,896 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.29 12:22:42 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013.04.29 12:22:26 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.04.29 12:22:26 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.04.29 12:22:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2013.04.26 10:32:29 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.04.26 09:49:02 | 000,000,913 | ---- | C] () -- C:\Users\henning\Desktop\Dokumente.lnk [2013.04.26 09:38:26 | 000,704,036 | ---- | C] () -- C:\Users\henning\Documents\Sedcard Antonia Hoppe.pdf [2013.04.26 09:38:26 | 000,080,317 | ---- | C] () -- C:\Users\henning\Documents\Setcard Antonia Hoppe [2013.04.26 09:38:25 | 000,711,321 | ---- | C] () -- C:\Users\henning\Documents\Sedcard Antonia Hoppe HostessServicekraft.pdf [2013.04.26 09:38:25 | 000,178,051 | ---- | C] () -- C:\Users\henning\Documents\Sedcard Antonia Hoppe (2).PDF [2013.04.26 09:38:25 | 000,161,970 | R--- | C] () -- C:\Users\henning\Documents\Potential Allstars Sedcard-Angaben.pdf [2013.04.26 09:38:25 | 000,092,847 | ---- | C] () -- C:\Users\henning\Documents\Porträt.JPG [2013.04.26 09:38:25 | 000,092,345 | ---- | C] () -- C:\Users\henning\Documents\Lebenslauf mit Lichtbild.pdf [2013.04.26 09:38:25 | 000,068,702 | ---- | C] () -- C:\Users\henning\Documents\IMG_4079.JPG [2013.04.26 09:38:24 | 000,068,884 | ---- | C] () -- C:\Users\henning\Documents\Ganzkörper.JPG [2013.04.26 09:38:24 | 000,065,024 | ---- | C] () -- C:\Users\henning\Documents\Bahncard Kündigung [2013.04.26 09:38:24 | 000,012,446 | ---- | C] () -- C:\Users\henning\Documents\Brief an das FA [2013.04.25 17:51:39 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013.04.24 20:03:09 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.04.24 19:55:49 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013.04.24 19:54:14 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.24 18:58:04 | 000,001,814 | ---- | C] () -- C:\Users\henning\Desktop\Spotify.lnk [2013.04.24 18:58:04 | 000,001,800 | ---- | C] () -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2013.04.23 18:47:04 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.04.23 18:47:04 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.04.23 18:25:03 | 000,001,442 | ---- | C] () -- C:\Users\henning\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.04.23 18:24:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\MEDION_NB_P6638_20051921.mrk [2012.11.15 14:35:46 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2012.11.15 13:29:20 | 005,152,550 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.11.09 00:28:57 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012.11.09 00:28:55 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012.11.09 00:28:55 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.11.08 21:51:38 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2012.08.13 11:11:02 | 141,421,187 | ---- | C] () -- C:\Program Files (x86)\openofficeorg1.cab [2012.08.13 11:09:30 | 003,166,208 | ---- | C] () -- C:\Program Files (x86)\openofficeorg341.msi [2012.08.13 11:09:30 | 000,473,600 | ---- | C] () -- C:\Program Files (x86)\setup.exe [2012.08.13 11:09:30 | 000,000,294 | ---- | C] () -- C:\Program Files (x86)\setup.ini [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | -H-- | C] () -- C:\Windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2012.11.15 14:36:43 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 10.05.2013 08:46:18 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\henning\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,88 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 62,01% Memory free
7,88 Gb Paging File | 6,39 Gb Available in Paging File | 81,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 869,80 Gb Total Space | 717,18 Gb Free Space | 82,45% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 41,38 Gb Free Space | 68,97% Space Free | Partition Type: NTFS
Computer Name: BÄR | User Name: henning | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1281773549-982182065-3777356010-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0005A9B1-A008-4796-9A60-450D4041AE93}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0775BEEC-803C-4816-8B03-341A0F2C9AC6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{0BA2798F-CA53-4CC0-9476-939ABC04E4D7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{124215A1-1E03-435C-B24F-ADCA1D8411B8}" = rport=445 | protocol=6 | dir=out | app=system |
"{302092B5-DC80-476C-8B4A-CB71664F858F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{31231A3F-62FC-4AC9-AE6C-67B58BDA5A9B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3A82E2B1-6D9D-42E0-88E2-0463BBC62BA9}" = rport=139 | protocol=6 | dir=out | app=system |
"{6209049D-56E4-4C51-8B2B-218364A8EF3C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6778CFA2-BE97-42C9-932C-58A38180BDC1}" = lport=137 | protocol=17 | dir=in | app=system |
"{6A38B9FA-5D49-4302-ADC9-14C49A6BF2DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6EFA0D57-CB72-4A16-800E-DB610752AB84}" = lport=139 | protocol=6 | dir=in | app=system |
"{7B6AB435-F956-4EAF-BD49-96DFE45862FE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B2F58D7-46FC-497E-BE41-05315B88F14D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EFC7751-88EB-4AE7-A686-C17C576DE2ED}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8F54C6BC-460C-4463-AE15-15DA54D96614}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F77360B-198E-4D71-AA1B-ED4F905101A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95B4B7DC-6021-4C14-A9FA-E6A77CBB1CA4}" = lport=445 | protocol=6 | dir=in | app=system |
"{A67BEC96-47AB-4F38-99E2-23DE72CD90B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{AA617932-50CB-4DD4-8146-2667E8EC0120}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3C18A7A-A3B3-4497-94F4-25748C9A9EE4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B68E5BEC-81B2-4FFF-B762-751555FF1AE3}" = rport=138 | protocol=17 | dir=out | app=system |
"{E35F4C65-B643-4484-A629-CC3910941402}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB33CFB4-BF56-476A-BF0C-794D23EE3AF9}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A5FA1DB-1119-4E58-8C1C-8352F58AE430}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{10DE0ED0-871D-4C58-9A45-2608FF9562C1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{110A880A-2BBB-481C-BD36-BB23689BEA7F}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{15FC3FFE-3DAA-49D7-8766-935455E01319}" = dir=out | name=wordament |
"{1DD9C24F-C34C-4242-970A-59D8546BE18F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{204A76A6-6969-43B7-B127-1CBAFB8D98C7}" = dir=out | name=microsoft mahjong |
"{22ED19A2-620B-427C-9148-CAD1A0B47FDF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2A00176F-1135-471F-BCA2-DDD383D4CCC3}" = dir=out | name=adera |
"{2CD4700E-2F1B-4AC0-A643-C5998CEE86DD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2DD5B198-F19D-4922-829F-3351C1514726}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2DF87CA4-9215-400D-ADF5-01C6A661F128}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3495892C-F953-40BF-8751-0A490526EA1C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{36A47206-6651-4E46-B5E5-6DFFEB87DCF2}" = dir=out | name=microsoft minesweeper |
"{376ABBD0-FA97-4CB6-929C-7B1EEA4E8195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A27FC7A-F11E-470F-BFF6-804DEDA4F83B}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3F46C518-30FF-40D5-A5AA-DD5ADDAEC076}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{42C165C6-58F4-4C9A-92FE-907C178867B1}" = dir=out | name=windows_ie_ac_001 |
"{4840850F-C69D-469A-AC3D-0815E3E67A61}" = dir=out | name=taptiles |
"{48EE32AA-3627-4117-964A-63260503D7F4}" = dir=out | name=windows_ie_ac_001 |
"{5BAF0E41-95C0-46A1-9713-30E28457C345}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{610E8104-27BF-4C2C-8C03-01DCAA4D3C91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63C40546-F4FD-4A36-868B-0025B6F14003}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{6493CCFA-AB7E-40F8-9DC7-09F312ED292C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{693DF6D8-E576-405B-9AF9-6D07067DE671}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr9.exe |
"{6C7FA854-9BF2-4429-9303-EC7D9202B0CA}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{6DC80B60-BD6E-4266-8B39-06D16E96B302}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7193D5D5-DAC6-4EEB-92FA-0792EE07F908}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{71D067CA-43A8-4DE6-A91D-7C64B1535556}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7261C1EE-D68E-4A75-ABD2-1BD51B7B314E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{7559C612-737A-438C-BC54-BA6A85784CB7}" = dir=out | name=@{microsoft.skypeapp_1.1.0.25_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{7AFFC3DC-9BCE-4C0E-9473-C0A6A7ACADA7}" = dir=out | name=microsoft solitaire collection |
"{7E3D863E-61E1-4ED0-B0B1-325C57C9BB70}" = dir=out | name=youcam for medion |
"{804DBC88-CBD3-48BE-A5C7-3978474C523F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{85F4B98A-B13C-4D6A-8E8A-E5E1C3A69415}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{919726A9-217D-45A2-BF48-2A92546D0B29}" = dir=out | name=pentomino |
"{93D3F2E1-9CCF-4D3A-B33C-B5AC70152072}" = dir=in | name=@{microsoft.skypeapp_1.1.0.25_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{9A541657-6769-428D-83CA-4B28C27307C3}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9EADB734-EA18-4DC6-9192-A5E3320B32DA}" = protocol=6 | dir=out | app=system |
"{A73909CD-1B1A-4153-B6FD-BF1609D8B33A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B3F64DA3-34A9-4ABD-84B6-4638F0D4E63C}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{B6A1D9B6-B73A-4BDC-BD8D-C720A3058854}" = dir=out | name=accuweather for windows 8 |
"{B9C5719D-83AA-4C2B-8884-8B0A300847C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BCC135C9-A9CE-4CE1-9A24-B947559B901C}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C0C263E3-6902-4054-B970-5534E9E604B4}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{D7BCB6B7-CBDC-46DB-A9EC-F4DBFC145AB6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DA160ECD-3DF1-429D-AE0E-A0F3533A74C3}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{E428B22D-9916-4D24-B8C4-5F30B57A7190}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E5C3A63B-08C6-4810-B142-72ABDA5BBAF6}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7A02481-A59D-4A8E-96DE-A6721150FB43}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{EDB85A50-417D-4E4F-AF1B-EB05C9587E60}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F13E2EFA-EB15-41E6-8C70-95FD0696C12F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F1B0DF1B-3D3C-497E-BC9C-1B0AA4DED05B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F50C924C-F439-4563-9928-793CC1CC6BBD}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{FB6A9B97-7A66-4949-BE42-00083FA60531}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{FC44FF5A-9C74-4172-BFB5-F20CD0DA4928}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{774B5691-9C74-4A51-8226-6E4C793B96BF}C:\users\henning\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\henning\appdata\roaming\spotify\spotify.exe |
"UDP Query User{1436310F-1ADE-49AF-9FC9-9E7971F54712}C:\users\henning\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\henning\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{1593C708-5535-47A4-8C0F-F8D4BE2B4560}" = Intel® PROSet/Wireless WiFi Software
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6097158B-0184-4140-BEC3-7885794D2571}" = Intel(R) WiDi
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0E1BB4B4-00FF-45B1-914B-AB8D8B9862B3}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema 10
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{49F068F2-4323-417B-AFC8-1E43F479D46C}" = Windows Live Essentials
"{4AA2A466-8031-403A-8236-5301B4E391FB}" = Windows Live UX Platform Language Pack
"{4AF53C99-315D-4536-873F-029D2D274AE2}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{701FE1BC-834A-4857-AF62-6EBA50CFBC78}" = Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{743FD554-A73F-4FE8-BE7B-C283D16297F9}" = Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E63F102-A9E9-4F4C-8004-BC62974736BF}" = Movie Maker
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}" = QuickLaunch
"{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}" = Movie Maker
"{B096A0E4-26A1-4E9F-8548-577964B9434B}" = Windows Live Essentials
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7F31B9C-8775-4500-8E9D-6ABE9AE17CF4}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C7929038-EDFB-416D-A2C9-CC65416DA0DF}" = Photo Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CE542E0D-E056-4426-9F98-084C13E18641}" = Windows Live UX Platform Language Pack
"{D04EBB49-C985-4A38-8695-62000861293A}" = Raccolta foto
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0E0FB88-D570-463E-A98E-733B7B656867}" = Photo Gallery
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}" = PHotkey
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}" = Mediathek
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{F67CA22C-C11F-4573-8406-57F75BA06B51}" = Photo Gallery
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Foxit Reader_is1" = Foxit Reader
"InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = Medion Home Cinema 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"VLC media player" = VLC media player 2.0.6
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1281773549-982182065-3777356010-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 10.05.2013 02:36:03 | Computer Name = Bär | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 10.05.2013 02:39:28 | Computer Name = Bär | Source = DCOM | ID = 10010
Description =
Error - 10.05.2013 02:39:28 | Computer Name = Bär | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005
< End of report >
|
|
10.05.2013, 18:58
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Hm, hast du aswMBR mit dem adwCleaner verwechselt?  Jedenfallls ist das Log von aswMBR gepostet worden, nicht aber das vom AdwCleaner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.05.2013, 08:50
| #21 |
| | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Hoppla Code:
ATTFilter # AdwCleaner v2.300 - Datei am 10/05/2013 um 08:32:27 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzer : henning - BÄR
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\henning\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\henning\AppData\Roaming\Mozilla\Firefox\Profiles\n2ts2czy.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [700 octets] - [10/05/2013 08:32:27]
########## EOF - C:\AdwCleaner[S1].txt - [759 octets] ##########
|
|
12.05.2013, 20:02
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.05.2013, 11:40
| #23 |
| | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? So, hier die Logs. Sieht gut aus, schätze ich. Soll ich die ganzen Programme jetzt einfach deinstallieren? Oder soll ich eins davon behalten? Da befinden sich jetzt auch noch Systemdateien auf dem Desktop, kann ich die einfach löschen oder was soll ich damit machen? Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.13.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16540 henning :: BÄR [Administrator] 13.05.2013 19:47:39 mbam-log-2013-05-13 (19-47-39).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 604269 Laufzeit: 1 Stunde(n), 39 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=870d695e0aff0d449b7a7703b9f91bda
# engine=13825
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-14 10:09:33
# local_time=2013-05-14 12:09:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 85 91 1294941 145239645 0 0
# compatibility_mode=5893 16776574 100 94 358458 17253489 0 0
# scanned=381185
# found=0
# cleaned=0
# scan_time=8157
|
|
14.05.2013, 13:38
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.05.2013, 20:44
| #25 |
| | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? VIELEN VIELEN DANK! Eigentlich melde ich mich im Internet sowieso immer neu an FB, Ebay....), aber ich schau mir das mal an. Danke für den Tip. Was mach ich denn nun mit den ganzen Programmen, die sich jetzt auf meinem Desktop befinden? Nützen die mir noch irgendwas? Oder soll ich sie einfach deinstallieren und löschen? Und die Systemdateien? Da wrd ich immer gearnt, wenn ich die verschieben will?! |
|
15.05.2013, 10:27
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Dann wären wir durch! Falls du noch Lob oder Kritik loswerden möchtest => http://www.trojaner-board.de/lob-kritik-wuensche/ Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Combofix entfernen (nur relevant wenn es hier benutzt wurde!) : Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.05.2013, 14:59
| #27 |
| | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Alles klar, Programme sind runter, und Secunia läuft  Vielen vielen Dank nochmal für die Hilfe und auch für die ganzen Tips!!! |
|
18.05.2013, 08:05
| #28 |
| | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Eine Frage hätte ich aber doch noch: dass der Virus im Container von avast noch angezeigt wird, hat sicher nichts zu bedeuten, oder? Kann ich ihn da jetzt einfach rauslöschen oder wie soll ich damit verfahren? |
|
18.05.2013, 23:21
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? Was habt ihr alle immer nur mit der Quarantäne?  Überleg doch mal was eine Quarantäne ist. Ob da die schädliche Datei drinbleibt oder nicht, das hat keine Auswirkungen. Schädlinge in der Quarantäne können nichts mehr anrichten, sie sind dort isoliert. Du solltest grundsätzlich mit der Quarantäne arbeiten, denn falls der Virenscanner durch einen Fehlalarm was wichtiges löscht, kannst Du notfalls noch über die Quarantäne an die Datei ran.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt? |
| avast, container, datei, dateiname, downloads, externe, externe festplatte, externer, festplatte, gescannt, gestern, logdatei, malwarebytes, platte, poste, posten, protokoll, rojaner gefunden, scan, scanner, schonmal, troja, trojaner, updated, virus, vollständige |
Linear-Darstellung
