|
Log-Analyse und Auswertung: GVU auch im abgesicherrten Modus XP HOME 32Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.06.2013, 11:27 | #1 |
| GVU auch im abgesicherrten Modus XP HOME 32 GVU Trojaner läßt sich im agesicherten Modus leider nicht umgehen. Betriebssytem XP Home 32 bit. Habe zwischenzeitlich über einen 2. Laptop (mit dem ich auch gerade arbeite und poste) die CD OTLPE gebrannt und soweit auch auf dem infizierten Laptop gestartet. Leider habe ich keine Netzwerkverbindung - weder Wireless noch mit Kabel - und komme auch nicht auf die USB Schnittstellen. XP ist mit der OTLPE hochgefahren. Scann für alle User durchgeführt. Weiß nun nicht, wie ich die Datei OTL.txt zum übertagen auf diesen Laptop bekomme, da ich wie gesagt kein Netz habe und auch keinen Zugriff auf USB. Bitte um HIIIIIILLLLLFFFFFEEEE. Danke Paul Habe es mittlerweile geschafft. Hier die OTL.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 6/13/2013 2:05:33 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free Paging file location(s): E:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 127.99 Gb Total Space | 115.67 Gb Free Space | 90.37% Space Free | Partition Type: NTFS Drive E: | 170.10 Gb Total Space | 167.67 Gb Free Space | 98.57% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet002 ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled] -- -- (HidServ) SRV - File not found [On_Demand] -- -- (AppMgmt) SRV - [2013/06/12 11:40:37 | 000,187,904 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\tzdldo.dat -- (winmgmt) SRV - [2013/06/05 06:38:26 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/01/27 06:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2009/10/06 18:19:00 | 000,593,920 | ---- | M] ( ) [Auto] -- C:\WINDOWS\System32\LMabcoms.exe -- (lmab_device) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/09/08 06:10:20 | 000,450,560 | ---- | M] () [Auto] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2008/09/08 06:09:40 | 000,184,320 | ---- | M] () [Auto] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2003/07/28 06:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (USBCCID) DRV - File not found [Kernel | On_Demand] -- -- (RtsUIR) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | System] -- -- (Changer) DRV - [2009/05/14 23:19:59 | 000,165,888 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009/03/12 05:25:12 | 005,051,904 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/12/22 17:47:38 | 000,045,344 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2008/12/22 07:38:54 | 000,761,472 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86) DRV - [2008/08/24 15:22:40 | 000,014,208 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2008/08/05 08:10:12 | 001,684,736 | R--- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008/07/07 14:15:44 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008/07/07 14:15:36 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006/01/04 03:41:48 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Besitzer_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8 IE - HKU\Besitzer_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\Besitzer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie8 IE - HKU\Besitzer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8 IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data] IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.my.yahoo.com/ IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\PRINKTO_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\PRINKTO_ON_C\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) IE - HKU\PRINKTO_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: E:\Programme\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: E:\Programme\Mozilla Firefox\plugins [2013/06/05 06:38:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013/06/05 06:38:28 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2001/08/18 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKU\Besitzer_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\PRINKTO_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKU\Administrator_ON_C..\Run: [ctfmon32.exe] File not found O4 - HKU\Besitzer_ON_C..\Run: [ctfmon32.exe] File not found O4 - HKU\Besitzer_ON_C..\Run: [MSMSGS] File not found O4 - HKU\PRINKTO_ON_C..\Run: [ctfmon32.exe] File not found O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Printkey2000.lnk = C:\Programme\PrintKey2000\Printkey2000.exe (Fred's Software) O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\PRINKTO\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Besitzer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2013/06/13 12:43:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien [2013/06/12 11:49:51 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\PrivacIE [2013/06/12 11:49:41 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache [2013/06/12 11:49:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft [2013/06/12 11:49:23 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft [2013/06/12 11:49:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo [2013/06/12 11:49:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten [2013/06/12 11:49:23 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör [2013/06/12 11:49:23 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü [2013/06/12 11:49:23 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart [2013/06/12 11:49:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung [2013/06/12 11:49:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten [2013/06/12 11:49:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop [2013/06/12 11:45:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Yahoo! [2013/06/12 11:40:37 | 000,187,904 | ---- | C] (Корпорация Майкрософт) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tzdldo.dat [2013/06/12 11:40:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe [2013/06/10 10:45:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Kaufmann Fibu Pro 2013 [2013/06/10 10:44:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sage [2013/06/10 10:44:04 | 000,098,304 | ---- | C] (Inner Media, Inc.) -- C:\WINDOWS\System32\dunzip32.dll [2013/06/10 10:44:02 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll [2013/06/10 10:44:02 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll [2013/06/10 10:44:01 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sage Group [2013/06/10 10:43:58 | 001,045,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjet35.dll [2013/06/10 10:43:58 | 000,407,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrepl35.dll [2013/06/10 10:43:58 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd2x35.dll [2013/06/10 10:43:58 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjint35.dll [2013/06/10 10:43:58 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjter35.dll [2013/06/10 10:43:31 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sage KHK Shared [2013/06/10 10:43:30 | 000,000,000 | ---D | C] -- C:\Programme\Sage [2013/06/10 10:29:44 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sage Software Shared [2013/06/05 06:37:29 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013/06/05 05:35:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\PRINKTO\Anwendungsdaten\CD-LabelPrint [2013/05/23 05:56:00 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hh.exe [2013/05/23 05:55:59 | 001,693,696 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTCLR13n.dll [2013/05/23 05:55:59 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn13n.dll [2013/05/23 05:55:59 | 000,445,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltimg13n.dll [2013/05/23 05:55:59 | 000,360,960 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltdlg13n.ocx [2013/05/23 05:55:59 | 000,206,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltefx13n.dll [2013/05/23 05:55:59 | 000,154,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil13n.DLL [2013/05/23 05:55:59 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfavi13n.dll [2013/05/23 05:55:58 | 001,402,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltdlg13n.dll [2013/05/23 05:55:58 | 000,393,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx7.dll [2013/05/23 05:55:58 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTDIS13n.dll [2013/05/23 05:55:58 | 000,182,784 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfpng13n.dll [2013/05/23 05:55:58 | 000,142,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif13n.dll [2013/05/23 05:55:58 | 000,126,976 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfkodak.dll [2013/05/23 05:55:58 | 000,084,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx13n.dll [2013/05/23 05:55:58 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax13n.dll [2013/05/23 05:55:58 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfpct13n.dll [2013/05/23 05:55:58 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpsd13n.dll [2013/05/23 05:55:58 | 000,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfeps13n.dll [2013/05/23 05:55:58 | 000,046,080 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfwmf13n.dll [2013/05/23 05:55:58 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx13n.dll [2013/05/23 05:55:58 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftga13n.dll [2013/05/23 05:55:58 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwpg13n.dll [2013/05/23 05:55:58 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfras13n.dll [2013/05/23 05:55:58 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcd13n.dll [2013/05/23 05:55:58 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmsp13n.dll [2013/05/23 05:55:57 | 000,389,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP13n.DLL [2013/05/23 05:55:57 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System32\PCDLIB32.DLL [2013/05/23 05:55:57 | 000,182,032 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGSplitter40.ocx [2013/05/23 05:55:57 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp13n.dll [2013/05/23 05:55:56 | 000,831,488 | ---- | C] (Polar sales@polarsoftware.com www.polarsoftware.com) -- C:\WINDOWS\System32\PolarZIP.ocx [2013/05/23 05:55:56 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX [2013/05/23 05:55:56 | 000,493,328 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGToolBars50.ocx [2013/05/23 05:55:56 | 000,364,544 | ---- | C] (Image Computer Systems Ltd) -- C:\WINDOWS\System32\ICXViews.ocx [2013/05/23 05:55:56 | 000,299,008 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGTabs40.ocx [2013/05/23 05:55:51 | 000,000,000 | ---D | C] -- C:\Programme\OKI Templates [2013/05/23 04:45:29 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\PRINKTO\IECompatCache [2013/04/16 04:59:50 | 000,401,408 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll [2013/04/16 04:59:33 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabusb1.dll [2013/04/16 04:59:33 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabpmui.dll [2013/04/16 04:59:32 | 001,040,384 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabserv.dll [2013/04/16 04:59:32 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lmablmpm.dll [2013/04/16 04:59:32 | 000,479,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabpar1.dll [2013/04/16 04:59:32 | 000,450,560 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabiobj.dll [2013/04/16 04:59:32 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabinpa.dll [2013/04/16 04:59:32 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabiesc.dll [2013/04/16 04:59:31 | 000,905,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabip1.dll [2013/04/16 04:59:31 | 000,593,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcoms.exe [2013/04/16 04:59:31 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabhcp.dll [2013/04/16 04:59:30 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcomc.dll [2013/04/16 04:59:30 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcomm.dll [2013/04/16 04:56:40 | 000,630,784 | ---- | C] ( ) -- C:\WINDOWS\System32\softcoin.dll [2013/04/16 04:56:39 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\gencoin.dll [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/06/12 13:09:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/06/12 13:07:07 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.pad [2013/06/12 13:07:02 | 000,201,679 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013/06/12 13:07:01 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2013/06/12 11:49:36 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:45:39 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:40:40 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:40:39 | 000,003,099 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.js [2013/06/12 11:40:37 | 000,187,904 | ---- | M] (Корпорация Майкрософт) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tzdldo.dat [2013/06/12 11:40:37 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe [2013/06/12 10:07:37 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job [2013/06/12 04:15:20 | 000,000,386 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013/06/11 04:09:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/06/10 11:26:42 | 000,000,052 | ---- | M] () -- C:\WINDOWS\seumain.INI [2013/06/10 10:45:17 | 000,001,733 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Kaufmann Fibu Pro 2013.lnk [2013/06/10 10:45:17 | 000,001,727 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PC-Kaufmann Fibu Pro 2013.lnk [2013/06/10 10:45:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Kaufmann Fibu Pro 2013 [2013/06/10 10:44:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\KHKSManC.INI [2013/06/10 10:31:30 | 000,482,376 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013/06/10 10:31:30 | 000,460,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/06/10 10:31:30 | 000,093,934 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013/06/10 10:31:30 | 000,076,784 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/06/06 08:34:48 | 000,017,732 | ---- | M] () -- C:\WINDOWS\System32\OPC9600.cah [2013/06/06 08:34:48 | 000,013,332 | ---- | M] () -- C:\WINDOWS\System32\OPLM_M00.cah [2013/06/06 08:34:48 | 000,000,112 | ---- | M] () -- C:\WINDOWS\OPLM.INI [2013/06/06 08:34:47 | 000,034,896 | ---- | M] () -- C:\WINDOWS\System32\OPHA_M00.cah [2013/06/06 08:34:47 | 000,017,476 | ---- | M] () -- C:\WINDOWS\System32\OPC3100.cah [2013/06/06 08:34:47 | 000,000,176 | ---- | M] () -- C:\WINDOWS\OPHA.INI [2013/06/06 08:14:07 | 000,053,423 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\Lexmark_X364.jpg [2013/05/28 05:21:17 | 000,021,299 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\PB_Überweisung_KtoNr0053706703_ 28-05-2013_1118.pdf [2013/05/28 04:43:39 | 000,024,898 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\PB_Überweisung.pdf [2013/05/23 06:08:32 | 000,000,059 | ---- | M] () -- C:\WINDOWS\LTDLG13N.INI [2013/05/23 05:56:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Okidata [2013/05/16 06:58:43 | 000,115,792 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\OKI.jpg [2013/05/16 06:55:56 | 000,031,247 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\Lexmark_X360.jpg [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/06/12 11:49:36 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:49:23 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk [2013/06/12 11:49:23 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Windows Media Player.lnk [2013/06/12 11:45:37 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:40:40 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:40:39 | 000,003,099 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.js [2013/06/12 11:40:37 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.pad [2013/06/10 10:51:55 | 000,000,052 | ---- | C] () -- C:\WINDOWS\seumain.INI [2013/06/10 10:45:17 | 000,001,733 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Kaufmann Fibu Pro 2013.lnk [2013/06/10 10:45:17 | 000,001,727 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PC-Kaufmann Fibu Pro 2013.lnk [2013/06/10 10:44:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\KHKSManC.INI [2013/06/06 08:34:48 | 000,017,732 | ---- | C] () -- C:\WINDOWS\System32\OPC9600.cah [2013/06/06 08:34:48 | 000,013,332 | ---- | C] () -- C:\WINDOWS\System32\OPLM_M00.cah [2013/06/06 08:34:48 | 000,000,112 | ---- | C] () -- C:\WINDOWS\OPLM.INI [2013/06/06 08:14:29 | 000,053,423 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\Lexmark_X364.jpg [2013/05/28 05:21:17 | 000,021,299 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\PB_Überweisung_KtoNr0053706703_ 28-05-2013_1118.pdf [2013/05/28 04:43:39 | 000,024,898 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\PB_Überweisung.pdf [2013/05/23 05:59:38 | 000,000,059 | ---- | C] () -- C:\WINDOWS\LTDLG13N.INI [2013/05/23 05:56:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\DataMatrix.dll [2013/05/23 05:56:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PDF417.dll [2013/05/16 06:59:00 | 000,115,792 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\OKI.jpg [2013/05/16 06:56:27 | 000,031,247 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\Lexmark_X360.jpg [2013/04/10 10:50:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/04/09 07:48:57 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL [2013/04/02 07:34:06 | 000,000,062 | ---- | C] () -- C:\WINDOWS\Ulead32.ini [2013/04/02 07:11:23 | 000,000,176 | ---- | C] () -- C:\WINDOWS\OPHA.INI [2013/04/02 04:06:07 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2013/03/18 09:50:28 | 000,164,864 | ---- | C] () -- C:\WINDOWS\unwise32.exe [2013/03/18 09:50:28 | 000,006,836 | ---- | C] () -- C:\WINDOWS\unwise32.ini [2013/03/13 13:02:12 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2013/03/13 07:05:15 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2013/03/13 06:24:01 | 000,015,312 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat [2013/03/13 06:19:23 | 000,004,984 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2013/03/13 06:13:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013/03/13 06:10:10 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2013/03/13 06:03:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2013/03/13 06:02:42 | 000,238,352 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/05/08 13:28:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009/05/08 13:28:00 | 001,650,688 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2009/05/08 13:28:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009/05/08 13:28:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2009/05/08 13:28:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009/05/08 13:28:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009/05/08 13:28:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2009/05/08 13:28:00 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2006/12/31 02:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001/10/08 07:37:32 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/10/08 07:36:40 | 000,004,516 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/08/18 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/08/18 08:00:00 | 000,482,376 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2001/08/18 08:00:00 | 000,460,806 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/08/18 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/18 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2001/08/18 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/08/18 08:00:00 | 000,093,934 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2001/08/18 08:00:00 | 000,076,784 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/08/18 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/18 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2001/08/18 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/18 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat ========== LOP Check ========== [2013/03/18 11:30:27 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2013/03/18 11:32:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2013/06/10 10:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sage [2013/06/12 10:07:37 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job [2013/06/12 13:07:01 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ========== Purity Check ========== < End of report > Geändert von pauligauli (13.06.2013 um 11:49 Uhr) |
13.06.2013, 11:29 | #2 |
/// Malware-holic | GVU auch im abgesicherrten Modus XP HOME 32 hi stick raus, neustarten von cd stick rein, log rüberkopieren, evtl. neu erstellen
__________________
__________________ |
13.06.2013, 11:52 | #3 |
| GVU auch im abgesicherrten Modus XP HOME 32 Hallo hier die OTL
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 6/13/2013 2:05:33 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free Paging file location(s): E:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 127.99 Gb Total Space | 115.67 Gb Free Space | 90.37% Space Free | Partition Type: NTFS Drive E: | 170.10 Gb Total Space | 167.67 Gb Free Space | 98.57% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet002 ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled] -- -- (HidServ) SRV - File not found [On_Demand] -- -- (AppMgmt) SRV - [2013/06/12 11:40:37 | 000,187,904 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\tzdldo.dat -- (winmgmt) SRV - [2013/06/05 06:38:26 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/01/27 06:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2009/10/06 18:19:00 | 000,593,920 | ---- | M] ( ) [Auto] -- C:\WINDOWS\System32\LMabcoms.exe -- (lmab_device) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/09/08 06:10:20 | 000,450,560 | ---- | M] () [Auto] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2008/09/08 06:09:40 | 000,184,320 | ---- | M] () [Auto] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2003/07/28 06:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (USBCCID) DRV - File not found [Kernel | On_Demand] -- -- (RtsUIR) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | System] -- -- (Changer) DRV - [2009/05/14 23:19:59 | 000,165,888 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009/03/12 05:25:12 | 005,051,904 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/12/22 17:47:38 | 000,045,344 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2008/12/22 07:38:54 | 000,761,472 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86) DRV - [2008/08/24 15:22:40 | 000,014,208 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2008/08/05 08:10:12 | 001,684,736 | R--- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008/07/07 14:15:44 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008/07/07 14:15:36 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006/01/04 03:41:48 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Besitzer_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8 IE - HKU\Besitzer_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\Besitzer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie8 IE - HKU\Besitzer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8 IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data] IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.my.yahoo.com/ IE - HKU\PRINKTO_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\PRINKTO_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\PRINKTO_ON_C\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) IE - HKU\PRINKTO_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: E:\Programme\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: E:\Programme\Mozilla Firefox\plugins [2013/06/05 06:38:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013/06/05 06:38:28 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2001/08/18 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKU\Besitzer_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\PRINKTO_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKU\Administrator_ON_C..\Run: [ctfmon32.exe] File not found O4 - HKU\Besitzer_ON_C..\Run: [ctfmon32.exe] File not found O4 - HKU\Besitzer_ON_C..\Run: [MSMSGS] File not found O4 - HKU\PRINKTO_ON_C..\Run: [ctfmon32.exe] File not found O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Printkey2000.lnk = C:\Programme\PrintKey2000\Printkey2000.exe (Fred's Software) O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\PRINKTO\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Besitzer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2013/06/13 12:43:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien [2013/06/12 11:49:51 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\PrivacIE [2013/06/12 11:49:41 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache [2013/06/12 11:49:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft [2013/06/12 11:49:23 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft [2013/06/12 11:49:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo [2013/06/12 11:49:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten [2013/06/12 11:49:23 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör [2013/06/12 11:49:23 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü [2013/06/12 11:49:23 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart [2013/06/12 11:49:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen [2013/06/12 11:49:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung [2013/06/12 11:49:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten [2013/06/12 11:49:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop [2013/06/12 11:45:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Yahoo! [2013/06/12 11:40:37 | 000,187,904 | ---- | C] (Корпорация Майкрософт) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tzdldo.dat [2013/06/12 11:40:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe [2013/06/10 10:45:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Kaufmann Fibu Pro 2013 [2013/06/10 10:44:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sage [2013/06/10 10:44:04 | 000,098,304 | ---- | C] (Inner Media, Inc.) -- C:\WINDOWS\System32\dunzip32.dll [2013/06/10 10:44:02 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll [2013/06/10 10:44:02 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll [2013/06/10 10:44:01 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sage Group [2013/06/10 10:43:58 | 001,045,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjet35.dll [2013/06/10 10:43:58 | 000,407,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrepl35.dll [2013/06/10 10:43:58 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd2x35.dll [2013/06/10 10:43:58 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjint35.dll [2013/06/10 10:43:58 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjter35.dll [2013/06/10 10:43:31 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sage KHK Shared [2013/06/10 10:43:30 | 000,000,000 | ---D | C] -- C:\Programme\Sage [2013/06/10 10:29:44 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sage Software Shared [2013/06/05 06:37:29 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013/06/05 05:35:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\PRINKTO\Anwendungsdaten\CD-LabelPrint [2013/05/23 05:56:00 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hh.exe [2013/05/23 05:55:59 | 001,693,696 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTCLR13n.dll [2013/05/23 05:55:59 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn13n.dll [2013/05/23 05:55:59 | 000,445,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltimg13n.dll [2013/05/23 05:55:59 | 000,360,960 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltdlg13n.ocx [2013/05/23 05:55:59 | 000,206,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltefx13n.dll [2013/05/23 05:55:59 | 000,154,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil13n.DLL [2013/05/23 05:55:59 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfavi13n.dll [2013/05/23 05:55:58 | 001,402,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltdlg13n.dll [2013/05/23 05:55:58 | 000,393,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx7.dll [2013/05/23 05:55:58 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTDIS13n.dll [2013/05/23 05:55:58 | 000,182,784 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfpng13n.dll [2013/05/23 05:55:58 | 000,142,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif13n.dll [2013/05/23 05:55:58 | 000,126,976 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfkodak.dll [2013/05/23 05:55:58 | 000,084,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx13n.dll [2013/05/23 05:55:58 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax13n.dll [2013/05/23 05:55:58 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfpct13n.dll [2013/05/23 05:55:58 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpsd13n.dll [2013/05/23 05:55:58 | 000,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfeps13n.dll [2013/05/23 05:55:58 | 000,046,080 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfwmf13n.dll [2013/05/23 05:55:58 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx13n.dll [2013/05/23 05:55:58 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftga13n.dll [2013/05/23 05:55:58 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwpg13n.dll [2013/05/23 05:55:58 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfras13n.dll [2013/05/23 05:55:58 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcd13n.dll [2013/05/23 05:55:58 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfmsp13n.dll [2013/05/23 05:55:57 | 000,389,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP13n.DLL [2013/05/23 05:55:57 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System32\PCDLIB32.DLL [2013/05/23 05:55:57 | 000,182,032 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGSplitter40.ocx [2013/05/23 05:55:57 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp13n.dll [2013/05/23 05:55:56 | 000,831,488 | ---- | C] (Polar sales@polarsoftware.com www.polarsoftware.com) -- C:\WINDOWS\System32\PolarZIP.ocx [2013/05/23 05:55:56 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX [2013/05/23 05:55:56 | 000,493,328 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGToolBars50.ocx [2013/05/23 05:55:56 | 000,364,544 | ---- | C] (Image Computer Systems Ltd) -- C:\WINDOWS\System32\ICXViews.ocx [2013/05/23 05:55:56 | 000,299,008 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGTabs40.ocx [2013/05/23 05:55:51 | 000,000,000 | ---D | C] -- C:\Programme\OKI Templates [2013/05/23 04:45:29 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\PRINKTO\IECompatCache [2013/04/16 04:59:50 | 000,401,408 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll [2013/04/16 04:59:33 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabusb1.dll [2013/04/16 04:59:33 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabpmui.dll [2013/04/16 04:59:32 | 001,040,384 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabserv.dll [2013/04/16 04:59:32 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lmablmpm.dll [2013/04/16 04:59:32 | 000,479,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabpar1.dll [2013/04/16 04:59:32 | 000,450,560 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabiobj.dll [2013/04/16 04:59:32 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabinpa.dll [2013/04/16 04:59:32 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabiesc.dll [2013/04/16 04:59:31 | 000,905,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabip1.dll [2013/04/16 04:59:31 | 000,593,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcoms.exe [2013/04/16 04:59:31 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabhcp.dll [2013/04/16 04:59:30 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcomc.dll [2013/04/16 04:59:30 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcomm.dll [2013/04/16 04:56:40 | 000,630,784 | ---- | C] ( ) -- C:\WINDOWS\System32\softcoin.dll [2013/04/16 04:56:39 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\gencoin.dll [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/06/12 13:09:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/06/12 13:07:07 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.pad [2013/06/12 13:07:02 | 000,201,679 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013/06/12 13:07:01 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2013/06/12 11:49:36 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:45:39 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:40:40 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:40:39 | 000,003,099 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.js [2013/06/12 11:40:37 | 000,187,904 | ---- | M] (Корпорация Майкрософт) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tzdldo.dat [2013/06/12 11:40:37 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe [2013/06/12 10:07:37 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job [2013/06/12 04:15:20 | 000,000,386 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013/06/11 04:09:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/06/10 11:26:42 | 000,000,052 | ---- | M] () -- C:\WINDOWS\seumain.INI [2013/06/10 10:45:17 | 000,001,733 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Kaufmann Fibu Pro 2013.lnk [2013/06/10 10:45:17 | 000,001,727 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PC-Kaufmann Fibu Pro 2013.lnk [2013/06/10 10:45:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Kaufmann Fibu Pro 2013 [2013/06/10 10:44:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\KHKSManC.INI [2013/06/10 10:31:30 | 000,482,376 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013/06/10 10:31:30 | 000,460,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/06/10 10:31:30 | 000,093,934 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013/06/10 10:31:30 | 000,076,784 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/06/06 08:34:48 | 000,017,732 | ---- | M] () -- C:\WINDOWS\System32\OPC9600.cah [2013/06/06 08:34:48 | 000,013,332 | ---- | M] () -- C:\WINDOWS\System32\OPLM_M00.cah [2013/06/06 08:34:48 | 000,000,112 | ---- | M] () -- C:\WINDOWS\OPLM.INI [2013/06/06 08:34:47 | 000,034,896 | ---- | M] () -- C:\WINDOWS\System32\OPHA_M00.cah [2013/06/06 08:34:47 | 000,017,476 | ---- | M] () -- C:\WINDOWS\System32\OPC3100.cah [2013/06/06 08:34:47 | 000,000,176 | ---- | M] () -- C:\WINDOWS\OPHA.INI [2013/06/06 08:14:07 | 000,053,423 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\Lexmark_X364.jpg [2013/05/28 05:21:17 | 000,021,299 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\PB_Überweisung_KtoNr0053706703_ 28-05-2013_1118.pdf [2013/05/28 04:43:39 | 000,024,898 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\PB_Überweisung.pdf [2013/05/23 06:08:32 | 000,000,059 | ---- | M] () -- C:\WINDOWS\LTDLG13N.INI [2013/05/23 05:56:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Okidata [2013/05/16 06:58:43 | 000,115,792 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\OKI.jpg [2013/05/16 06:55:56 | 000,031,247 | ---- | M] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\Lexmark_X360.jpg [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/06/12 11:49:36 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:49:23 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk [2013/06/12 11:49:23 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Windows Media Player.lnk [2013/06/12 11:45:37 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:40:40 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Startmenü\Programme\Autostart\regmonstd.lnk [2013/06/12 11:40:39 | 000,003,099 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.js [2013/06/12 11:40:37 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.pad [2013/06/10 10:51:55 | 000,000,052 | ---- | C] () -- C:\WINDOWS\seumain.INI [2013/06/10 10:45:17 | 000,001,733 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Kaufmann Fibu Pro 2013.lnk [2013/06/10 10:45:17 | 000,001,727 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PC-Kaufmann Fibu Pro 2013.lnk [2013/06/10 10:44:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\KHKSManC.INI [2013/06/06 08:34:48 | 000,017,732 | ---- | C] () -- C:\WINDOWS\System32\OPC9600.cah [2013/06/06 08:34:48 | 000,013,332 | ---- | C] () -- C:\WINDOWS\System32\OPLM_M00.cah [2013/06/06 08:34:48 | 000,000,112 | ---- | C] () -- C:\WINDOWS\OPLM.INI [2013/06/06 08:14:29 | 000,053,423 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\Lexmark_X364.jpg [2013/05/28 05:21:17 | 000,021,299 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\PB_Überweisung_KtoNr0053706703_ 28-05-2013_1118.pdf [2013/05/28 04:43:39 | 000,024,898 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\PB_Überweisung.pdf [2013/05/23 05:59:38 | 000,000,059 | ---- | C] () -- C:\WINDOWS\LTDLG13N.INI [2013/05/23 05:56:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\DataMatrix.dll [2013/05/23 05:56:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PDF417.dll [2013/05/16 06:59:00 | 000,115,792 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\OKI.jpg [2013/05/16 06:56:27 | 000,031,247 | ---- | C] () -- C:\Dokumente und Einstellungen\PRINKTO\Desktop\Lexmark_X360.jpg [2013/04/10 10:50:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/04/09 07:48:57 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL [2013/04/02 07:34:06 | 000,000,062 | ---- | C] () -- C:\WINDOWS\Ulead32.ini [2013/04/02 07:11:23 | 000,000,176 | ---- | C] () -- C:\WINDOWS\OPHA.INI [2013/04/02 04:06:07 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2013/03/18 09:50:28 | 000,164,864 | ---- | C] () -- C:\WINDOWS\unwise32.exe [2013/03/18 09:50:28 | 000,006,836 | ---- | C] () -- C:\WINDOWS\unwise32.ini [2013/03/13 13:02:12 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2013/03/13 07:05:15 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2013/03/13 06:24:01 | 000,015,312 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat [2013/03/13 06:19:23 | 000,004,984 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2013/03/13 06:13:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013/03/13 06:10:10 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2013/03/13 06:03:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2013/03/13 06:02:42 | 000,238,352 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/05/08 13:28:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009/05/08 13:28:00 | 001,650,688 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2009/05/08 13:28:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009/05/08 13:28:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2009/05/08 13:28:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009/05/08 13:28:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009/05/08 13:28:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2009/05/08 13:28:00 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2006/12/31 02:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001/10/08 07:37:32 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/10/08 07:36:40 | 000,004,516 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/08/18 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/08/18 08:00:00 | 000,482,376 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2001/08/18 08:00:00 | 000,460,806 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/08/18 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/18 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2001/08/18 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/08/18 08:00:00 | 000,093,934 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2001/08/18 08:00:00 | 000,076,784 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/08/18 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/18 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2001/08/18 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/18 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat ========== LOP Check ========== [2013/03/18 11:30:27 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2013/03/18 11:32:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2013/06/10 10:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sage [2013/06/12 10:07:37 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job [2013/06/12 13:07:01 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ========== Purity Check ========== < End of report > |
13.06.2013, 11:58 | #4 |
/// Malware-holic | GVU auch im abgesicherrten Modus XP HOME 32 Hi, auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL O4 - Startup: C:\Dokumente und Einstellungen\PRINKTO\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) [2013/06/12 11:40:37 | 000,187,904 | ---- | C] (Корпорация Майкрософт) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tzdldo.dat [2013/06/12 11:40:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe [2013/06/12 13:07:07 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.pad [2013/06/12 11:40:39 | 000,003,099 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\odldzt.js :Files :Commands [EMPTYFLASH] [emptytemp] dieses speicherst du auf nem usb stick als fix.txt nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist. • Klicke nun bitte auf den Fix Button. es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick. wenn dies nicht funktioniert, bitte den fix manuell eintragen. dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen, log posten bitte. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die + E Taste.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
13.06.2013, 12:33 | #5 |
| GVU auch im abgesicherrten Modus XP HOME 32 upload will einen link zum thema im Forum ????? wie - wo ??? sorry - ist ok bin gerade am hochladen Meldung Vorgang erfogreich abgeschlossen Datei: MovedFiles.zip_1 empfangen Vorgang erfolgreich abgeschlossen |
13.06.2013, 12:37 | #6 |
/// Malware-holic | GVU auch im abgesicherrten Modus XP HOME 32 thx archiv kannst du löschen vom pc normal modus geht dann: Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> GVU auch im abgesicherrten Modus XP HOME 32 |
13.06.2013, 12:44 | #7 |
| GVU auch im abgesicherrten Modus XP HOME 32 Hi - TDSS hat nichts gefunden. Bin ich damit von diesem Trojaner befreit ? Wenn ja, vielen vielen vielen Dank an Dich 13:39:22.0252 2356 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 13:39:22.0439 2356 ============================================================ 13:39:22.0439 2356 Current date / time: 2013/06/13 13:39:22.0439 13:39:22.0439 2356 SystemInfo: 13:39:22.0439 2356 13:39:22.0439 2356 OS Version: 5.1.2600 ServicePack: 3.0 13:39:22.0439 2356 Product type: Workstation 13:39:22.0439 2356 ComputerName: SHALIMAR 13:39:22.0439 2356 UserName: PRINKTO 13:39:22.0439 2356 Windows directory: E:\WINDOWS 13:39:22.0439 2356 System windows directory: E:\WINDOWS 13:39:22.0439 2356 Processor architecture: Intel x86 13:39:22.0439 2356 Number of processors: 2 13:39:22.0439 2356 Page size: 0x1000 13:39:22.0439 2356 Boot type: Normal boot 13:39:22.0439 2356 ============================================================ 13:39:25.0846 2356 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 13:39:25.0877 2356 Drive \Device\Harddisk1\DR3 - Size: 0x3C3FFE00 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 13:39:25.0877 2356 ============================================================ 13:39:25.0877 2356 \Device\Harddisk0\DR0: 13:39:25.0877 2356 MBR partitions: 13:39:25.0877 2356 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05 13:39:25.0877 2356 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFFFAC44, BlocksNum 0x15432A7D 13:39:25.0877 2356 \Device\Harddisk1\DR3: 13:39:25.0877 2356 MBR partitions: 13:39:25.0877 2356 ============================================================ 13:39:25.0893 2356 E: <-> \Device\Harddisk0\DR0\Partition1 13:39:25.0939 2356 K: <-> \Device\Harddisk0\DR0\Partition2 13:39:25.0939 2356 ============================================================ 13:39:25.0939 2356 Initialize success 13:39:25.0939 2356 ============================================================ 13:39:39.0487 2108 ============================================================ 13:39:39.0487 2108 Scan started 13:39:39.0487 2108 Mode: Manual; 13:39:39.0487 2108 ============================================================ 13:39:42.0409 2108 ================ Scan system memory ======================== 13:39:42.0409 2108 System memory - ok 13:39:42.0409 2108 ================ Scan services ============================= 13:39:42.0503 2108 Abiosdsk - ok 13:39:42.0503 2108 abp480n5 - ok 13:39:42.0550 2108 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI E:\WINDOWS\system32\DRIVERS\ACPI.sys 13:39:42.0612 2108 ACPI - ok 13:39:42.0659 2108 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC E:\WINDOWS\system32\DRIVERS\ACPIEC.sys 13:39:42.0675 2108 ACPIEC - ok 13:39:42.0691 2108 adpu160m - ok 13:39:42.0737 2108 [ 8BED39E3C35D6A489438B8141717A557 ] aec E:\WINDOWS\system32\drivers\aec.sys 13:39:42.0737 2108 aec - ok 13:39:42.0784 2108 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD E:\WINDOWS\System32\drivers\afd.sys 13:39:42.0862 2108 AFD - ok 13:39:42.0878 2108 Aha154x - ok 13:39:42.0878 2108 aic78u2 - ok 13:39:42.0894 2108 aic78xx - ok 13:39:42.0941 2108 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter E:\WINDOWS\system32\alrsvc.dll 13:39:43.0003 2108 Alerter - ok 13:39:43.0019 2108 [ 190CD73D4984F94D823F9444980513E5 ] ALG E:\WINDOWS\System32\alg.exe 13:39:43.0066 2108 ALG - ok 13:39:43.0081 2108 AliIde - ok 13:39:43.0144 2108 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt E:\WINDOWS\system32\drivers\Ambfilt.sys 13:39:43.0269 2108 Ambfilt - ok 13:39:43.0284 2108 amsint - ok 13:39:43.0284 2108 AppMgmt - ok 13:39:43.0284 2108 asc - ok 13:39:43.0300 2108 asc3350p - ok 13:39:43.0300 2108 asc3550 - ok 13:39:43.0409 2108 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 13:39:43.0503 2108 aspnet_state - ok 13:39:43.0550 2108 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac E:\WINDOWS\system32\DRIVERS\asyncmac.sys 13:39:43.0597 2108 AsyncMac - ok 13:39:43.0644 2108 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi E:\WINDOWS\system32\DRIVERS\atapi.sys 13:39:43.0644 2108 atapi - ok 13:39:43.0659 2108 Atdisk - ok 13:39:43.0675 2108 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc E:\WINDOWS\system32\DRIVERS\atmarpc.sys 13:39:43.0738 2108 Atmarpc - ok 13:39:43.0816 2108 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv E:\WINDOWS\System32\audiosrv.dll 13:39:43.0847 2108 AudioSrv - ok 13:39:43.0878 2108 [ D9F724AA26C010A217C97606B160ED68 ] audstub E:\WINDOWS\system32\DRIVERS\audstub.sys 13:39:43.0894 2108 audstub - ok 13:39:43.0941 2108 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep E:\WINDOWS\system32\drivers\Beep.sys 13:39:43.0988 2108 Beep - ok 13:39:44.0066 2108 [ D6F603772A789BB3228F310D650B8BD1 ] BITS E:\WINDOWS\System32\qmgr.dll 13:39:44.0206 2108 BITS - ok 13:39:44.0238 2108 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser E:\WINDOWS\System32\browser.dll 13:39:44.0300 2108 Browser - ok 13:39:44.0331 2108 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k E:\WINDOWS\system32\drivers\cbidf2k.sys 13:39:44.0347 2108 cbidf2k - ok 13:39:44.0363 2108 cd20xrnt - ok 13:39:44.0394 2108 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio E:\WINDOWS\system32\drivers\Cdaudio.sys 13:39:44.0441 2108 Cdaudio - ok 13:39:44.0472 2108 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs E:\WINDOWS\system32\drivers\Cdfs.sys 13:39:44.0472 2108 Cdfs - ok 13:39:44.0488 2108 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom E:\WINDOWS\system32\DRIVERS\cdrom.sys 13:39:44.0534 2108 Cdrom - ok 13:39:44.0550 2108 Changer - ok 13:39:44.0597 2108 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc E:\WINDOWS\System32\cisvc.exe 13:39:44.0613 2108 cisvc - ok 13:39:44.0628 2108 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv E:\WINDOWS\system32\clipsrv.exe 13:39:44.0659 2108 ClipSrv - ok 13:39:44.0941 2108 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:39:45.0066 2108 clr_optimization_v2.0.50727_32 - ok 13:39:45.0113 2108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:39:45.0175 2108 clr_optimization_v4.0.30319_32 - ok 13:39:45.0206 2108 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt E:\WINDOWS\system32\DRIVERS\CmBatt.sys 13:39:45.0222 2108 CmBatt - ok 13:39:45.0238 2108 CmdIde - ok 13:39:45.0253 2108 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt E:\WINDOWS\system32\DRIVERS\compbatt.sys 13:39:45.0269 2108 Compbatt - ok 13:39:45.0269 2108 COMSysApp - ok 13:39:45.0285 2108 Cpqarray - ok 13:39:45.0316 2108 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc E:\WINDOWS\System32\cryptsvc.dll 13:39:45.0347 2108 CryptSvc - ok 13:39:45.0347 2108 dac2w2k - ok 13:39:45.0363 2108 dac960nt - ok 13:39:45.0410 2108 [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch E:\WINDOWS\system32\rpcss.dll 13:39:45.0425 2108 DcomLaunch - ok 13:39:45.0456 2108 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp E:\WINDOWS\System32\dhcpcsvc.dll 13:39:45.0503 2108 Dhcp - ok 13:39:45.0519 2108 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk E:\WINDOWS\system32\DRIVERS\disk.sys 13:39:45.0566 2108 Disk - ok 13:39:45.0566 2108 dmadmin - ok 13:39:45.0613 2108 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot E:\WINDOWS\system32\drivers\dmboot.sys 13:39:45.0675 2108 dmboot - ok 13:39:45.0706 2108 [ 53720AB12B48719D00E327DA470A619A ] dmio E:\WINDOWS\system32\drivers\dmio.sys 13:39:45.0738 2108 dmio - ok 13:39:45.0769 2108 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload E:\WINDOWS\system32\drivers\dmload.sys 13:39:45.0800 2108 dmload - ok 13:39:45.0831 2108 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver E:\WINDOWS\System32\dmserver.dll 13:39:45.0878 2108 dmserver - ok 13:39:45.0925 2108 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic E:\WINDOWS\system32\drivers\DMusic.sys 13:39:45.0925 2108 DMusic - ok 13:39:45.0956 2108 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache E:\WINDOWS\System32\dnsrslvr.dll 13:39:45.0972 2108 Dnscache - ok 13:39:46.0019 2108 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc E:\WINDOWS\System32\dot3svc.dll 13:39:46.0128 2108 Dot3svc - ok 13:39:46.0128 2108 dpti2o - ok 13:39:46.0160 2108 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud E:\WINDOWS\system32\drivers\drmkaud.sys 13:39:46.0160 2108 drmkaud - ok 13:39:46.0191 2108 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost E:\WINDOWS\System32\eapsvc.dll 13:39:46.0253 2108 EapHost - ok 13:39:46.0331 2108 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc E:\WINDOWS\System32\ersvc.dll 13:39:46.0347 2108 ERSvc - ok 13:39:46.0410 2108 [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog E:\WINDOWS\system32\services.exe 13:39:46.0472 2108 Eventlog - ok 13:39:46.0472 2108 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem E:\WINDOWS\System32\es.dll 13:39:46.0488 2108 EventSystem - ok 13:39:46.0519 2108 [ 38D332A6D56AF32635675F132548343E ] Fastfat E:\WINDOWS\system32\drivers\Fastfat.sys 13:39:46.0582 2108 Fastfat - ok 13:39:46.0644 2108 [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility E:\WINDOWS\System32\shsvcs.dll 13:39:46.0691 2108 FastUserSwitchingCompatibility - ok 13:39:46.0707 2108 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc E:\WINDOWS\system32\drivers\Fdc.sys 13:39:46.0738 2108 Fdc - ok 13:39:46.0769 2108 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips E:\WINDOWS\system32\drivers\Fips.sys 13:39:46.0800 2108 Fips - ok 13:39:46.0800 2108 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk E:\WINDOWS\system32\drivers\Flpydisk.sys 13:39:46.0832 2108 Flpydisk - ok 13:39:46.0863 2108 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr E:\WINDOWS\system32\drivers\fltmgr.sys 13:39:46.0910 2108 FltMgr - ok 13:39:47.0035 2108 [ 606ACB555E9E3599537B2F33E73082B1 ] ForceWare Intelligent Application Manager (IAM) E:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe 13:39:47.0144 2108 ForceWare Intelligent Application Manager (IAM) - ok 13:39:47.0160 2108 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec E:\WINDOWS\system32\drivers\Fs_Rec.sys 13:39:47.0175 2108 Fs_Rec - ok 13:39:47.0191 2108 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk E:\WINDOWS\system32\DRIVERS\ftdisk.sys 13:39:47.0207 2108 Ftdisk - ok 13:39:47.0253 2108 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc E:\WINDOWS\system32\DRIVERS\msgpc.sys 13:39:47.0300 2108 Gpc - ok 13:39:47.0347 2108 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus E:\WINDOWS\system32\DRIVERS\HDAudBus.sys 13:39:47.0410 2108 HDAudBus - ok 13:39:47.0488 2108 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 13:39:47.0503 2108 helpsvc - ok 13:39:47.0519 2108 HidServ - ok 13:39:47.0550 2108 [ ED29F14101523A6E0E808107405D452C ] hkmsvc E:\WINDOWS\System32\kmsvc.dll 13:39:47.0660 2108 hkmsvc - ok 13:39:47.0660 2108 hpn - ok 13:39:47.0675 2108 hpt3xx - ok 13:39:47.0707 2108 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP E:\WINDOWS\system32\Drivers\HTTP.sys 13:39:47.0707 2108 HTTP - ok 13:39:47.0738 2108 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter E:\WINDOWS\System32\w3ssl.dll 13:39:47.0753 2108 HTTPFilter - ok 13:39:47.0769 2108 i2omgmt - ok 13:39:47.0769 2108 i2omp - ok 13:39:47.0800 2108 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt E:\WINDOWS\system32\DRIVERS\i8042prt.sys 13:39:47.0847 2108 i8042prt - ok 13:39:47.0863 2108 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi E:\WINDOWS\system32\DRIVERS\imapi.sys 13:39:47.0910 2108 Imapi - ok 13:39:47.0941 2108 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService E:\WINDOWS\System32\imapi.exe 13:39:47.0941 2108 ImapiService - ok 13:39:47.0957 2108 ini910u - ok 13:39:48.0128 2108 [ 2B1CDDFE53715372B2677ACE12FC9FE5 ] IntcAzAudAddService E:\WINDOWS\system32\drivers\RtkHDAud.sys 13:39:48.0160 2108 IntcAzAudAddService - ok 13:39:48.0175 2108 IntelIde - ok 13:39:48.0191 2108 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm E:\WINDOWS\system32\DRIVERS\intelppm.sys 13:39:48.0222 2108 intelppm - ok 13:39:48.0269 2108 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw E:\WINDOWS\system32\drivers\ip6fw.sys 13:39:48.0332 2108 ip6fw - ok 13:39:48.0363 2108 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver E:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 13:39:48.0410 2108 IpFilterDriver - ok 13:39:48.0410 2108 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp E:\WINDOWS\system32\DRIVERS\ipinip.sys 13:39:48.0457 2108 IpInIp - ok 13:39:48.0488 2108 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat E:\WINDOWS\system32\DRIVERS\ipnat.sys 13:39:48.0519 2108 IpNat - ok 13:39:48.0519 2108 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec E:\WINDOWS\system32\DRIVERS\ipsec.sys 13:39:48.0582 2108 IPSec - ok 13:39:48.0613 2108 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM E:\WINDOWS\system32\DRIVERS\irenum.sys 13:39:48.0629 2108 IRENUM - ok 13:39:48.0675 2108 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp E:\WINDOWS\system32\DRIVERS\isapnp.sys 13:39:48.0707 2108 isapnp - ok 13:39:48.0722 2108 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass E:\WINDOWS\system32\DRIVERS\kbdclass.sys 13:39:48.0754 2108 Kbdclass - ok 13:39:48.0785 2108 [ 692BCF44383D056AED41B045A323D378 ] kmixer E:\WINDOWS\system32\drivers\kmixer.sys 13:39:48.0785 2108 kmixer - ok 13:39:48.0800 2108 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD E:\WINDOWS\system32\drivers\KSecDD.sys 13:39:48.0847 2108 KSecDD - ok 13:39:48.0894 2108 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] lanmanserver E:\WINDOWS\System32\srvsvc.dll 13:39:48.0925 2108 lanmanserver - ok 13:39:48.0941 2108 [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] lanmanworkstation E:\WINDOWS\System32\wkssvc.dll 13:39:48.0988 2108 lanmanworkstation - ok 13:39:48.0988 2108 lbrtfdc - ok 13:39:49.0004 2108 lmab_device - ok 13:39:49.0035 2108 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts E:\WINDOWS\System32\lmhsvc.dll 13:39:49.0050 2108 LmHosts - ok 13:39:49.0082 2108 [ B7550A7107281D170CE85524B1488C98 ] Messenger E:\WINDOWS\System32\msgsvc.dll 13:39:49.0113 2108 Messenger - ok 13:39:49.0160 2108 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd E:\WINDOWS\system32\drivers\mnmdd.sys 13:39:49.0175 2108 mnmdd - ok 13:39:49.0207 2108 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc E:\WINDOWS\System32\mnmsrvc.exe 13:39:49.0300 2108 mnmsrvc - ok 13:39:49.0347 2108 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem E:\WINDOWS\system32\drivers\Modem.sys 13:39:49.0379 2108 Modem - ok 13:39:49.0441 2108 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt E:\WINDOWS\system32\drivers\Monfilt.sys 13:39:49.0519 2108 Monfilt - ok 13:39:49.0550 2108 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass E:\WINDOWS\system32\DRIVERS\mouclass.sys 13:39:49.0566 2108 Mouclass - ok 13:39:49.0597 2108 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr E:\WINDOWS\system32\drivers\MountMgr.sys 13:39:49.0644 2108 MountMgr - ok 13:39:49.0675 2108 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance E:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 13:39:49.0754 2108 MozillaMaintenance - ok 13:39:49.0800 2108 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter E:\WINDOWS\system32\DRIVERS\MpFilter.sys 13:39:49.0863 2108 MpFilter - ok 13:39:49.0972 2108 [ A69630D039C38018689190234F866D77 ] MpKsl53d1d58f E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{AC2B559F-E6FF-4B24-A4F2-CC4E65EA76B6}\MpKsl53d1d58f.sys 13:39:49.0972 2108 MpKsl53d1d58f - ok 13:39:49.0988 2108 mraid35x - ok 13:39:49.0988 2108 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV E:\WINDOWS\system32\DRIVERS\mrxdav.sys 13:39:50.0035 2108 MRxDAV - ok 13:39:50.0097 2108 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb E:\WINDOWS\system32\DRIVERS\mrxsmb.sys 13:39:50.0176 2108 MRxSmb - ok 13:39:50.0207 2108 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC E:\WINDOWS\System32\msdtc.exe 13:39:50.0222 2108 MSDTC - ok 13:39:50.0238 2108 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs E:\WINDOWS\system32\drivers\Msfs.sys 13:39:50.0347 2108 Msfs - ok 13:39:50.0347 2108 MSIServer - ok 13:39:50.0379 2108 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV E:\WINDOWS\system32\drivers\MSKSSRV.sys 13:39:50.0394 2108 MSKSSRV - ok 13:39:50.0441 2108 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc E:\Programme\Microsoft Security Client\MsMpEng.exe 13:39:50.0457 2108 MsMpSvc - ok 13:39:50.0488 2108 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK E:\WINDOWS\system32\drivers\MSPCLOCK.sys 13:39:50.0504 2108 MSPCLOCK - ok 13:39:50.0535 2108 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM E:\WINDOWS\system32\drivers\MSPQM.sys 13:39:50.0551 2108 MSPQM - ok 13:39:50.0582 2108 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios E:\WINDOWS\system32\DRIVERS\mssmbios.sys 13:39:50.0597 2108 mssmbios - ok 13:39:50.0613 2108 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup E:\WINDOWS\system32\drivers\Mup.sys 13:39:50.0660 2108 Mup - ok 13:39:50.0691 2108 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent E:\WINDOWS\System32\qagentrt.dll 13:39:50.0785 2108 napagent - ok 13:39:50.0816 2108 [ 1DF7F42665C94B825322FAE71721130D ] NDIS E:\WINDOWS\system32\drivers\NDIS.sys 13:39:50.0879 2108 NDIS - ok 13:39:50.0894 2108 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi E:\WINDOWS\system32\DRIVERS\ndistapi.sys 13:39:50.0910 2108 NdisTapi - ok 13:39:50.0941 2108 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio E:\WINDOWS\system32\DRIVERS\ndisuio.sys 13:39:50.0972 2108 Ndisuio - ok 13:39:50.0988 2108 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan E:\WINDOWS\system32\DRIVERS\ndiswan.sys 13:39:51.0051 2108 NdisWan - ok 13:39:51.0051 2108 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy E:\WINDOWS\system32\drivers\NDProxy.sys 13:39:51.0082 2108 NDProxy - ok 13:39:51.0097 2108 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS E:\WINDOWS\system32\DRIVERS\netbios.sys 13:39:51.0144 2108 NetBIOS - ok 13:39:51.0176 2108 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT E:\WINDOWS\system32\DRIVERS\netbt.sys 13:39:51.0301 2108 NetBT - ok 13:39:51.0363 2108 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE E:\WINDOWS\system32\netdde.exe 13:39:51.0457 2108 NetDDE - ok 13:39:51.0457 2108 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm E:\WINDOWS\system32\netdde.exe 13:39:51.0472 2108 NetDDEdsdm - ok 13:39:51.0504 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon E:\WINDOWS\System32\lsass.exe 13:39:51.0519 2108 Netlogon - ok 13:39:51.0566 2108 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman E:\WINDOWS\System32\netman.dll 13:39:51.0613 2108 Netman - ok 13:39:51.0660 2108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 13:39:51.0738 2108 NetTcpPortSharing - ok 13:39:51.0816 2108 [ F12B9D9A069331877D006CC81B4735F9 ] Nla E:\WINDOWS\System32\mswsock.dll 13:39:51.0816 2108 Nla - ok 13:39:51.0848 2108 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs E:\WINDOWS\system32\drivers\Npfs.sys 13:39:51.0879 2108 Npfs - ok 13:39:51.0926 2108 [ FB988984573BE3CB17EA73F346645144 ] nSvcIp E:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe 13:39:52.0066 2108 nSvcIp - ok 13:39:52.0098 2108 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs E:\WINDOWS\system32\drivers\Ntfs.sys 13:39:52.0191 2108 Ntfs - ok 13:39:52.0191 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp E:\WINDOWS\System32\lsass.exe 13:39:52.0207 2108 NtLmSsp - ok 13:39:52.0254 2108 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc E:\WINDOWS\system32\ntmssvc.dll 13:39:52.0332 2108 NtmsSvc - ok 13:39:52.0379 2108 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null E:\WINDOWS\system32\drivers\Null.sys 13:39:52.0410 2108 Null - ok 13:39:52.0598 2108 [ 69CC3F6412875865DB687A487C5AF66E ] nv E:\WINDOWS\system32\DRIVERS\nv4_mini.sys 13:39:52.0910 2108 nv - ok 13:39:52.0973 2108 [ 28727D0F5CA6579890D0B6AD1598C935 ] NVENETFD E:\WINDOWS\system32\DRIVERS\NVENETFD.sys 13:39:53.0019 2108 NVENETFD - ok 13:39:53.0082 2108 [ AB899F1C08D01C2D2D14E45867A6982A ] NVHDA E:\WINDOWS\system32\drivers\nvhda32.sys 13:39:53.0144 2108 NVHDA - ok 13:39:53.0176 2108 [ A3CD61AF33E8B3CC2CC22BD37F867D54 ] nvnetbus E:\WINDOWS\system32\DRIVERS\nvnetbus.sys 13:39:53.0238 2108 nvnetbus - ok 13:39:53.0285 2108 [ 2A085AEC3AB2B1211611D2A7B9E22456 ] nvsmu E:\WINDOWS\system32\DRIVERS\nvsmu.sys 13:39:53.0316 2108 nvsmu - ok 13:39:53.0363 2108 [ AF80C3FB20B7681AB89E15310AE043C8 ] NVSvc E:\WINDOWS\System32\nvsvc32.exe 13:39:53.0504 2108 NVSvc - ok 13:39:53.0551 2108 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt E:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 13:39:53.0566 2108 NwlnkFlt - ok 13:39:53.0566 2108 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd E:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 13:39:53.0598 2108 NwlnkFwd - ok 13:39:53.0691 2108 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose E:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 13:39:53.0738 2108 ose - ok 13:39:53.0785 2108 [ F84785660305B9B903FB3BCA8BA29837 ] Parport E:\WINDOWS\system32\drivers\Parport.sys 13:39:53.0848 2108 Parport - ok 13:39:53.0863 2108 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr E:\WINDOWS\system32\drivers\PartMgr.sys 13:39:53.0895 2108 PartMgr - ok 13:39:53.0926 2108 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm E:\WINDOWS\system32\drivers\ParVdm.sys 13:39:53.0941 2108 ParVdm - ok 13:39:53.0988 2108 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI E:\WINDOWS\system32\DRIVERS\pci.sys 13:39:54.0035 2108 PCI - ok 13:39:54.0035 2108 PCIDump - ok 13:39:54.0051 2108 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde E:\WINDOWS\system32\DRIVERS\pciide.sys 13:39:54.0066 2108 PCIIde - ok 13:39:54.0098 2108 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia E:\WINDOWS\system32\drivers\Pcmcia.sys 13:39:54.0129 2108 Pcmcia - ok 13:39:54.0129 2108 PDCOMP - ok 13:39:54.0145 2108 PDFRAME - ok 13:39:54.0145 2108 PDRELI - ok 13:39:54.0145 2108 PDRFRAME - ok 13:39:54.0160 2108 perc2 - ok 13:39:54.0160 2108 perc2hib - ok 13:39:54.0207 2108 [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay E:\WINDOWS\system32\services.exe 13:39:54.0207 2108 PlugPlay - ok 13:39:54.0207 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent E:\WINDOWS\System32\lsass.exe 13:39:54.0207 2108 PolicyAgent - ok 13:39:54.0254 2108 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport E:\WINDOWS\system32\DRIVERS\raspptp.sys 13:39:54.0285 2108 PptpMiniport - ok 13:39:54.0316 2108 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor E:\WINDOWS\system32\DRIVERS\processr.sys 13:39:54.0348 2108 Processor - ok 13:39:54.0348 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage E:\WINDOWS\system32\lsass.exe 13:39:54.0348 2108 ProtectedStorage - ok 13:39:54.0363 2108 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched E:\WINDOWS\system32\DRIVERS\psched.sys 13:39:54.0410 2108 PSched - ok 13:39:54.0426 2108 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink E:\WINDOWS\system32\DRIVERS\ptilink.sys 13:39:54.0504 2108 Ptilink - ok 13:39:54.0504 2108 ql1080 - ok 13:39:54.0504 2108 Ql10wnt - ok 13:39:54.0520 2108 ql12160 - ok 13:39:54.0520 2108 ql1240 - ok 13:39:54.0535 2108 ql1280 - ok 13:39:54.0535 2108 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd E:\WINDOWS\system32\DRIVERS\rasacd.sys 13:39:54.0551 2108 RasAcd - ok 13:39:54.0582 2108 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto E:\WINDOWS\System32\rasauto.dll 13:39:54.0613 2108 RasAuto - ok 13:39:54.0645 2108 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp E:\WINDOWS\system32\DRIVERS\rasl2tp.sys 13:39:54.0676 2108 Rasl2tp - ok 13:39:54.0754 2108 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan E:\WINDOWS\System32\rasmans.dll 13:39:54.0754 2108 RasMan - ok 13:39:54.0754 2108 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe E:\WINDOWS\system32\DRIVERS\raspppoe.sys 13:39:54.0785 2108 RasPppoe - ok 13:39:54.0801 2108 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti E:\WINDOWS\system32\DRIVERS\raspti.sys 13:39:54.0832 2108 Raspti - ok 13:39:54.0863 2108 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss E:\WINDOWS\system32\DRIVERS\rdbss.sys 13:39:54.0879 2108 Rdbss - ok 13:39:54.0910 2108 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD E:\WINDOWS\system32\DRIVERS\RDPCDD.sys 13:39:54.0926 2108 RDPCDD - ok 13:39:54.0957 2108 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD E:\WINDOWS\system32\drivers\RDPWD.sys 13:39:55.0066 2108 RDPWD - ok 13:39:55.0098 2108 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr E:\WINDOWS\system32\sessmgr.exe 13:39:55.0191 2108 RDSessMgr - ok 13:39:55.0223 2108 [ ED761D453856F795A7FE056E42C36365 ] redbook E:\WINDOWS\system32\DRIVERS\redbook.sys 13:39:55.0270 2108 redbook - ok 13:39:55.0301 2108 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess E:\WINDOWS\System32\mprdim.dll 13:39:55.0348 2108 RemoteAccess - ok 13:39:55.0395 2108 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator E:\WINDOWS\System32\locator.exe 13:39:55.0442 2108 RpcLocator - ok 13:39:55.0473 2108 [ E970C2296916BF4A2F958680016FE312 ] RpcSs E:\WINDOWS\system32\rpcss.dll 13:39:55.0488 2108 RpcSs - ok 13:39:55.0535 2108 [ C7C13D4F574CF7794348B3B2A3F198D8 ] RSUSBSTOR E:\WINDOWS\system32\Drivers\RtsUStor.sys 13:39:55.0567 2108 RSUSBSTOR - ok 13:39:55.0613 2108 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP E:\WINDOWS\System32\rsvp.exe 13:39:55.0660 2108 RSVP - ok 13:39:55.0707 2108 [ 4B0F4924376C1D6CE2955D2FA1E8C9D1 ] RT80x86 E:\WINDOWS\system32\DRIVERS\RT2860.sys 13:39:55.0817 2108 RT80x86 - ok 13:39:55.0832 2108 RtsUIR - ok 13:39:55.0863 2108 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs E:\WINDOWS\system32\lsass.exe 13:39:55.0863 2108 SamSs - ok 13:39:55.0895 2108 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr E:\WINDOWS\System32\SCardSvr.exe 13:39:55.0942 2108 SCardSvr - ok 13:39:55.0973 2108 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule E:\WINDOWS\system32\schedsvc.dll 13:39:56.0035 2108 Schedule - ok 13:39:56.0082 2108 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv E:\WINDOWS\system32\DRIVERS\secdrv.sys 13:39:56.0098 2108 Secdrv - ok 13:39:56.0113 2108 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon E:\WINDOWS\System32\seclogon.dll 13:39:56.0145 2108 seclogon - ok 13:39:56.0160 2108 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS E:\WINDOWS\system32\sens.dll 13:39:56.0160 2108 SENS - ok 13:39:56.0207 2108 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial E:\WINDOWS\system32\drivers\Serial.sys 13:39:56.0270 2108 Serial - ok 13:39:56.0317 2108 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy E:\WINDOWS\system32\drivers\Sfloppy.sys 13:39:56.0332 2108 Sfloppy - ok 13:39:56.0395 2108 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess E:\WINDOWS\System32\ipnathlp.dll 13:39:56.0473 2108 SharedAccess - ok 13:39:56.0488 2108 [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection E:\WINDOWS\System32\shsvcs.dll 13:39:56.0504 2108 ShellHWDetection - ok 13:39:56.0504 2108 Simbad - ok 13:39:56.0520 2108 Sparrow - ok 13:39:56.0551 2108 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter E:\WINDOWS\system32\drivers\splitter.sys 13:39:56.0551 2108 splitter - ok 13:39:56.0567 2108 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler E:\WINDOWS\system32\spoolsv.exe 13:39:57.0223 2108 Spooler - ok 13:39:57.0332 2108 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr E:\WINDOWS\system32\DRIVERS\sr.sys 13:39:57.0426 2108 sr - ok 13:39:57.0489 2108 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice E:\WINDOWS\System32\srsvc.dll 13:39:57.0567 2108 srservice - ok 13:39:57.0645 2108 [ 5252605079810904E31C332E241CD59B ] Srv E:\WINDOWS\system32\DRIVERS\srv.sys 13:39:57.0848 2108 Srv - ok 13:39:57.0879 2108 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV E:\WINDOWS\System32\ssdpsrv.dll 13:39:57.0879 2108 SSDPSRV - ok 13:39:57.0926 2108 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc E:\WINDOWS\system32\wiaservc.dll 13:39:58.0035 2108 stisvc - ok 13:39:58.0067 2108 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum E:\WINDOWS\system32\DRIVERS\swenum.sys 13:39:58.0082 2108 swenum - ok 13:39:58.0379 2108 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi E:\WINDOWS\system32\drivers\swmidi.sys 13:39:58.0410 2108 swmidi - ok 13:39:58.0410 2108 SwPrv - ok 13:39:58.0426 2108 symc810 - ok 13:39:58.0442 2108 symc8xx - ok 13:39:58.0457 2108 sym_hi - ok 13:39:58.0457 2108 sym_u3 - ok 13:39:58.0489 2108 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio E:\WINDOWS\system32\drivers\sysaudio.sys 13:39:58.0489 2108 sysaudio - ok 13:39:58.0567 2108 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog E:\WINDOWS\system32\smlogsvc.exe 13:39:58.0660 2108 SysmonLog - ok 13:39:58.0770 2108 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv E:\WINDOWS\System32\tapisrv.dll 13:39:58.0770 2108 TapiSrv - ok 13:39:58.0879 2108 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip E:\WINDOWS\system32\DRIVERS\tcpip.sys 13:39:59.0020 2108 Tcpip - ok 13:39:59.0161 2108 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE E:\WINDOWS\system32\drivers\TDPIPE.sys 13:39:59.0192 2108 TDPIPE - ok 13:39:59.0223 2108 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP E:\WINDOWS\system32\drivers\TDTCP.sys 13:39:59.0270 2108 TDTCP - ok 13:39:59.0301 2108 [ 88155247177638048422893737429D9E ] TermDD E:\WINDOWS\system32\DRIVERS\termdd.sys 13:39:59.0379 2108 TermDD - ok 13:39:59.0504 2108 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService E:\WINDOWS\System32\termsrv.dll 13:39:59.0536 2108 TermService - ok 13:39:59.0582 2108 [ 40602EBFBE06AA075C8E4560743F6883 ] Themes E:\WINDOWS\System32\shsvcs.dll 13:39:59.0582 2108 Themes - ok 13:39:59.0582 2108 TosIde - ok 13:39:59.0645 2108 [ 626504572B175867F30F3215C04B3E2F ] TrkWks E:\WINDOWS\system32\trkwks.dll 13:39:59.0676 2108 TrkWks - ok 13:39:59.0770 2108 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs E:\WINDOWS\system32\drivers\Udfs.sys 13:39:59.0832 2108 Udfs - ok 13:39:59.0832 2108 ultra - ok 13:39:59.0911 2108 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update E:\WINDOWS\system32\DRIVERS\update.sys 13:40:00.0036 2108 Update - ok 13:40:00.0082 2108 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost E:\WINDOWS\System32\upnphost.dll 13:40:00.0161 2108 upnphost - ok 13:40:00.0192 2108 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS E:\WINDOWS\System32\ups.exe 13:40:00.0254 2108 UPS - ok 13:40:00.0254 2108 USBCCID - ok 13:40:00.0286 2108 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci E:\WINDOWS\system32\DRIVERS\usbehci.sys 13:40:00.0348 2108 usbehci - ok 13:40:00.0379 2108 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub E:\WINDOWS\system32\DRIVERS\usbhub.sys 13:40:00.0426 2108 usbhub - ok 13:40:00.0457 2108 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci E:\WINDOWS\system32\DRIVERS\usbohci.sys 13:40:00.0489 2108 usbohci - ok 13:40:00.0536 2108 [ A717C8721046828520C9EDF31288FC00 ] usbprint E:\WINDOWS\system32\DRIVERS\usbprint.sys 13:40:00.0582 2108 usbprint - ok 13:40:00.0645 2108 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 13:40:00.0676 2108 usbstor - ok 13:40:00.0708 2108 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave E:\WINDOWS\System32\drivers\vga.sys 13:40:00.0723 2108 VgaSave - ok 13:40:00.0723 2108 ViaIde - ok 13:40:00.0786 2108 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap E:\WINDOWS\system32\drivers\VolSnap.sys 13:40:00.0817 2108 VolSnap - ok 13:40:00.0942 2108 [ 68F106273BE29E7B7EF8266977268E78 ] VSS E:\WINDOWS\System32\vssvc.exe 13:40:01.0083 2108 VSS - ok 13:40:01.0129 2108 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time E:\WINDOWS\System32\w32time.dll 13:40:01.0176 2108 W32Time - ok 13:40:01.0254 2108 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp E:\WINDOWS\system32\DRIVERS\wanarp.sys 13:40:01.0286 2108 Wanarp - ok 13:40:01.0286 2108 WDICA - ok 13:40:01.0333 2108 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud E:\WINDOWS\system32\drivers\wdmaud.sys 13:40:01.0333 2108 wdmaud - ok 13:40:01.0379 2108 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient E:\WINDOWS\System32\webclnt.dll 13:40:01.0411 2108 WebClient - ok 13:40:01.0426 2108 winmgmt - ok 13:40:01.0504 2108 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN E:\WINDOWS\System32\mspmsnsv.dll 13:40:01.0614 2108 WmdmPmSN - ok 13:40:01.0692 2108 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi E:\WINDOWS\system32\DRIVERS\wmiacpi.sys 13:40:01.0708 2108 WmiAcpi - ok 13:40:01.0786 2108 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv E:\WINDOWS\System32\wbem\wmiapsrv.exe 13:40:01.0895 2108 WmiApSrv - ok 13:40:01.0989 2108 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 13:40:02.0223 2108 WPFFontCache_v0400 - ok 13:40:02.0270 2108 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL E:\WINDOWS\System32\drivers\ws2ifsl.sys 13:40:02.0286 2108 WS2IFSL - ok 13:40:02.0333 2108 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc E:\WINDOWS\system32\wscsvc.dll 13:40:02.0411 2108 wscsvc - ok 13:40:02.0489 2108 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv E:\WINDOWS\system32\wuauserv.dll 13:40:02.0489 2108 wuauserv - ok 13:40:02.0536 2108 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC E:\WINDOWS\System32\wzcsvc.dll 13:40:02.0598 2108 WZCSVC - ok 13:40:02.0661 2108 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov E:\WINDOWS\System32\xmlprov.dll 13:40:02.0692 2108 xmlprov - ok 13:40:02.0770 2108 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService E:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe 13:40:03.0083 2108 YahooAUService - ok 13:40:03.0083 2108 ================ Scan global =============================== 13:40:03.0145 2108 [ 2C60091CA5F67C3032EAB3B30390C27F ] E:\WINDOWS\system32\basesrv.dll 13:40:03.0192 2108 [ 4CD408F799D4A72B0DE1F1116A77A48E ] E:\WINDOWS\system32\winsrv.dll 13:40:03.0286 2108 [ 4CD408F799D4A72B0DE1F1116A77A48E ] E:\WINDOWS\system32\winsrv.dll 13:40:03.0301 2108 [ 4BB6A83640F1D1792AD21CE767B621C6 ] E:\WINDOWS\system32\services.exe 13:40:03.0301 2108 [Global] - ok 13:40:03.0301 2108 ================ Scan MBR ================================== 13:40:03.0317 2108 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 13:40:03.0536 2108 \Device\Harddisk0\DR0 - ok 13:40:03.0551 2108 [ C69D34E54B66098799C2FD539B89618C ] \Device\Harddisk1\DR3 13:40:05.0177 2108 \Device\Harddisk1\DR3 - ok 13:40:05.0177 2108 ================ Scan VBR ================================== 13:40:05.0192 2108 [ F6AEB760BDB4241C895660634A48C687 ] \Device\Harddisk0\DR0\Partition1 13:40:05.0192 2108 \Device\Harddisk0\DR0\Partition1 - ok 13:40:05.0208 2108 [ E71D37667C41BD5CDE024824CCBC6BEA ] \Device\Harddisk0\DR0\Partition2 13:40:05.0208 2108 \Device\Harddisk0\DR0\Partition2 - ok 13:40:05.0208 2108 ============================================================ 13:40:05.0208 2108 Scan finished 13:40:05.0208 2108 ============================================================ 13:40:05.0239 1372 Detected object count: 0 13:40:05.0239 1372 Actual detected object count: 0 13:40:26.0506 2380 Deinitialize success |
13.06.2013, 13:31 | #8 |
/// Malware-holic | GVU auch im abgesicherrten Modus XP HOME 32 konfiguriere den tdss killer nach anleitung und scanne noch mal
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
13.06.2013, 14:12 | #9 |
| GVU auch im abgesicherrten Modus XP HOME 32 Hat noch was gefunden. Hier die Datei. TDSSKiller.2.8.16.0_13.06.2013_15.07.08_log 15:07:08.0093 0216 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 15:07:08.0312 0216 ============================================================ 15:07:08.0312 0216 Current date / time: 2013/06/13 15:07:08.0312 15:07:08.0312 0216 SystemInfo: 15:07:08.0312 0216 15:07:08.0312 0216 OS Version: 5.1.2600 ServicePack: 3.0 15:07:08.0312 0216 Product type: Workstation 15:07:08.0312 0216 ComputerName: SHALIMAR 15:07:08.0312 0216 UserName: PRINKTO 15:07:08.0312 0216 Windows directory: E:\WINDOWS 15:07:08.0312 0216 System windows directory: E:\WINDOWS 15:07:08.0312 0216 Processor architecture: Intel x86 15:07:08.0312 0216 Number of processors: 2 15:07:08.0312 0216 Page size: 0x1000 15:07:08.0312 0216 Boot type: Normal boot 15:07:08.0312 0216 ============================================================ 15:07:09.0640 0216 BG loaded 15:07:09.0875 0216 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 15:07:09.0875 0216 ============================================================ 15:07:09.0875 0216 \Device\Harddisk0\DR0: 15:07:09.0875 0216 MBR partitions: 15:07:09.0875 0216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05 15:07:09.0875 0216 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFFFAC44, BlocksNum 0x15432A7D 15:07:09.0875 0216 ============================================================ 15:07:09.0921 0216 E: <-> \Device\Harddisk0\DR0\Partition1 15:07:09.0953 0216 K: <-> \Device\Harddisk0\DR0\Partition2 15:07:09.0953 0216 ============================================================ 15:07:09.0953 0216 Initialize success 15:07:09.0953 0216 ============================================================ 15:07:20.0265 3448 ============================================================ 15:07:20.0265 3448 Scan started 15:07:20.0265 3448 Mode: Manual; SigCheck; TDLFS; 15:07:20.0265 3448 ============================================================ 15:07:21.0015 3448 ================ Scan system memory ======================== 15:07:21.0015 3448 System memory - ok 15:07:21.0015 3448 ================ Scan services ============================= 15:07:21.0078 3448 Abiosdsk - ok 15:07:21.0078 3448 abp480n5 - ok 15:07:21.0109 3448 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI E:\WINDOWS\system32\DRIVERS\ACPI.sys 15:07:21.0359 3448 ACPI - ok 15:07:21.0375 3448 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC E:\WINDOWS\system32\DRIVERS\ACPIEC.sys 15:07:21.0484 3448 ACPIEC - ok 15:07:21.0484 3448 adpu160m - ok 15:07:21.0515 3448 [ 8BED39E3C35D6A489438B8141717A557 ] aec E:\WINDOWS\system32\drivers\aec.sys 15:07:21.0609 3448 aec - ok 15:07:21.0640 3448 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD E:\WINDOWS\System32\drivers\afd.sys 15:07:21.0734 3448 AFD - ok 15:07:21.0734 3448 Aha154x - ok 15:07:21.0750 3448 aic78u2 - ok 15:07:21.0750 3448 aic78xx - ok 15:07:21.0781 3448 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter E:\WINDOWS\system32\alrsvc.dll 15:07:21.0859 3448 Alerter - ok 15:07:21.0890 3448 [ 190CD73D4984F94D823F9444980513E5 ] ALG E:\WINDOWS\System32\alg.exe 15:07:21.0968 3448 ALG - ok 15:07:21.0968 3448 AliIde - ok 15:07:22.0046 3448 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt E:\WINDOWS\system32\drivers\Ambfilt.sys 15:07:22.0140 3448 Ambfilt - ok 15:07:22.0140 3448 amsint - ok 15:07:22.0156 3448 AppMgmt - ok 15:07:22.0156 3448 asc - ok 15:07:22.0171 3448 asc3350p - ok 15:07:22.0171 3448 asc3550 - ok 15:07:22.0250 3448 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 15:07:22.0250 3448 aspnet_state - ok 15:07:22.0281 3448 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac E:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:07:22.0359 3448 AsyncMac - ok 15:07:22.0390 3448 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi E:\WINDOWS\system32\DRIVERS\atapi.sys 15:07:22.0500 3448 atapi - ok 15:07:22.0500 3448 Atdisk - ok 15:07:22.0531 3448 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc E:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:07:22.0625 3448 Atmarpc - ok 15:07:22.0671 3448 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv E:\WINDOWS\System32\audiosrv.dll 15:07:22.0765 3448 AudioSrv - ok 15:07:22.0796 3448 [ D9F724AA26C010A217C97606B160ED68 ] audstub E:\WINDOWS\system32\DRIVERS\audstub.sys 15:07:22.0890 3448 audstub - ok 15:07:22.0921 3448 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep E:\WINDOWS\system32\drivers\Beep.sys 15:07:23.0031 3448 Beep - ok 15:07:23.0078 3448 [ D6F603772A789BB3228F310D650B8BD1 ] BITS E:\WINDOWS\System32\qmgr.dll 15:07:23.0171 3448 BITS - ok 15:07:23.0203 3448 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser E:\WINDOWS\System32\browser.dll 15:07:23.0312 3448 Browser - ok 15:07:23.0343 3448 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k E:\WINDOWS\system32\drivers\cbidf2k.sys 15:07:23.0437 3448 cbidf2k - ok 15:07:23.0437 3448 cd20xrnt - ok 15:07:23.0468 3448 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio E:\WINDOWS\system32\drivers\Cdaudio.sys 15:07:23.0562 3448 Cdaudio - ok 15:07:23.0562 3448 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs E:\WINDOWS\system32\drivers\Cdfs.sys 15:07:23.0656 3448 Cdfs - ok 15:07:23.0671 3448 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom E:\WINDOWS\system32\DRIVERS\cdrom.sys 15:07:23.0765 3448 Cdrom - ok 15:07:23.0765 3448 Changer - ok 15:07:23.0796 3448 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc E:\WINDOWS\System32\cisvc.exe 15:07:23.0890 3448 cisvc - ok 15:07:23.0921 3448 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv E:\WINDOWS\system32\clipsrv.exe 15:07:24.0015 3448 ClipSrv - ok 15:07:24.0250 3448 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:07:24.0265 3448 clr_optimization_v2.0.50727_32 - ok 15:07:24.0312 3448 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:07:24.0328 3448 clr_optimization_v4.0.30319_32 - ok 15:07:24.0359 3448 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt E:\WINDOWS\system32\DRIVERS\CmBatt.sys 15:07:24.0453 3448 CmBatt - ok 15:07:24.0453 3448 CmdIde - ok 15:07:24.0484 3448 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt E:\WINDOWS\system32\DRIVERS\compbatt.sys 15:07:24.0578 3448 Compbatt - ok 15:07:24.0578 3448 COMSysApp - ok 15:07:24.0593 3448 Cpqarray - ok 15:07:24.0625 3448 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc E:\WINDOWS\System32\cryptsvc.dll 15:07:24.0718 3448 CryptSvc - ok 15:07:24.0734 3448 dac2w2k - ok 15:07:24.0734 3448 dac960nt - ok 15:07:24.0781 3448 [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch E:\WINDOWS\system32\rpcss.dll 15:07:24.0875 3448 DcomLaunch - ok 15:07:24.0906 3448 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp E:\WINDOWS\System32\dhcpcsvc.dll 15:07:25.0000 3448 Dhcp - ok 15:07:25.0000 3448 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk E:\WINDOWS\system32\DRIVERS\disk.sys 15:07:25.0093 3448 Disk - ok 15:07:25.0093 3448 dmadmin - ok 15:07:25.0156 3448 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot E:\WINDOWS\system32\drivers\dmboot.sys 15:07:25.0281 3448 dmboot - ok 15:07:25.0296 3448 [ 53720AB12B48719D00E327DA470A619A ] dmio E:\WINDOWS\system32\drivers\dmio.sys 15:07:25.0406 3448 dmio - ok 15:07:25.0437 3448 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload E:\WINDOWS\system32\drivers\dmload.sys 15:07:25.0531 3448 dmload - ok 15:07:25.0546 3448 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver E:\WINDOWS\System32\dmserver.dll 15:07:25.0625 3448 dmserver - ok 15:07:25.0656 3448 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic E:\WINDOWS\system32\drivers\DMusic.sys 15:07:25.0750 3448 DMusic - ok 15:07:25.0765 3448 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache E:\WINDOWS\System32\dnsrslvr.dll 15:07:25.0859 3448 Dnscache - ok 15:07:25.0890 3448 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc E:\WINDOWS\System32\dot3svc.dll 15:07:25.0984 3448 Dot3svc - ok 15:07:26.0000 3448 dpti2o - ok 15:07:26.0015 3448 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud E:\WINDOWS\system32\drivers\drmkaud.sys 15:07:26.0109 3448 drmkaud - ok 15:07:26.0140 3448 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost E:\WINDOWS\System32\eapsvc.dll 15:07:26.0250 3448 EapHost - ok 15:07:26.0265 3448 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc E:\WINDOWS\System32\ersvc.dll 15:07:26.0343 3448 ERSvc - ok 15:07:26.0375 3448 [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog E:\WINDOWS\system32\services.exe 15:07:26.0484 3448 Eventlog - ok 15:07:26.0484 3448 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem E:\WINDOWS\System32\es.dll 15:07:26.0578 3448 EventSystem - ok 15:07:26.0609 3448 [ 38D332A6D56AF32635675F132548343E ] Fastfat E:\WINDOWS\system32\drivers\Fastfat.sys 15:07:26.0718 3448 Fastfat - ok 15:07:26.0750 3448 [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility E:\WINDOWS\System32\shsvcs.dll 15:07:26.0843 3448 FastUserSwitchingCompatibility - ok 15:07:26.0859 3448 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc E:\WINDOWS\system32\drivers\Fdc.sys 15:07:26.0953 3448 Fdc - ok 15:07:26.0984 3448 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips E:\WINDOWS\system32\drivers\Fips.sys 15:07:27.0062 3448 Fips - ok 15:07:27.0078 3448 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk E:\WINDOWS\system32\drivers\Flpydisk.sys 15:07:27.0171 3448 Flpydisk - ok 15:07:27.0187 3448 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr E:\WINDOWS\system32\drivers\fltmgr.sys 15:07:27.0265 3448 FltMgr - ok 15:07:27.0375 3448 [ 606ACB555E9E3599537B2F33E73082B1 ] ForceWare Intelligent Application Manager (IAM) E:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe 15:07:27.0406 3448 ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - warning 15:07:27.0406 3448 ForceWare Intelligent Application Manager (IAM) - detected UnsignedFile.Multi.Generic (1) 15:07:27.0406 3448 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec E:\WINDOWS\system32\drivers\Fs_Rec.sys 15:07:27.0500 3448 Fs_Rec - ok 15:07:27.0515 3448 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk E:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:07:27.0609 3448 Ftdisk - ok 15:07:27.0640 3448 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc E:\WINDOWS\system32\DRIVERS\msgpc.sys 15:07:27.0718 3448 Gpc - ok 15:07:27.0750 3448 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus E:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:07:27.0843 3448 HDAudBus - ok 15:07:27.0906 3448 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:07:28.0000 3448 helpsvc - ok 15:07:28.0000 3448 HidServ - ok 15:07:28.0046 3448 [ ED29F14101523A6E0E808107405D452C ] hkmsvc E:\WINDOWS\System32\kmsvc.dll 15:07:28.0125 3448 hkmsvc - ok 15:07:28.0125 3448 hpn - ok 15:07:28.0140 3448 hpt3xx - ok 15:07:28.0187 3448 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP E:\WINDOWS\system32\Drivers\HTTP.sys 15:07:28.0296 3448 HTTP - ok 15:07:28.0312 3448 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter E:\WINDOWS\System32\w3ssl.dll 15:07:28.0406 3448 HTTPFilter - ok 15:07:28.0421 3448 i2omgmt - ok 15:07:28.0421 3448 i2omp - ok 15:07:28.0437 3448 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt E:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:07:28.0531 3448 i8042prt - ok 15:07:28.0546 3448 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi E:\WINDOWS\system32\DRIVERS\imapi.sys 15:07:28.0625 3448 Imapi - ok 15:07:28.0671 3448 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService E:\WINDOWS\System32\imapi.exe 15:07:28.0750 3448 ImapiService - ok 15:07:28.0781 3448 ini910u - ok 15:07:28.0921 3448 [ 2B1CDDFE53715372B2677ACE12FC9FE5 ] IntcAzAudAddService E:\WINDOWS\system32\drivers\RtkHDAud.sys 15:07:29.0093 3448 IntcAzAudAddService - ok 15:07:29.0093 3448 IntelIde - ok 15:07:29.0109 3448 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm E:\WINDOWS\system32\DRIVERS\intelppm.sys 15:07:29.0203 3448 intelppm - ok 15:07:29.0234 3448 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw E:\WINDOWS\system32\drivers\ip6fw.sys 15:07:29.0328 3448 ip6fw - ok 15:07:29.0359 3448 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver E:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:07:29.0453 3448 IpFilterDriver - ok 15:07:29.0453 3448 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp E:\WINDOWS\system32\DRIVERS\ipinip.sys 15:07:29.0546 3448 IpInIp - ok 15:07:29.0562 3448 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat E:\WINDOWS\system32\DRIVERS\ipnat.sys 15:07:29.0640 3448 IpNat - ok 15:07:29.0656 3448 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec E:\WINDOWS\system32\DRIVERS\ipsec.sys 15:07:29.0734 3448 IPSec - ok 15:07:29.0750 3448 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM E:\WINDOWS\system32\DRIVERS\irenum.sys 15:07:29.0843 3448 IRENUM - ok 15:07:29.0859 3448 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp E:\WINDOWS\system32\DRIVERS\isapnp.sys 15:07:29.0953 3448 isapnp - ok 15:07:29.0968 3448 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass E:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:07:30.0062 3448 Kbdclass - ok 15:07:30.0093 3448 [ 692BCF44383D056AED41B045A323D378 ] kmixer E:\WINDOWS\system32\drivers\kmixer.sys 15:07:30.0187 3448 kmixer - ok 15:07:30.0187 3448 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD E:\WINDOWS\system32\drivers\KSecDD.sys 15:07:30.0281 3448 KSecDD - ok 15:07:30.0328 3448 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] lanmanserver E:\WINDOWS\System32\srvsvc.dll 15:07:30.0406 3448 lanmanserver - ok 15:07:30.0421 3448 [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] lanmanworkstation E:\WINDOWS\System32\wkssvc.dll 15:07:30.0500 3448 lanmanworkstation - ok 15:07:30.0515 3448 lbrtfdc - ok 15:07:30.0515 3448 lmab_device - ok 15:07:30.0531 3448 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts E:\WINDOWS\System32\lmhsvc.dll 15:07:30.0625 3448 LmHosts - ok 15:07:30.0656 3448 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy E:\WINDOWS\system32\drivers\mbamswissarmy.sys 15:07:30.0703 3448 MBAMSwissArmy - ok 15:07:30.0718 3448 [ B7550A7107281D170CE85524B1488C98 ] Messenger E:\WINDOWS\System32\msgsvc.dll 15:07:30.0796 3448 Messenger - ok 15:07:30.0843 3448 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd E:\WINDOWS\system32\drivers\mnmdd.sys 15:07:30.0937 3448 mnmdd - ok 15:07:30.0968 3448 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc E:\WINDOWS\System32\mnmsrvc.exe 15:07:31.0046 3448 mnmsrvc - ok 15:07:31.0078 3448 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem E:\WINDOWS\system32\drivers\Modem.sys 15:07:31.0171 3448 Modem - ok 15:07:31.0234 3448 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt E:\WINDOWS\system32\drivers\Monfilt.sys 15:07:31.0312 3448 Monfilt - ok 15:07:31.0328 3448 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass E:\WINDOWS\system32\DRIVERS\mouclass.sys 15:07:31.0421 3448 Mouclass - ok 15:07:31.0437 3448 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr E:\WINDOWS\system32\drivers\MountMgr.sys 15:07:31.0515 3448 MountMgr - ok 15:07:31.0531 3448 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance E:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 15:07:31.0546 3448 MozillaMaintenance - ok 15:07:31.0562 3448 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter E:\WINDOWS\system32\DRIVERS\MpFilter.sys 15:07:31.0578 3448 MpFilter - ok 15:07:31.0640 3448 [ A69630D039C38018689190234F866D77 ] MpKsla48f499f E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\MpKsla48f499f.sys 15:07:31.0656 3448 MpKsla48f499f - ok 15:07:31.0656 3448 mraid35x - ok 15:07:31.0671 3448 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV E:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:07:31.0765 3448 MRxDAV - ok 15:07:31.0781 3448 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb E:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:07:31.0875 3448 MRxSmb - ok 15:07:31.0906 3448 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC E:\WINDOWS\System32\msdtc.exe 15:07:32.0000 3448 MSDTC - ok 15:07:32.0015 3448 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs E:\WINDOWS\system32\drivers\Msfs.sys 15:07:32.0093 3448 Msfs - ok 15:07:32.0093 3448 MSIServer - ok 15:07:32.0125 3448 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV E:\WINDOWS\system32\drivers\MSKSSRV.sys 15:07:32.0203 3448 MSKSSRV - ok 15:07:32.0296 3448 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc E:\Programme\Microsoft Security Client\MsMpEng.exe 15:07:32.0296 3448 MsMpSvc - ok 15:07:32.0328 3448 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK E:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:07:32.0421 3448 MSPCLOCK - ok 15:07:32.0453 3448 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM E:\WINDOWS\system32\drivers\MSPQM.sys 15:07:32.0546 3448 MSPQM - ok 15:07:32.0562 3448 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios E:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:07:32.0656 3448 mssmbios - ok 15:07:32.0671 3448 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup E:\WINDOWS\system32\drivers\Mup.sys 15:07:32.0750 3448 Mup - ok 15:07:32.0781 3448 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent E:\WINDOWS\System32\qagentrt.dll 15:07:32.0859 3448 napagent - ok 15:07:32.0890 3448 [ 1DF7F42665C94B825322FAE71721130D ] NDIS E:\WINDOWS\system32\drivers\NDIS.sys 15:07:32.0968 3448 NDIS - ok 15:07:32.0984 3448 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi E:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:07:33.0062 3448 NdisTapi - ok 15:07:33.0078 3448 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio E:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:07:33.0156 3448 Ndisuio - ok 15:07:33.0187 3448 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan E:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:07:33.0281 3448 NdisWan - ok 15:07:33.0281 3448 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy E:\WINDOWS\system32\drivers\NDProxy.sys 15:07:33.0375 3448 NDProxy - ok 15:07:33.0375 3448 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS E:\WINDOWS\system32\DRIVERS\netbios.sys 15:07:33.0453 3448 NetBIOS - ok 15:07:33.0468 3448 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT E:\WINDOWS\system32\DRIVERS\netbt.sys 15:07:33.0562 3448 NetBT - ok 15:07:33.0593 3448 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE E:\WINDOWS\system32\netdde.exe 15:07:33.0671 3448 NetDDE - ok 15:07:33.0671 3448 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm E:\WINDOWS\system32\netdde.exe 15:07:33.0765 3448 NetDDEdsdm - ok 15:07:33.0796 3448 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon E:\WINDOWS\System32\lsass.exe 15:07:33.0875 3448 Netlogon - ok 15:07:33.0906 3448 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman E:\WINDOWS\System32\netman.dll 15:07:34.0000 3448 Netman - ok 15:07:34.0031 3448 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 15:07:34.0046 3448 NetTcpPortSharing - ok 15:07:34.0078 3448 [ F12B9D9A069331877D006CC81B4735F9 ] Nla E:\WINDOWS\System32\mswsock.dll 15:07:34.0171 3448 Nla - ok 15:07:34.0203 3448 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs E:\WINDOWS\system32\drivers\Npfs.sys 15:07:34.0281 3448 Npfs - ok 15:07:34.0328 3448 [ FB988984573BE3CB17EA73F346645144 ] nSvcIp E:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe 15:07:34.0343 3448 nSvcIp ( UnsignedFile.Multi.Generic ) - warning 15:07:34.0343 3448 nSvcIp - detected UnsignedFile.Multi.Generic (1) 15:07:34.0375 3448 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs E:\WINDOWS\system32\drivers\Ntfs.sys 15:07:34.0468 3448 Ntfs - ok 15:07:34.0468 3448 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp E:\WINDOWS\System32\lsass.exe 15:07:34.0546 3448 NtLmSsp - ok 15:07:34.0578 3448 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc E:\WINDOWS\system32\ntmssvc.dll 15:07:34.0671 3448 NtmsSvc - ok 15:07:34.0703 3448 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null E:\WINDOWS\system32\drivers\Null.sys 15:07:34.0796 3448 Null - ok 15:07:34.0968 3448 [ 69CC3F6412875865DB687A487C5AF66E ] nv E:\WINDOWS\system32\DRIVERS\nv4_mini.sys 15:07:35.0171 3448 nv - ok 15:07:35.0203 3448 [ 28727D0F5CA6579890D0B6AD1598C935 ] NVENETFD E:\WINDOWS\system32\DRIVERS\NVENETFD.sys 15:07:35.0234 3448 NVENETFD - ok 15:07:35.0265 3448 [ AB899F1C08D01C2D2D14E45867A6982A ] NVHDA E:\WINDOWS\system32\drivers\nvhda32.sys 15:07:35.0265 3448 NVHDA - ok 15:07:35.0312 3448 [ A3CD61AF33E8B3CC2CC22BD37F867D54 ] nvnetbus E:\WINDOWS\system32\DRIVERS\nvnetbus.sys 15:07:35.0328 3448 nvnetbus - ok 15:07:35.0359 3448 [ 2A085AEC3AB2B1211611D2A7B9E22456 ] nvsmu E:\WINDOWS\system32\DRIVERS\nvsmu.sys 15:07:35.0390 3448 nvsmu - ok 15:07:35.0406 3448 [ AF80C3FB20B7681AB89E15310AE043C8 ] NVSvc E:\WINDOWS\System32\nvsvc32.exe 15:07:35.0421 3448 NVSvc - ok 15:07:35.0453 3448 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt E:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:07:35.0562 3448 NwlnkFlt - ok 15:07:35.0562 3448 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd E:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:07:35.0656 3448 NwlnkFwd - ok 15:07:35.0718 3448 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose E:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 15:07:35.0734 3448 ose - ok 15:07:35.0781 3448 [ F84785660305B9B903FB3BCA8BA29837 ] Parport E:\WINDOWS\system32\drivers\Parport.sys 15:07:35.0859 3448 Parport - ok 15:07:35.0875 3448 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr E:\WINDOWS\system32\drivers\PartMgr.sys 15:07:35.0953 3448 PartMgr - ok 15:07:35.0984 3448 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm E:\WINDOWS\system32\drivers\ParVdm.sys 15:07:36.0078 3448 ParVdm - ok 15:07:36.0078 3448 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI E:\WINDOWS\system32\DRIVERS\pci.sys 15:07:36.0171 3448 PCI - ok 15:07:36.0187 3448 PCIDump - ok 15:07:36.0187 3448 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde E:\WINDOWS\system32\DRIVERS\pciide.sys 15:07:36.0281 3448 PCIIde - ok 15:07:36.0296 3448 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia E:\WINDOWS\system32\drivers\Pcmcia.sys 15:07:36.0390 3448 Pcmcia - ok 15:07:36.0390 3448 PDCOMP - ok 15:07:36.0406 3448 PDFRAME - ok 15:07:36.0406 3448 PDRELI - ok 15:07:36.0406 3448 PDRFRAME - ok 15:07:36.0421 3448 perc2 - ok 15:07:36.0421 3448 perc2hib - ok 15:07:36.0453 3448 [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay E:\WINDOWS\system32\services.exe 15:07:36.0531 3448 PlugPlay - ok 15:07:36.0531 3448 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent E:\WINDOWS\System32\lsass.exe 15:07:36.0609 3448 PolicyAgent - ok 15:07:36.0625 3448 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport E:\WINDOWS\system32\DRIVERS\raspptp.sys 15:07:36.0703 3448 PptpMiniport - ok 15:07:36.0718 3448 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor E:\WINDOWS\system32\DRIVERS\processr.sys 15:07:36.0812 3448 Processor - ok 15:07:36.0812 3448 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage E:\WINDOWS\system32\lsass.exe 15:07:36.0890 3448 ProtectedStorage - ok 15:07:36.0890 3448 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched E:\WINDOWS\system32\DRIVERS\psched.sys 15:07:36.0984 3448 PSched - ok 15:07:37.0000 3448 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink E:\WINDOWS\system32\DRIVERS\ptilink.sys 15:07:37.0093 3448 Ptilink - ok 15:07:37.0093 3448 ql1080 - ok 15:07:37.0109 3448 Ql10wnt - ok 15:07:37.0109 3448 ql12160 - ok 15:07:37.0125 3448 ql1240 - ok 15:07:37.0125 3448 ql1280 - ok 15:07:37.0140 3448 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd E:\WINDOWS\system32\DRIVERS\rasacd.sys 15:07:37.0234 3448 RasAcd - ok 15:07:37.0281 3448 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto E:\WINDOWS\System32\rasauto.dll 15:07:37.0359 3448 RasAuto - ok 15:07:37.0375 3448 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp E:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:07:37.0468 3448 Rasl2tp - ok 15:07:37.0500 3448 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan E:\WINDOWS\System32\rasmans.dll 15:07:37.0593 3448 RasMan - ok 15:07:37.0593 3448 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe E:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:07:37.0671 3448 RasPppoe - ok 15:07:37.0687 3448 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti E:\WINDOWS\system32\DRIVERS\raspti.sys 15:07:37.0781 3448 Raspti - ok 15:07:37.0812 3448 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss E:\WINDOWS\system32\DRIVERS\rdbss.sys 15:07:37.0890 3448 Rdbss - ok 15:07:37.0906 3448 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD E:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:07:38.0000 3448 RDPCDD - ok 15:07:38.0031 3448 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD E:\WINDOWS\system32\drivers\RDPWD.sys 15:07:38.0109 3448 RDPWD - ok 15:07:38.0156 3448 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr E:\WINDOWS\system32\sessmgr.exe 15:07:38.0250 3448 RDSessMgr - ok 15:07:38.0265 3448 [ ED761D453856F795A7FE056E42C36365 ] redbook E:\WINDOWS\system32\DRIVERS\redbook.sys 15:07:38.0328 3448 redbook - ok 15:07:38.0375 3448 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess E:\WINDOWS\System32\mprdim.dll 15:07:38.0468 3448 RemoteAccess - ok 15:07:38.0484 3448 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator E:\WINDOWS\System32\locator.exe 15:07:38.0562 3448 RpcLocator - ok 15:07:38.0593 3448 [ E970C2296916BF4A2F958680016FE312 ] RpcSs E:\WINDOWS\system32\rpcss.dll 15:07:38.0671 3448 RpcSs - ok 15:07:38.0703 3448 [ C7C13D4F574CF7794348B3B2A3F198D8 ] RSUSBSTOR E:\WINDOWS\system32\Drivers\RtsUStor.sys 15:07:38.0718 3448 RSUSBSTOR - ok 15:07:38.0750 3448 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP E:\WINDOWS\System32\rsvp.exe 15:07:38.0843 3448 RSVP - ok 15:07:38.0906 3448 [ 4B0F4924376C1D6CE2955D2FA1E8C9D1 ] RT80x86 E:\WINDOWS\system32\DRIVERS\RT2860.sys 15:07:38.0968 3448 RT80x86 - ok 15:07:38.0968 3448 RtsUIR - ok 15:07:38.0984 3448 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs E:\WINDOWS\system32\lsass.exe 15:07:39.0062 3448 SamSs - ok 15:07:39.0093 3448 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr E:\WINDOWS\System32\SCardSvr.exe 15:07:39.0187 3448 SCardSvr - ok 15:07:39.0218 3448 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule E:\WINDOWS\system32\schedsvc.dll 15:07:39.0312 3448 Schedule - ok 15:07:39.0359 3448 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv E:\WINDOWS\system32\DRIVERS\secdrv.sys 15:07:39.0437 3448 Secdrv - ok 15:07:39.0453 3448 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon E:\WINDOWS\System32\seclogon.dll 15:07:39.0531 3448 seclogon - ok 15:07:39.0531 3448 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS E:\WINDOWS\system32\sens.dll 15:07:39.0625 3448 SENS - ok 15:07:39.0656 3448 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial E:\WINDOWS\system32\drivers\Serial.sys 15:07:39.0734 3448 Serial - ok 15:07:39.0750 3448 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy E:\WINDOWS\system32\drivers\Sfloppy.sys 15:07:39.0843 3448 Sfloppy - ok 15:07:39.0890 3448 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess E:\WINDOWS\System32\ipnathlp.dll 15:07:39.0984 3448 SharedAccess - ok 15:07:40.0015 3448 [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection E:\WINDOWS\System32\shsvcs.dll 15:07:40.0093 3448 ShellHWDetection - ok 15:07:40.0093 3448 Simbad - ok 15:07:40.0109 3448 Sparrow - ok 15:07:40.0156 3448 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter E:\WINDOWS\system32\drivers\splitter.sys 15:07:40.0234 3448 splitter - ok 15:07:40.0265 3448 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler E:\WINDOWS\system32\spoolsv.exe 15:07:40.0359 3448 Spooler - ok 15:07:40.0406 3448 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr E:\WINDOWS\system32\DRIVERS\sr.sys 15:07:40.0484 3448 sr - ok 15:07:40.0515 3448 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice E:\WINDOWS\System32\srsvc.dll 15:07:40.0609 3448 srservice - ok 15:07:40.0609 3448 [ 5252605079810904E31C332E241CD59B ] Srv E:\WINDOWS\system32\DRIVERS\srv.sys 15:07:40.0703 3448 Srv - ok 15:07:40.0718 3448 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV E:\WINDOWS\System32\ssdpsrv.dll 15:07:40.0812 3448 SSDPSRV - ok 15:07:40.0843 3448 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc E:\WINDOWS\system32\wiaservc.dll 15:07:40.0953 3448 stisvc - ok 15:07:40.0968 3448 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum E:\WINDOWS\system32\DRIVERS\swenum.sys 15:07:41.0062 3448 swenum - ok 15:07:41.0093 3448 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi E:\WINDOWS\system32\drivers\swmidi.sys 15:07:41.0171 3448 swmidi - ok 15:07:41.0171 3448 SwPrv - ok 15:07:41.0171 3448 symc810 - ok 15:07:41.0187 3448 symc8xx - ok 15:07:41.0187 3448 sym_hi - ok 15:07:41.0203 3448 sym_u3 - ok 15:07:41.0218 3448 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio E:\WINDOWS\system32\drivers\sysaudio.sys 15:07:41.0296 3448 sysaudio - ok 15:07:41.0328 3448 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog E:\WINDOWS\system32\smlogsvc.exe 15:07:41.0406 3448 SysmonLog - ok 15:07:41.0437 3448 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv E:\WINDOWS\System32\tapisrv.dll 15:07:41.0515 3448 TapiSrv - ok 15:07:41.0562 3448 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip E:\WINDOWS\system32\DRIVERS\tcpip.sys 15:07:41.0640 3448 Tcpip - ok 15:07:41.0656 3448 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE E:\WINDOWS\system32\drivers\TDPIPE.sys 15:07:41.0750 3448 TDPIPE - ok 15:07:41.0781 3448 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP E:\WINDOWS\system32\drivers\TDTCP.sys 15:07:41.0875 3448 TDTCP - ok 15:07:41.0890 3448 [ 88155247177638048422893737429D9E ] TermDD E:\WINDOWS\system32\DRIVERS\termdd.sys 15:07:41.0968 3448 TermDD - ok 15:07:41.0984 3448 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService E:\WINDOWS\System32\termsrv.dll 15:07:42.0062 3448 TermService - ok 15:07:42.0078 3448 [ 40602EBFBE06AA075C8E4560743F6883 ] Themes E:\WINDOWS\System32\shsvcs.dll 15:07:42.0156 3448 Themes - ok 15:07:42.0171 3448 TosIde - ok 15:07:42.0187 3448 [ 626504572B175867F30F3215C04B3E2F ] TrkWks E:\WINDOWS\system32\trkwks.dll 15:07:42.0265 3448 TrkWks - ok 15:07:42.0281 3448 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs E:\WINDOWS\system32\drivers\Udfs.sys 15:07:42.0359 3448 Udfs - ok 15:07:42.0375 3448 ultra - ok 15:07:42.0406 3448 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update E:\WINDOWS\system32\DRIVERS\update.sys 15:07:42.0484 3448 Update - ok 15:07:42.0515 3448 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost E:\WINDOWS\System32\upnphost.dll 15:07:42.0609 3448 upnphost - ok 15:07:42.0640 3448 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS E:\WINDOWS\System32\ups.exe 15:07:42.0734 3448 UPS - ok 15:07:42.0734 3448 USBCCID - ok 15:07:42.0750 3448 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci E:\WINDOWS\system32\DRIVERS\usbehci.sys 15:07:42.0828 3448 usbehci - ok 15:07:42.0843 3448 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub E:\WINDOWS\system32\DRIVERS\usbhub.sys 15:07:42.0937 3448 usbhub - ok 15:07:42.0953 3448 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci E:\WINDOWS\system32\DRIVERS\usbohci.sys 15:07:43.0046 3448 usbohci - ok 15:07:43.0078 3448 [ A717C8721046828520C9EDF31288FC00 ] usbprint E:\WINDOWS\system32\DRIVERS\usbprint.sys 15:07:43.0171 3448 usbprint - ok 15:07:43.0203 3448 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:07:43.0281 3448 usbstor - ok 15:07:43.0296 3448 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave E:\WINDOWS\System32\drivers\vga.sys 15:07:43.0390 3448 VgaSave - ok 15:07:43.0390 3448 ViaIde - ok 15:07:43.0421 3448 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap E:\WINDOWS\system32\drivers\VolSnap.sys 15:07:43.0515 3448 VolSnap - ok 15:07:43.0562 3448 [ 68F106273BE29E7B7EF8266977268E78 ] VSS E:\WINDOWS\System32\vssvc.exe 15:07:43.0640 3448 VSS - ok 15:07:43.0671 3448 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time E:\WINDOWS\System32\w32time.dll 15:07:43.0765 3448 W32Time - ok 15:07:43.0812 3448 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp E:\WINDOWS\system32\DRIVERS\wanarp.sys 15:07:43.0890 3448 Wanarp - ok 15:07:43.0890 3448 WDICA - ok 15:07:43.0906 3448 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud E:\WINDOWS\system32\drivers\wdmaud.sys 15:07:43.0984 3448 wdmaud - ok 15:07:44.0015 3448 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient E:\WINDOWS\System32\webclnt.dll 15:07:44.0109 3448 WebClient - ok 15:07:44.0109 3448 winmgmt - ok 15:07:44.0156 3448 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN E:\WINDOWS\System32\mspmsnsv.dll 15:07:44.0265 3448 WmdmPmSN - ok 15:07:44.0296 3448 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi E:\WINDOWS\system32\DRIVERS\wmiacpi.sys 15:07:44.0375 3448 WmiAcpi - ok 15:07:44.0437 3448 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv E:\WINDOWS\System32\wbem\wmiapsrv.exe 15:07:44.0531 3448 WmiApSrv - ok 15:07:44.0609 3448 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 15:07:44.0640 3448 WPFFontCache_v0400 - ok 15:07:44.0671 3448 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL E:\WINDOWS\System32\drivers\ws2ifsl.sys 15:07:44.0765 3448 WS2IFSL - ok 15:07:44.0812 3448 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc E:\WINDOWS\system32\wscsvc.dll 15:07:44.0906 3448 wscsvc - ok 15:07:44.0937 3448 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv E:\WINDOWS\system32\wuauserv.dll 15:07:45.0031 3448 wuauserv - ok 15:07:45.0062 3448 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC E:\WINDOWS\System32\wzcsvc.dll 15:07:45.0156 3448 WZCSVC - ok 15:07:45.0187 3448 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov E:\WINDOWS\System32\xmlprov.dll 15:07:45.0265 3448 xmlprov - ok 15:07:45.0312 3448 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService E:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe 15:07:45.0343 3448 YahooAUService - ok 15:07:45.0343 3448 ================ Scan global =============================== 15:07:45.0375 3448 [ 2C60091CA5F67C3032EAB3B30390C27F ] E:\WINDOWS\system32\basesrv.dll 15:07:45.0390 3448 [ 4CD408F799D4A72B0DE1F1116A77A48E ] E:\WINDOWS\system32\winsrv.dll 15:07:45.0406 3448 [ 4CD408F799D4A72B0DE1F1116A77A48E ] E:\WINDOWS\system32\winsrv.dll 15:07:45.0421 3448 [ 4BB6A83640F1D1792AD21CE767B621C6 ] E:\WINDOWS\system32\services.exe 15:07:45.0421 3448 [Global] - ok 15:07:45.0421 3448 ================ Scan MBR ================================== 15:07:45.0437 3448 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 15:07:45.0703 3448 \Device\Harddisk0\DR0 - ok 15:07:45.0703 3448 ================ Scan VBR ================================== 15:07:45.0703 3448 [ F6AEB760BDB4241C895660634A48C687 ] \Device\Harddisk0\DR0\Partition1 15:07:45.0703 3448 \Device\Harddisk0\DR0\Partition1 - ok 15:07:45.0734 3448 [ E71D37667C41BD5CDE024824CCBC6BEA ] \Device\Harddisk0\DR0\Partition2 15:07:45.0734 3448 \Device\Harddisk0\DR0\Partition2 - ok 15:07:45.0734 3448 ================ Scan active images ======================== 15:07:45.0734 3448 [ E283B97CFBEB86C1D86BAED5F7846A92 ] E:\WINDOWS\system32\drivers\i8042prt.sys 15:07:45.0734 3448 E:\WINDOWS\system32\drivers\i8042prt.sys - ok 15:07:45.0750 3448 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] E:\WINDOWS\system32\drivers\intelppm.sys 15:07:45.0750 3448 E:\WINDOWS\system32\drivers\intelppm.sys - ok 15:07:45.0750 3448 [ 0F6C187D38D98F8DF904589A5F94D411 ] E:\WINDOWS\system32\drivers\cmbatt.sys 15:07:45.0750 3448 E:\WINDOWS\system32\drivers\cmbatt.sys - ok 15:07:45.0750 3448 [ 1704D8C4C8807B889E43C649B478A452 ] E:\WINDOWS\system32\drivers\kbdclass.sys 15:07:45.0750 3448 E:\WINDOWS\system32\drivers\kbdclass.sys - ok 15:07:45.0765 3448 [ B24CE8005DEAB254C0251E15CB71D802 ] E:\WINDOWS\system32\drivers\mouclass.sys 15:07:45.0765 3448 E:\WINDOWS\system32\drivers\mouclass.sys - ok 15:07:45.0765 3448 [ 2A085AEC3AB2B1211611D2A7B9E22456 ] E:\WINDOWS\system32\drivers\nvsmu.sys 15:07:45.0765 3448 E:\WINDOWS\system32\drivers\nvsmu.sys - ok 15:07:45.0765 3448 [ C42584FD66CE9E17403AEBCA199F7BDB ] E:\WINDOWS\system32\drivers\wmiacpi.sys 15:07:45.0765 3448 E:\WINDOWS\system32\drivers\wmiacpi.sys - ok 15:07:45.0781 3448 [ 573C7D0A32852B48F3058CFD8026F511 ] E:\WINDOWS\system32\drivers\hdaudbus.sys 15:07:45.0781 3448 E:\WINDOWS\system32\drivers\hdaudbus.sys - ok 15:07:45.0781 3448 [ 42DDEC86AF1378BD6E5FFC0D2C8E9F40 ] E:\WINDOWS\system32\drivers\nvnrm.sys 15:07:45.0781 3448 E:\WINDOWS\system32\drivers\nvnrm.sys - ok 15:07:45.0781 3448 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] E:\WINDOWS\system32\drivers\usbehci.sys 15:07:45.0781 3448 E:\WINDOWS\system32\drivers\usbehci.sys - ok 15:07:45.0796 3448 [ 0DAECCE65366EA32B162F85F07C6753B ] E:\WINDOWS\system32\drivers\usbohci.sys 15:07:45.0796 3448 E:\WINDOWS\system32\drivers\usbohci.sys - ok 15:07:45.0796 3448 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] E:\WINDOWS\system32\drivers\usbport.sys 15:07:45.0796 3448 E:\WINDOWS\system32\drivers\usbport.sys - ok 15:07:45.0796 3448 [ 083A052659F5310DD8B6A6CB05EDCF8E ] E:\WINDOWS\system32\drivers\imapi.sys 15:07:45.0796 3448 E:\WINDOWS\system32\drivers\imapi.sys - ok 15:07:45.0812 3448 [ A3CD61AF33E8B3CC2CC22BD37F867D54 ] E:\WINDOWS\system32\drivers\nvnetbus.sys 15:07:45.0812 3448 E:\WINDOWS\system32\drivers\nvnetbus.sys - ok 15:07:45.0812 3448 [ 1F4260CC5B42272D71F79E570A27A4FE ] E:\WINDOWS\system32\drivers\cdrom.sys 15:07:45.0812 3448 E:\WINDOWS\system32\drivers\cdrom.sys - ok 15:07:45.0812 3448 [ 0753515F78DF7F271A5E61C20BCD36A1 ] E:\WINDOWS\system32\drivers\ks.sys 15:07:45.0812 3448 E:\WINDOWS\system32\drivers\ks.sys - ok 15:07:45.0828 3448 [ ED761D453856F795A7FE056E42C36365 ] E:\WINDOWS\system32\drivers\redbook.sys 15:07:45.0828 3448 E:\WINDOWS\system32\drivers\redbook.sys - ok 15:07:45.0828 3448 [ E28726B72C46821A28830E077D39A55B ] E:\WINDOWS\system32\drivers\videoprt.sys 15:07:45.0828 3448 E:\WINDOWS\system32\drivers\videoprt.sys - ok 15:07:45.0828 3448 [ 69CC3F6412875865DB687A487C5AF66E ] E:\WINDOWS\system32\drivers\nv4_mini.sys 15:07:45.0828 3448 E:\WINDOWS\system32\drivers\nv4_mini.sys - ok 15:07:45.0843 3448 [ 4B0F4924376C1D6CE2955D2FA1E8C9D1 ] E:\WINDOWS\system32\drivers\rt2860.sys 15:07:45.0843 3448 E:\WINDOWS\system32\drivers\rt2860.sys - ok 15:07:45.0843 3448 [ D9F724AA26C010A217C97606B160ED68 ] E:\WINDOWS\system32\drivers\audstub.sys 15:07:45.0843 3448 E:\WINDOWS\system32\drivers\audstub.sys - ok 15:07:45.0843 3448 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] E:\WINDOWS\system32\drivers\ndistapi.sys 15:07:45.0843 3448 E:\WINDOWS\system32\drivers\ndistapi.sys - ok 15:07:45.0859 3448 [ EDC1531A49C80614B2CFDA43CA8659AB ] E:\WINDOWS\system32\drivers\ndiswan.sys 15:07:45.0859 3448 E:\WINDOWS\system32\drivers\ndiswan.sys - ok 15:07:45.0859 3448 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] E:\WINDOWS\system32\drivers\rasl2tp.sys 15:07:45.0859 3448 E:\WINDOWS\system32\drivers\rasl2tp.sys - ok 15:07:45.0859 3448 [ 5BC962F2654137C9909C3D4603587DEE ] E:\WINDOWS\system32\drivers\raspppoe.sys 15:07:45.0859 3448 E:\WINDOWS\system32\drivers\raspppoe.sys - ok 15:07:45.0875 3448 [ 0539D5E53587F82D1B4FD74C5BE205CF ] E:\WINDOWS\system32\drivers\tdi.sys 15:07:45.0875 3448 E:\WINDOWS\system32\drivers\tdi.sys - ok 15:07:45.0875 3448 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] E:\WINDOWS\system32\drivers\raspptp.sys 15:07:45.0875 3448 E:\WINDOWS\system32\drivers\raspptp.sys - ok 15:07:45.0875 3448 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] E:\WINDOWS\system32\drivers\msgpc.sys 15:07:45.0875 3448 E:\WINDOWS\system32\drivers\msgpc.sys - ok 15:07:45.0890 3448 [ 09298EC810B07E5D582CB3A3F9255424 ] E:\WINDOWS\system32\drivers\psched.sys 15:07:45.0890 3448 E:\WINDOWS\system32\drivers\psched.sys - ok 15:07:45.0890 3448 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] E:\WINDOWS\system32\drivers\ptilink.sys 15:07:45.0890 3448 E:\WINDOWS\system32\drivers\ptilink.sys - ok 15:07:45.0890 3448 [ FDBB1D60066FCFBB7452FD8F9829B242 ] E:\WINDOWS\system32\drivers\raspti.sys 15:07:45.0890 3448 E:\WINDOWS\system32\drivers\raspti.sys - ok 15:07:45.0906 3448 [ 88155247177638048422893737429D9E ] E:\WINDOWS\system32\drivers\termdd.sys 15:07:45.0906 3448 E:\WINDOWS\system32\drivers\termdd.sys - ok 15:07:45.0906 3448 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] E:\WINDOWS\system32\drivers\swenum.sys 15:07:45.0906 3448 E:\WINDOWS\system32\drivers\swenum.sys - ok 15:07:45.0906 3448 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] E:\WINDOWS\system32\drivers\update.sys 15:07:45.0906 3448 E:\WINDOWS\system32\drivers\update.sys - ok 15:07:45.0921 3448 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] E:\WINDOWS\system32\drivers\mssmbios.sys 15:07:45.0921 3448 E:\WINDOWS\system32\drivers\mssmbios.sys - ok 15:07:45.0921 3448 [ 6215023940CFD3702B46ABC304E1D45A ] E:\WINDOWS\system32\drivers\ndproxy.sys 15:07:45.0921 3448 E:\WINDOWS\system32\drivers\ndproxy.sys - ok 15:07:45.0921 3448 [ 596EB39B50D6EBD9B734DC4AE0544693 ] E:\WINDOWS\system32\drivers\usbd.sys 15:07:45.0921 3448 E:\WINDOWS\system32\drivers\usbd.sys - ok 15:07:45.0937 3448 [ 1AB3CDDE553B6E064D2E754EFE20285C ] E:\WINDOWS\system32\drivers\usbhub.sys 15:07:45.0937 3448 E:\WINDOWS\system32\drivers\usbhub.sys - ok 15:07:45.0937 3448 [ 28727D0F5CA6579890D0B6AD1598C935 ] E:\WINDOWS\system32\drivers\NVENETFD.sys 15:07:45.0937 3448 E:\WINDOWS\system32\drivers\NVENETFD.sys - ok 15:07:45.0937 3448 [ 6CB08593487F5701D2D2254E693EAFCE ] E:\WINDOWS\system32\drivers\drmk.sys 15:07:45.0937 3448 E:\WINDOWS\system32\drivers\drmk.sys - ok 15:07:45.0953 3448 [ E82A496C3961EFC6828B508C310CE98F ] E:\WINDOWS\system32\drivers\portcls.sys 15:07:45.0953 3448 E:\WINDOWS\system32\drivers\portcls.sys - ok 15:07:45.0953 3448 [ 2B1CDDFE53715372B2677ACE12FC9FE5 ] E:\WINDOWS\system32\drivers\RtkHDAud.sys 15:07:45.0953 3448 E:\WINDOWS\system32\drivers\RtkHDAud.sys - ok 15:07:45.0953 3448 [ AB899F1C08D01C2D2D14E45867A6982A ] E:\WINDOWS\system32\drivers\nvhda32.sys 15:07:45.0953 3448 E:\WINDOWS\system32\drivers\nvhda32.sys - ok 15:07:45.0968 3448 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] E:\WINDOWS\system32\drivers\fdc.sys 15:07:45.0968 3448 E:\WINDOWS\system32\drivers\fdc.sys - ok 15:07:45.0984 3448 [ DA1F27D85E0D1525F6621372E7B685E9 ] E:\WINDOWS\system32\drivers\beep.sys 15:07:45.0984 3448 E:\WINDOWS\system32\drivers\beep.sys - ok 15:07:45.0984 3448 [ C1B486A7658353D33A10CC15211A873B ] E:\WINDOWS\system32\drivers\cdaudio.sys 15:07:45.0984 3448 E:\WINDOWS\system32\drivers\cdaudio.sys - ok 15:07:45.0984 3448 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] E:\WINDOWS\system32\drivers\flpydisk.sys 15:07:45.0984 3448 E:\WINDOWS\system32\drivers\flpydisk.sys - ok 15:07:46.0000 3448 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] E:\WINDOWS\system32\drivers\fs_rec.sys 15:07:46.0000 3448 E:\WINDOWS\system32\drivers\fs_rec.sys - ok 15:07:46.0000 3448 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] E:\WINDOWS\system32\drivers\null.sys 15:07:46.0000 3448 E:\WINDOWS\system32\drivers\null.sys - ok 15:07:46.0000 3448 [ 8E6B8C671615D126FDC553D1E2DE5562 ] E:\WINDOWS\system32\drivers\sfloppy.sys 15:07:46.0000 3448 E:\WINDOWS\system32\drivers\sfloppy.sys - ok 15:07:46.0015 3448 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] E:\WINDOWS\system32\drivers\vga.sys 15:07:46.0015 3448 E:\WINDOWS\system32\drivers\vga.sys - ok 15:07:46.0015 3448 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] E:\WINDOWS\system32\drivers\mnmdd.sys 15:07:46.0015 3448 E:\WINDOWS\system32\drivers\mnmdd.sys - ok 15:07:46.0015 3448 [ 4912D5B403614CE99C28420F75353332 ] E:\WINDOWS\system32\drivers\rdpcdd.sys 15:07:46.0015 3448 E:\WINDOWS\system32\drivers\rdpcdd.sys - ok 15:07:46.0015 3448 [ C941EA2454BA8350021D774DAF0F1027 ] E:\WINDOWS\system32\drivers\msfs.sys 15:07:46.0031 3448 E:\WINDOWS\system32\drivers\msfs.sys - ok 15:07:46.0031 3448 [ 3182D64AE053D6FB034F44B6DEF8034A ] E:\WINDOWS\system32\drivers\npfs.sys 15:07:46.0031 3448 E:\WINDOWS\system32\drivers\npfs.sys - ok 15:07:46.0031 3448 [ 23C74D75E36E7158768DD63D92789A91 ] E:\WINDOWS\system32\drivers\ipsec.sys 15:07:46.0031 3448 E:\WINDOWS\system32\drivers\ipsec.sys - ok 15:07:46.0046 3448 [ FE0D99D6F31E4FAD8159F690D68DED9C ] E:\WINDOWS\system32\drivers\rasacd.sys 15:07:46.0046 3448 E:\WINDOWS\system32\drivers\rasacd.sys - ok 15:07:46.0046 3448 [ 93EA8D04EC73A85DB02EB8805988F733 ] E:\WINDOWS\system32\drivers\tcpip.sys 15:07:46.0046 3448 E:\WINDOWS\system32\drivers\tcpip.sys - ok 15:07:46.0046 3448 [ CC748EA12C6EFFDE940EE98098BF96BB ] E:\WINDOWS\system32\drivers\ipnat.sys 15:07:46.0046 3448 E:\WINDOWS\system32\drivers\ipnat.sys - ok 15:07:46.0062 3448 [ 322D0E36693D6E24A2398BEE62A268CD ] E:\WINDOWS\system32\drivers\afd.sys 15:07:46.0062 3448 E:\WINDOWS\system32\drivers\afd.sys - ok 15:07:46.0062 3448 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] E:\WINDOWS\system32\drivers\netbt.sys 15:07:46.0062 3448 E:\WINDOWS\system32\drivers\netbt.sys - ok 15:07:46.0062 3448 [ E20B95BAEDB550F32DD489265C1DA1F6 ] E:\WINDOWS\system32\drivers\wanarp.sys 15:07:46.0062 3448 E:\WINDOWS\system32\drivers\wanarp.sys - ok 15:07:46.0062 3448 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] E:\WINDOWS\system32\drivers\ws2ifsl.sys 15:07:46.0078 3448 E:\WINDOWS\system32\drivers\ws2ifsl.sys - ok 15:07:46.0078 3448 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] E:\WINDOWS\system32\drivers\netbios.sys 15:07:46.0078 3448 E:\WINDOWS\system32\drivers\netbios.sys - ok 15:07:46.0078 3448 [ 2CB55427C58679F49AD600FCCBA76360 ] E:\WINDOWS\system32\drivers\processr.sys 15:07:46.0078 3448 E:\WINDOWS\system32\drivers\processr.sys - ok 15:07:46.0078 3448 [ 7AD224AD1A1437FE28D89CF22B17780A ] E:\WINDOWS\system32\drivers\rdbss.sys 15:07:46.0078 3448 E:\WINDOWS\system32\drivers\rdbss.sys - ok 15:07:46.0093 3448 [ 68755F0FF16070178B54674FE5B847B0 ] E:\WINDOWS\system32\drivers\mrxsmb.sys 15:07:46.0093 3448 E:\WINDOWS\system32\drivers\mrxsmb.sys - ok 15:07:46.0093 3448 [ B0678A548587C5F1967B0D70BACAD6C1 ] E:\WINDOWS\system32\drivers\fips.sys 15:07:46.0093 3448 E:\WINDOWS\system32\drivers\fips.sys - ok 15:07:46.0093 3448 [ B3EFDE4B2CC3AC949BCDE7A89712AFCF ] E:\WINDOWS\system32\smss.exe 15:07:46.0093 3448 E:\WINDOWS\system32\smss.exe - ok 15:07:46.0109 3448 [ 95092EFBE367A108ECDD5D6E439754C3 ] E:\WINDOWS\system32\ntdll.dll 15:07:46.0109 3448 E:\WINDOWS\system32\ntdll.dll - ok 15:07:46.0109 3448 [ 813DB4805C6EF1D8A86EAF530597EAB7 ] E:\WINDOWS\system32\autochk.exe 15:07:46.0109 3448 E:\WINDOWS\system32\autochk.exe - ok 15:07:46.0109 3448 [ C7C13D4F574CF7794348B3B2A3F198D8 ] E:\WINDOWS\system32\drivers\RtsUStor.sys 15:07:46.0109 3448 E:\WINDOWS\system32\drivers\RtsUStor.sys - ok 15:07:46.0125 3448 [ 5251425B86EA4A3532B8BB8D14044E61 ] E:\WINDOWS\system32\sfcfiles.dll 15:07:46.0125 3448 E:\WINDOWS\system32\sfcfiles.dll - ok 15:07:46.0125 3448 [ C885B02847F5D2FD45A24E219ED93B32 ] E:\WINDOWS\system32\drivers\cdfs.sys 15:07:46.0125 3448 E:\WINDOWS\system32\drivers\cdfs.sys - ok 15:07:46.0125 3448 [ 2F31B7F954BED437F2C75026C65CAF7B ] E:\WINDOWS\system32\drivers\wmilib.sys 15:07:46.0125 3448 E:\WINDOWS\system32\drivers\wmilib.sys - ok 15:07:46.0140 3448 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] E:\WINDOWS\system32\drivers\atapi.sys 15:07:46.0140 3448 E:\WINDOWS\system32\drivers\atapi.sys - ok 15:07:46.0140 3448 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] E:\WINDOWS\system32\drivers\dxapi.sys 15:07:46.0140 3448 E:\WINDOWS\system32\drivers\dxapi.sys - ok 15:07:46.0140 3448 [ 9A10AACBFDC4922715375FB4065EC930 ] E:\WINDOWS\system32\watchdog.sys 15:07:46.0140 3448 E:\WINDOWS\system32\watchdog.sys - ok 15:07:46.0156 3448 [ 261BC0644BEFEF7D3DB5E45D244866FA ] E:\WINDOWS\system32\win32k.sys 15:07:46.0156 3448 E:\WINDOWS\system32\win32k.sys - ok 15:07:46.0156 3448 [ 2C60091CA5F67C3032EAB3B30390C27F ] E:\WINDOWS\system32\basesrv.dll 15:07:46.0156 3448 E:\WINDOWS\system32\basesrv.dll - ok 15:07:46.0156 3448 [ D192E1ECA15213F90601FF4DF5683C15 ] E:\WINDOWS\system32\csrsrv.dll 15:07:46.0156 3448 E:\WINDOWS\system32\csrsrv.dll - ok 15:07:46.0171 3448 [ 9B22AAE3566AEFEE33CE498DBE0D2FD2 ] E:\WINDOWS\system32\csrss.exe 15:07:46.0171 3448 E:\WINDOWS\system32\csrss.exe - ok 15:07:46.0171 3448 [ ADDA37626598A6F5ED786195EAC26A4F ] E:\WINDOWS\system32\gdi32.dll 15:07:46.0171 3448 E:\WINDOWS\system32\gdi32.dll - ok 15:07:46.0171 3448 [ 4C897C69754D88F496339B1A666907C1 ] E:\WINDOWS\system32\kernel32.dll 15:07:46.0171 3448 E:\WINDOWS\system32\kernel32.dll - ok 15:07:46.0187 3448 [ 4CD408F799D4A72B0DE1F1116A77A48E ] E:\WINDOWS\system32\winsrv.dll 15:07:46.0187 3448 E:\WINDOWS\system32\winsrv.dll - ok 15:07:46.0187 3448 [ B0050CC5340E3A0760DD8B417FF7AEBD ] E:\WINDOWS\system32\user32.dll 15:07:46.0187 3448 E:\WINDOWS\system32\user32.dll - ok 15:07:46.0187 3448 [ AC7280566A7BB85CB3291F04DDC1198E ] E:\WINDOWS\system32\drivers\dxg.sys 15:07:46.0187 3448 E:\WINDOWS\system32\drivers\dxg.sys - ok 15:07:46.0203 3448 [ A73F5D6705B1D820C19B18782E176EFD ] E:\WINDOWS\system32\drivers\dxgthk.sys 15:07:46.0203 3448 E:\WINDOWS\system32\drivers\dxgthk.sys - ok 15:07:46.0203 3448 [ 6BDDA3A99C84C2F3467392D4C6EDAC1F ] E:\WINDOWS\system32\nv4_disp.dll 15:07:46.0203 3448 E:\WINDOWS\system32\nv4_disp.dll - ok 15:07:46.0203 3448 [ 95C6B8206B8A55D89CD517675583AA4B ] E:\WINDOWS\system32\vga.dll 15:07:46.0203 3448 E:\WINDOWS\system32\vga.dll - ok 15:07:46.0218 3448 [ F09A527B422E25C478E38CAA0E44417A ] E:\WINDOWS\system32\winlogon.exe 15:07:46.0218 3448 E:\WINDOWS\system32\winlogon.exe - ok 15:07:46.0218 3448 [ 53E1CCF332A2F40B5E08476921CD8B44 ] E:\WINDOWS\system32\advapi32.dll 15:07:46.0218 3448 E:\WINDOWS\system32\advapi32.dll - ok 15:07:46.0218 3448 [ E7E67C2EE5A306B2AF30D4B446248E34 ] E:\WINDOWS\system32\rpcrt4.dll 15:07:46.0218 3448 E:\WINDOWS\system32\rpcrt4.dll - ok 15:07:46.0234 3448 [ 8B171E51F5486FC0ACE108BE3E76B1E0 ] E:\WINDOWS\system32\authz.dll 15:07:46.0234 3448 E:\WINDOWS\system32\authz.dll - ok 15:07:46.0234 3448 [ 7727D9C5FFB84E103484D52F978D5DC6 ] E:\WINDOWS\system32\crypt32.dll 15:07:46.0234 3448 E:\WINDOWS\system32\crypt32.dll - ok 15:07:46.0234 3448 [ C6A6E53A0C34EC87883137A6CB87AE5E ] E:\WINDOWS\system32\msvcrt.dll 15:07:46.0234 3448 E:\WINDOWS\system32\msvcrt.dll - ok 15:07:46.0250 3448 [ 7CB4DF6D66F99E6C5E09ADFBE29E0275 ] E:\WINDOWS\system32\secur32.dll 15:07:46.0250 3448 E:\WINDOWS\system32\secur32.dll - ok 15:07:46.0250 3448 [ AE8ACAD9F6931ECC0BD9A3751A0AB0C4 ] E:\WINDOWS\system32\msasn1.dll 15:07:46.0250 3448 E:\WINDOWS\system32\msasn1.dll - ok 15:07:46.0250 3448 [ E500CB5F6FE4C1AF388608A54B32E7F7 ] E:\WINDOWS\system32\nddeapi.dll 15:07:46.0250 3448 E:\WINDOWS\system32\nddeapi.dll - ok 15:07:46.0265 3448 [ 7B40A9A5029111D94AB6B97AF0C9FA5E ] E:\WINDOWS\system32\netapi32.dll 15:07:46.0265 3448 E:\WINDOWS\system32\netapi32.dll - ok 15:07:46.0265 3448 [ B50FBE927DA41AB4A151663F59664B82 ] E:\WINDOWS\system32\profmap.dll 15:07:46.0265 3448 E:\WINDOWS\system32\profmap.dll - ok 15:07:46.0265 3448 [ 8CB206B85C69B8FB0E7AD1E949BF3194 ] E:\WINDOWS\system32\userenv.dll 15:07:46.0265 3448 E:\WINDOWS\system32\userenv.dll - ok 15:07:46.0281 3448 [ D0112D84372AB2C47DC9755696354CE6 ] E:\WINDOWS\system32\psapi.dll 15:07:46.0281 3448 E:\WINDOWS\system32\psapi.dll - ok 15:07:46.0281 3448 [ 06C0391672FB97E017B431076F455857 ] E:\WINDOWS\system32\regapi.dll 15:07:46.0281 3448 E:\WINDOWS\system32\regapi.dll - ok 15:07:46.0281 3448 [ 5B04BC7C5AF0E2A0A8EC402B2FCBD9E5 ] E:\WINDOWS\system32\setupapi.dll 15:07:46.0281 3448 E:\WINDOWS\system32\setupapi.dll - ok 15:07:46.0296 3448 [ 24EEC6968BF76464609B2C96523976B8 ] E:\WINDOWS\system32\imagehlp.dll 15:07:46.0296 3448 E:\WINDOWS\system32\imagehlp.dll - ok 15:07:46.0296 3448 [ F86000634319F71535BCE6B06995EE99 ] E:\WINDOWS\system32\version.dll 15:07:46.0296 3448 E:\WINDOWS\system32\version.dll - ok 15:07:46.0296 3448 [ 455AEC2D466FB582D1CB0EF49CE8EDEC ] E:\WINDOWS\system32\winsta.dll 15:07:46.0296 3448 E:\WINDOWS\system32\winsta.dll - ok 15:07:46.0312 3448 [ 493A290C0D641E22578129BE23F2CA82 ] E:\WINDOWS\system32\wintrust.dll 15:07:46.0312 3448 E:\WINDOWS\system32\wintrust.dll - ok 15:07:46.0312 3448 [ F9954695D246B33A5BF105029A4C6AB6 ] E:\WINDOWS\system32\imm32.dll 15:07:46.0312 3448 E:\WINDOWS\system32\imm32.dll - ok 15:07:46.0312 3448 [ C7D8A0517CBF16B84F657DE87EBE9D4B ] E:\WINDOWS\system32\ws2help.dll 15:07:46.0312 3448 E:\WINDOWS\system32\ws2help.dll - ok 15:07:46.0328 3448 [ 6A35E2D6F5F052C84EC2CEB296389439 ] E:\WINDOWS\system32\ws2_32.dll 15:07:46.0328 3448 E:\WINDOWS\system32\ws2_32.dll - ok 15:07:46.0328 3448 [ 3C1708C5C05910FE495D832C6536ED78 ] E:\WINDOWS\system32\kbdgr.dll 15:07:46.0328 3448 E:\WINDOWS\system32\kbdgr.dll - ok 15:07:46.0328 3448 [ 56C5B179FE3308B655EB6208C3256FEC ] E:\WINDOWS\system32\kbdus.dll 15:07:46.0328 3448 E:\WINDOWS\system32\kbdus.dll - ok 15:07:46.0343 3448 [ BEEB23CAA0A08CBECB13D55C1922C86E ] E:\WINDOWS\system32\msgina.dll 15:07:46.0343 3448 E:\WINDOWS\system32\msgina.dll - ok 15:07:46.0343 3448 [ AD28671D1B83A386B070DC451A113C13 ] E:\WINDOWS\system32\comctl32.dll 15:07:46.0343 3448 E:\WINDOWS\system32\comctl32.dll - ok 15:07:46.0343 3448 [ 96E31F7B305D0CD510950B945E2ED829 ] E:\WINDOWS\system32\comdlg32.dll 15:07:46.0343 3448 E:\WINDOWS\system32\comdlg32.dll - ok 15:07:46.0359 3448 [ 220A7166831EE2B71F07010E70AFA34A ] E:\WINDOWS\system32\odbc32.dll 15:07:46.0359 3448 E:\WINDOWS\system32\odbc32.dll - ok 15:07:46.0359 3448 [ 0721590C8C1E99FB4286F1EEA65731C2 ] E:\WINDOWS\system32\shell32.dll 15:07:46.0359 3448 E:\WINDOWS\system32\shell32.dll - ok 15:07:46.0359 3448 [ 21F5F91A49CADC4AB873417F54D17D25 ] E:\WINDOWS\system32\shlwapi.dll 15:07:46.0359 3448 E:\WINDOWS\system32\shlwapi.dll - ok 15:07:46.0375 3448 [ 353FC7A3091E25F831439E94082C9B35 ] E:\WINDOWS\system32\sxs.dll 15:07:46.0375 3448 E:\WINDOWS\system32\sxs.dll - ok 15:07:46.0375 3448 [ 3C93CE6C6985C55952B7BE6673E9FD15 ] E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll 15:07:46.0375 3448 E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - ok 15:07:46.0375 3448 [ 4E7F74CFC0DBB2DB988A8A460A603407 ] E:\WINDOWS\system32\odbcint.dll 15:07:46.0375 3448 E:\WINDOWS\system32\odbcint.dll - ok 15:07:46.0390 3448 [ E08D638BA3D3DD6DF6E31216AB66AE0B ] E:\WINDOWS\system32\ole32.dll 15:07:46.0390 3448 E:\WINDOWS\system32\ole32.dll - ok 15:07:46.0390 3448 [ 44161A59DC33AC2EA9C95438ADFFFB7F ] E:\WINDOWS\system32\sfc.dll 15:07:46.0390 3448 E:\WINDOWS\system32\sfc.dll - ok 15:07:46.0406 3448 [ D110369E8D883029325B77D7E1B7B2AD ] E:\WINDOWS\system32\sfc_os.dll 15:07:46.0406 3448 E:\WINDOWS\system32\sfc_os.dll - ok 15:07:46.0406 3448 [ 40602EBFBE06AA075C8E4560743F6883 ] E:\WINDOWS\system32\shsvcs.dll 15:07:46.0406 3448 E:\WINDOWS\system32\shsvcs.dll - ok 15:07:46.0406 3448 [ 07CBC9E96C70214034E00136D5642492 ] E:\WINDOWS\system32\apphelp.dll 15:07:46.0406 3448 E:\WINDOWS\system32\apphelp.dll - ok 15:07:46.0421 3448 [ CB28AF8C4F50DDD91D1DB253DF0C2679 ] E:\WINDOWS\system32\lsasrv.dll 15:07:46.0421 3448 E:\WINDOWS\system32\lsasrv.dll - ok 15:07:46.0421 3448 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] E:\WINDOWS\system32\lsass.exe 15:07:46.0421 3448 E:\WINDOWS\system32\lsass.exe - ok 15:07:46.0437 3448 [ 243955BFA314C7D48D7A6D5BC4A9922A ] E:\WINDOWS\system32\msvcp60.dll 15:07:46.0437 3448 E:\WINDOWS\system32\msvcp60.dll - ok 15:07:46.0437 3448 [ 2957CF1BDDCF21D3F5DB13AD5E406A7B ] E:\WINDOWS\system32\ncobjapi.dll 15:07:46.0437 3448 E:\WINDOWS\system32\ncobjapi.dll - ok 15:07:46.0437 3448 [ 4BB6A83640F1D1792AD21CE767B621C6 ] E:\WINDOWS\system32\services.exe 15:07:46.0437 3448 E:\WINDOWS\system32\services.exe - ok 15:07:46.0453 3448 [ 37499389DEAE0FF44437AAB7A75DAB73 ] E:\WINDOWS\system32\scesrv.dll 15:07:46.0453 3448 E:\WINDOWS\system32\scesrv.dll - ok 15:07:46.0453 3448 [ 327507F0FD1C410917AD951FE7CAAC2D ] E:\WINDOWS\system32\umpnpmgr.dll 15:07:46.0453 3448 E:\WINDOWS\system32\umpnpmgr.dll - ok 15:07:46.0468 3448 [ 4B6C449D5AAC708E1BBFDF8BB603E4FA ] E:\WINDOWS\AppPatch\acadproc.dll 15:07:46.0468 3448 E:\WINDOWS\AppPatch\acadproc.dll - ok 15:07:46.0468 3448 [ 7717633EB7A76FBD3FB09BACAB07124E ] E:\WINDOWS\system32\mpr.dll 15:07:46.0468 3448 E:\WINDOWS\system32\mpr.dll - ok 15:07:46.0484 3448 [ B5E7026D1CB7D9BCBA0083B9F69683F1 ] E:\WINDOWS\system32\shimeng.dll 15:07:46.0484 3448 E:\WINDOWS\system32\shimeng.dll - ok 15:07:46.0484 3448 [ 292AEB6CBF02DC02445C61EB3F5DAC69 ] E:\WINDOWS\system32\dnsapi.dll 15:07:46.0484 3448 E:\WINDOWS\system32\dnsapi.dll - ok 15:07:46.0484 3448 [ 8007D5DC09EB8646C03B6D61AACC3B20 ] E:\WINDOWS\system32\ntdsapi.dll 15:07:46.0484 3448 E:\WINDOWS\system32\ntdsapi.dll - ok 15:07:46.0500 3448 [ FEB0A547DF442F353E1FC83BC7D7AE73 ] E:\WINDOWS\system32\wldap32.dll 15:07:46.0500 3448 E:\WINDOWS\system32\wldap32.dll - ok 15:07:46.0500 3448 [ 6D526EF248128FCEEAD9D35B3744A10B ] E:\WINDOWS\system32\samlib.dll 15:07:46.0500 3448 E:\WINDOWS\system32\samlib.dll - ok 15:07:46.0515 3448 [ 434ADBB2F0875D881D73A9861220A7FD ] E:\WINDOWS\system32\samsrv.dll 15:07:46.0515 3448 E:\WINDOWS\system32\samsrv.dll - ok 15:07:46.0515 3448 [ AC6927F5C5B4A0478BE981E25C4BDDB6 ] E:\WINDOWS\AppPatch\acgenral.dll 15:07:46.0515 3448 E:\WINDOWS\AppPatch\acgenral.dll - ok 15:07:46.0515 3448 [ 447AF8FE53D79E4F59F9452743C3BB68 ] E:\WINDOWS\system32\cryptdll.dll 15:07:46.0515 3448 E:\WINDOWS\system32\cryptdll.dll - ok 15:07:46.0531 3448 [ 6AEA30E09213A468AE8F2F6071557246 ] E:\WINDOWS\system32\oleaut32.dll 15:07:46.0531 3448 E:\WINDOWS\system32\oleaut32.dll - ok 15:07:46.0531 3448 [ FF452D340940822DF0A1D1BC1D734186 ] E:\WINDOWS\system32\winmm.dll 15:07:46.0531 3448 E:\WINDOWS\system32\winmm.dll - ok 15:07:46.0546 3448 [ 56EB828638033E8DA33A720B22FBBA8A ] E:\WINDOWS\system32\msacm32.dll 15:07:46.0546 3448 E:\WINDOWS\system32\msacm32.dll - ok 15:07:46.0546 3448 [ A00674B8ACB5F8726E5AD35202E091D4 ] E:\WINDOWS\system32\uxtheme.dll 15:07:46.0546 3448 E:\WINDOWS\system32\uxtheme.dll - ok 15:07:46.0562 3448 [ FEA07EF8DE796B6956ED23933675CBE8 ] E:\WINDOWS\system32\schannel.dll 15:07:46.0562 3448 E:\WINDOWS\system32\schannel.dll - ok 15:07:46.0562 3448 [ 394CCD355E86092FFDCCA41F8797861E ] E:\WINDOWS\system32\kerberos.dll 15:07:46.0562 3448 E:\WINDOWS\system32\kerberos.dll - ok 15:07:46.0578 3448 [ 275CAC40038A2643833B5F48FB474857 ] E:\WINDOWS\system32\msctfime.ime 15:07:46.0578 3448 E:\WINDOWS\system32\msctfime.ime - ok 15:07:46.0578 3448 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] E:\WINDOWS\system32\msprivs.dll 15:07:46.0578 3448 E:\WINDOWS\system32\msprivs.dll - ok 15:07:46.0593 3448 [ B65FA22811B17544F24A3E2520F087EF ] E:\WINDOWS\system32\iphlpapi.dll 15:07:46.0593 3448 E:\WINDOWS\system32\iphlpapi.dll - ok 15:07:46.0625 3448 [ 1579CF2100A10C85A4C0758DB66006EE ] E:\WINDOWS\system32\msv1_0.dll 15:07:46.0625 3448 E:\WINDOWS\system32\msv1_0.dll - ok 15:07:46.0625 3448 [ 0098D35F91DEAB9C127360A877F2CF84 ] E:\WINDOWS\system32\netlogon.dll 15:07:46.0625 3448 E:\WINDOWS\system32\netlogon.dll - ok 15:07:46.0640 3448 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] E:\WINDOWS\system32\rsaenh.dll 15:07:46.0640 3448 E:\WINDOWS\system32\rsaenh.dll - ok 15:07:46.0640 3448 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] E:\WINDOWS\system32\w32time.dll 15:07:46.0640 3448 E:\WINDOWS\system32\w32time.dll - ok 15:07:46.0640 3448 [ 22D7E027DD7B81EDAA0BCDCC02449B86 ] E:\WINDOWS\system32\wdigest.dll 15:07:46.0640 3448 E:\WINDOWS\system32\wdigest.dll - ok 15:07:46.0656 3448 [ 798D5AE675FD3A9B7CB836112C0EEC78 ] E:\WINDOWS\system32\winscard.dll 15:07:46.0656 3448 E:\WINDOWS\system32\winscard.dll - ok 15:07:46.0656 3448 [ 0752206793CCA5825C0F8E863D83D81E ] E:\WINDOWS\system32\wtsapi32.dll 15:07:46.0656 3448 E:\WINDOWS\system32\wtsapi32.dll - ok 15:07:46.0656 3448 [ 5132443DF6FC3771A17AB4AE55DCBC28 ] E:\WINDOWS\system32\scecli.dll 15:07:46.0656 3448 E:\WINDOWS\system32\scecli.dll - ok 15:07:46.0671 3448 [ 4FBC75B74479C7A6F829E0CA19DF3366 ] E:\WINDOWS\system32\svchost.exe 15:07:46.0671 3448 E:\WINDOWS\system32\svchost.exe - ok 15:07:46.0671 3448 [ 65ABA37DE32716D6D1164216DB6263BA ] E:\WINDOWS\system32\ntmarta.dll 15:07:46.0671 3448 E:\WINDOWS\system32\ntmarta.dll - ok 15:07:46.0671 3448 [ E970C2296916BF4A2F958680016FE312 ] E:\WINDOWS\system32\rpcss.dll 15:07:46.0671 3448 E:\WINDOWS\system32\rpcss.dll - ok 15:07:46.0687 3448 [ FDB5E2CA5763E37E1D19B7C4AFAE8055 ] E:\WINDOWS\system32\xpsp2res.dll 15:07:46.0687 3448 E:\WINDOWS\system32\xpsp2res.dll - ok 15:07:46.0687 3448 [ 04955AA695448C181B367D964AF158AA ] E:\WINDOWS\system32\eventlog.dll 15:07:46.0687 3448 E:\WINDOWS\system32\eventlog.dll - ok 15:07:46.0687 3448 [ F12B9D9A069331877D006CC81B4735F9 ] E:\WINDOWS\system32\mswsock.dll 15:07:46.0687 3448 E:\WINDOWS\system32\mswsock.dll - ok 15:07:46.0703 3448 [ 0DAF0705D7B39C94E287913226688804 ] E:\WINDOWS\system32\hnetcfg.dll 15:07:46.0703 3448 E:\WINDOWS\system32\hnetcfg.dll - ok 15:07:46.0703 3448 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] E:\Programme\Microsoft Security Client\MsMpEng.exe 15:07:46.0703 3448 E:\Programme\Microsoft Security Client\MsMpEng.exe - ok 15:07:46.0703 3448 [ 469FED8597896DB77B49384BE90E2E0A ] E:\WINDOWS\system32\rasadhlp.dll 15:07:46.0703 3448 E:\WINDOWS\system32\rasadhlp.dll - ok 15:07:46.0718 3448 [ 4934FF44C8B6AE7B4CA0118B3D2CF666 ] E:\WINDOWS\system32\winrnr.dll 15:07:46.0718 3448 E:\WINDOWS\system32\winrnr.dll - ok 15:07:46.0718 3448 [ 02AF8A799D173C2D0C71F399C03AC9E1 ] E:\WINDOWS\system32\wshtcpip.dll 15:07:46.0718 3448 E:\WINDOWS\system32\wshtcpip.dll - ok 15:07:46.0718 3448 [ F556912E70B22D740C9C99E310E3C11F ] E:\Programme\Microsoft Security Client\MpSvc.dll 15:07:46.0718 3448 E:\Programme\Microsoft Security Client\MpSvc.dll - ok 15:07:46.0734 3448 [ 3D9381A332E4373F8811C71BA5078B31 ] E:\Programme\Microsoft Security Client\MpClient.dll 15:07:46.0734 3448 E:\Programme\Microsoft Security Client\MpClient.dll - ok 15:07:46.0734 3448 [ C29A1C9B75BA38FA37F8C44405DEC360 ] E:\WINDOWS\system32\dhcpcsvc.dll 15:07:46.0734 3448 E:\WINDOWS\system32\dhcpcsvc.dll - ok 15:07:46.0734 3448 [ F927A4434C5028758A842943EF1A3849 ] E:\WINDOWS\system32\drivers\ndisuio.sys 15:07:46.0734 3448 E:\WINDOWS\system32\drivers\ndisuio.sys - ok 15:07:46.0750 3448 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] E:\WINDOWS\system32\dnsrslvr.dll 15:07:46.0750 3448 E:\WINDOWS\system32\dnsrslvr.dll - ok 15:07:46.0750 3448 [ AA87D7709021503687326432DC59590D ] E:\Programme\Microsoft Security Client\MpRTP.dll 15:07:46.0750 3448 E:\Programme\Microsoft Security Client\MpRTP.dll - ok 15:07:46.0750 3448 [ 3D9F4EE2A1D0EB842DED330FA06C7FC3 ] E:\WINDOWS\system32\fltlib.dll 15:07:46.0750 3448 E:\WINDOWS\system32\fltlib.dll - ok 15:07:46.0765 3448 [ 636714B7D43C8D0C80449123FD266920 ] E:\WINDOWS\system32\lmhsvc.dll 15:07:46.0765 3448 E:\WINDOWS\system32\lmhsvc.dll - ok 15:07:46.0765 3448 [ C4F109C005F6725162D2D12CA751E4A7 ] E:\WINDOWS\system32\wzcsvc.dll 15:07:46.0765 3448 E:\WINDOWS\system32\wzcsvc.dll - ok 15:07:46.0765 3448 [ 27EE4C04D81A9B5658C819C43221598B ] E:\WINDOWS\system32\eapolqec.dll 15:07:46.0765 3448 E:\WINDOWS\system32\eapolqec.dll - ok 15:07:46.0781 3448 [ 7CC640E3B8D427752F1D5B1093609338 ] E:\WINDOWS\system32\rtutils.dll 15:07:46.0781 3448 E:\WINDOWS\system32\rtutils.dll - ok 15:07:46.0781 3448 [ 43AD9160D7AF6E7EAD00B485EBBAB6A5 ] E:\WINDOWS\system32\wmi.dll 15:07:46.0781 3448 E:\WINDOWS\system32\wmi.dll - ok 15:07:46.0781 3448 [ 6F5ABF78CEB2A64DAC1CD8A8A04E30A5 ] E:\WINDOWS\system32\atl.dll 15:07:46.0781 3448 E:\WINDOWS\system32\atl.dll - ok 15:07:46.0796 3448 [ 06BE178035B554A7638CC45030DFB7A5 ] E:\WINDOWS\system32\qutil.dll 15:07:46.0796 3448 E:\WINDOWS\system32\qutil.dll - ok 15:07:46.0796 3448 [ 6B08275230504D5112CE379A3D9DF8D9 ] E:\WINDOWS\system32\dot3api.dll 15:07:46.0796 3448 E:\WINDOWS\system32\dot3api.dll - ok 15:07:46.0796 3448 [ EC9DB893C89020C2B95D301429535162 ] E:\WINDOWS\system32\esent.dll 15:07:46.0796 3448 E:\WINDOWS\system32\esent.dll - ok 15:07:46.0812 3448 [ D1A962D2DA4241977634365E33DB2417 ] E:\WINDOWS\system32\cscdll.dll 15:07:46.0812 3448 E:\WINDOWS\system32\cscdll.dll - ok 15:07:46.0812 3448 [ F2FBB810CEE3E25F8F923959C400E457 ] E:\WINDOWS\system32\logonui.exe 15:07:46.0812 3448 E:\WINDOWS\system32\logonui.exe - ok 15:07:46.0812 3448 [ 78CC39AD817831F5BAD2B5D79A299F25 ] E:\WINDOWS\system32\clbcatq.dll 15:07:46.0828 3448 E:\WINDOWS\system32\clbcatq.dll - ok 15:07:46.0828 3448 [ 2449D2A51EA2083FA05058F7CEF44714 ] E:\WINDOWS\system32\dimsntfy.dll 15:07:46.0828 3448 E:\WINDOWS\system32\dimsntfy.dll - ok 15:07:46.0828 3448 [ 85D87ABB3889CE139BFFD7C7CBAC396B ] E:\WINDOWS\system32\wlnotify.dll 15:07:46.0828 3448 E:\WINDOWS\system32\wlnotify.dll - ok 15:07:46.0843 3448 [ E12D149442BBFEA6AA952327B2EA0079 ] E:\WINDOWS\system32\winspool.drv 15:07:46.0843 3448 E:\WINDOWS\system32\winspool.drv - ok 15:07:46.0843 3448 [ D0DE8A2EC95184E5193BB4B3112E29DF ] E:\WINDOWS\system32\comres.dll 15:07:46.0843 3448 E:\WINDOWS\system32\comres.dll - ok 15:07:46.0843 3448 [ BDB7897C7845025C085EA76B7210150E ] E:\WINDOWS\system32\duser.dll 15:07:46.0843 3448 E:\WINDOWS\system32\duser.dll - ok 15:07:46.0859 3448 [ DC4E223F5813150073FB5CC63D13293B ] E:\WINDOWS\system32\msimg32.dll 15:07:46.0859 3448 E:\WINDOWS\system32\msimg32.dll - ok 15:07:46.0859 3448 [ DF2A4BD2F67F35D803F5342046BA07C6 ] E:\WINDOWS\system32\oleacc.dll 15:07:46.0859 3448 E:\WINDOWS\system32\oleacc.dll - ok 15:07:46.0859 3448 [ 02F9FA9C679A2BFF4F5A8151619F42CF ] E:\WINDOWS\system32\mlang.dll 15:07:46.0859 3448 E:\WINDOWS\system32\mlang.dll - ok 15:07:46.0875 3448 [ 8395FB1049CB49B2C14C3CACDF9B2B5A ] E:\WINDOWS\system32\cryptui.dll 15:07:46.0875 3448 E:\WINDOWS\system32\cryptui.dll - ok 15:07:46.0875 3448 [ B1CDCB462C2B50F0D66E755D2B285820 ] E:\WINDOWS\system32\rastls.dll 15:07:46.0875 3448 E:\WINDOWS\system32\rastls.dll - ok 15:07:46.0875 3448 [ 8DD8B3F22B6E6E62D6D113AB319D1839 ] E:\WINDOWS\system32\shgina.dll 15:07:46.0875 3448 E:\WINDOWS\system32\shgina.dll - ok 15:07:46.0890 3448 [ 214501D3CC7007F42822D22B01D1D2F7 ] E:\WINDOWS\system32\wininet.dll 15:07:46.0890 3448 E:\WINDOWS\system32\wininet.dll - ok 15:07:46.0890 3448 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] E:\WINDOWS\system32\normaliz.dll 15:07:46.0890 3448 E:\WINDOWS\system32\normaliz.dll - ok 15:07:46.0890 3448 [ B29C65369392CCB5BF2302879F2803CA ] E:\WINDOWS\system32\urlmon.dll 15:07:46.0890 3448 E:\WINDOWS\system32\urlmon.dll - ok 15:07:46.0906 3448 [ C432F3D464213BA15B6C4EDC9EDF0256 ] E:\WINDOWS\system32\iertutil.dll 15:07:46.0906 3448 E:\WINDOWS\system32\iertutil.dll - ok 15:07:46.0906 3448 [ C310CEAF283A8B5D4100E7C81E711F74 ] E:\WINDOWS\system32\mprapi.dll 15:07:46.0906 3448 E:\WINDOWS\system32\mprapi.dll - ok 15:07:46.0906 3448 [ 210199B7F3F632A95C29C916B040EABE ] E:\WINDOWS\system32\activeds.dll 15:07:46.0906 3448 E:\WINDOWS\system32\activeds.dll - ok 15:07:46.0921 3448 [ DEF910C95F7C0C9B36C9A90EE25C924E ] E:\WINDOWS\system32\adsldpc.dll 15:07:46.0921 3448 E:\WINDOWS\system32\adsldpc.dll - ok 15:07:46.0921 3448 [ FC5F5F2EC1676C7CD898155B6546D2AE ] E:\WINDOWS\system32\rasapi32.dll 15:07:46.0921 3448 E:\WINDOWS\system32\rasapi32.dll - ok 15:07:46.0921 3448 [ D4A61C9CFD998B132541C658E60C239D ] E:\WINDOWS\system32\rasman.dll 15:07:46.0921 3448 E:\WINDOWS\system32\rasman.dll - ok 15:07:46.0937 3448 [ 995857A5138976FAEE6455F00033F607 ] E:\WINDOWS\system32\tapi32.dll 15:07:46.0937 3448 E:\WINDOWS\system32\tapi32.dll - ok 15:07:46.0937 3448 [ B4B91D8615D022B4143B9AED662008D1 ] E:\WINDOWS\system32\riched20.dll 15:07:46.0937 3448 E:\WINDOWS\system32\riched20.dll - ok 15:07:46.0937 3448 [ 41696F6200C7151CC0A4A26816E3F577 ] E:\WINDOWS\system32\wzcsapi.dll 15:07:46.0937 3448 E:\WINDOWS\system32\wzcsapi.dll - ok 15:07:46.0953 3448 [ 65F97FA4F5761F74200456AA942E9866 ] E:\WINDOWS\system32\xmlprovi.dll 15:07:46.0953 3448 E:\WINDOWS\system32\xmlprovi.dll - ok 15:07:46.0953 3448 [ FED5D601190B0CCD6A625C92FACDDC74 ] E:\WINDOWS\system32\raschap.dll 15:07:46.0953 3448 E:\WINDOWS\system32\raschap.dll - ok 15:07:46.0953 3448 [ A050194A44D7FA8D7186ED2F4E8367AE ] E:\WINDOWS\system32\schedsvc.dll 15:07:46.0953 3448 E:\WINDOWS\system32\schedsvc.dll - ok 15:07:46.0968 3448 [ C52B07091AD6E6201FA535686E5642FA ] E:\WINDOWS\system32\msidle.dll 15:07:46.0968 3448 E:\WINDOWS\system32\msidle.dll - ok 15:07:46.0968 3448 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] E:\WINDOWS\system32\spoolsv.exe 15:07:46.0968 3448 E:\WINDOWS\system32\spoolsv.exe - ok 15:07:46.0968 3448 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] E:\WINDOWS\system32\audiosrv.dll 15:07:46.0968 3448 E:\WINDOWS\system32\audiosrv.dll - ok 15:07:46.0984 3448 [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] E:\WINDOWS\system32\wkssvc.dll 15:07:46.0984 3448 E:\WINDOWS\system32\wkssvc.dll - ok 15:07:46.0984 3448 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] E:\WINDOWS\system32\drivers\mrxdav.sys 15:07:46.0984 3448 E:\WINDOWS\system32\drivers\mrxdav.sys - ok 15:07:46.0984 3448 [ 9621BE9F6EA24F3D7F09B07853CB5AC8 ] E:\WINDOWS\system32\spoolss.dll 15:07:46.0984 3448 E:\WINDOWS\system32\spoolss.dll - ok 15:07:47.0015 3448 [ 81727C9873E3905A2FFC1EBD07265002 ] E:\WINDOWS\system32\webclnt.dll 15:07:47.0015 3448 E:\WINDOWS\system32\webclnt.dll - ok 15:07:47.0015 3448 [ C5A75EB48E2344ABDC162BDA79E16841 ] E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:07:47.0015 3448 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok 15:07:47.0015 3448 [ F84785660305B9B903FB3BCA8BA29837 ] E:\WINDOWS\system32\drivers\parport.sys 15:07:47.0015 3448 E:\WINDOWS\system32\drivers\parport.sys - ok 15:07:47.0031 3448 [ CF24EB4F0412C82BCD1F4F35A025E31D ] E:\WINDOWS\system32\drivers\serial.sys 15:07:47.0031 3448 E:\WINDOWS\system32\drivers\serial.sys - ok 15:07:47.0031 3448 [ D6F603772A789BB3228F310D650B8BD1 ] E:\WINDOWS\system32\qmgr.dll 15:07:47.0031 3448 E:\WINDOWS\system32\qmgr.dll - ok 15:07:47.0046 3448 [ E5F7C30EDF0892667933BE879F067D67 ] E:\WINDOWS\system32\msvcr100_clr0400.dll 15:07:47.0046 3448 E:\WINDOWS\system32\msvcr100_clr0400.dll - ok 15:07:47.0046 3448 [ DC6A38A2A41B2B40BE3F143203872479 ] E:\WINDOWS\system32\shfolder.dll 15:07:47.0046 3448 E:\WINDOWS\system32\shfolder.dll - ok 15:07:47.0046 3448 [ A7A221F7ED230E24A3186A5234751A08 ] E:\WINDOWS\system32\winhttp.dll 15:07:47.0046 3448 E:\WINDOWS\system32\winhttp.dll - ok 15:07:47.0062 3448 [ E6D88F1F6745BF00B57E7855A2AB696C ] E:\WINDOWS\system32\netman.dll 15:07:47.0062 3448 E:\WINDOWS\system32\netman.dll - ok 15:07:47.0062 3448 [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] E:\WINDOWS\system32\mscoree.dll 15:07:47.0062 3448 E:\WINDOWS\system32\mscoree.dll - ok 15:07:47.0078 3448 [ 121E5C473F0AD53BCFDB6E8181C44F81 ] E:\WINDOWS\system32\netshell.dll 15:07:47.0078 3448 E:\WINDOWS\system32\netshell.dll - ok 15:07:47.0078 3448 [ AFF1657382B09291DCB40ECFD2B673F2 ] E:\WINDOWS\system32\credui.dll 15:07:47.0078 3448 E:\WINDOWS\system32\credui.dll - ok 15:07:47.0078 3448 [ AE1BFF56A081E11208AFFCC7209BF5CE ] E:\WINDOWS\system32\dot3dlg.dll 15:07:47.0078 3448 E:\WINDOWS\system32\dot3dlg.dll - ok 15:07:47.0093 3448 [ 4BAC361B11D8C5F3B38EC668ADD95D60 ] E:\WINDOWS\system32\onex.dll 15:07:47.0093 3448 E:\WINDOWS\system32\onex.dll - ok 15:07:47.0093 3448 [ 14FA15EF89423FBFE55F55BB892C5CF2 ] E:\WINDOWS\system32\eappcfg.dll 15:07:47.0093 3448 E:\WINDOWS\system32\eappcfg.dll - ok 15:07:47.0093 3448 [ 611F824E5C703A5A899F84C5F1699E4D ] E:\WINDOWS\system32\cryptsvc.dll 15:07:47.0109 3448 E:\WINDOWS\system32\cryptsvc.dll - ok 15:07:47.0109 3448 [ D6633FC7D1FCE7DCD7A1FE2564DC4FA6 ] E:\WINDOWS\system32\eappprxy.dll 15:07:47.0109 3448 E:\WINDOWS\system32\eappprxy.dll - ok 15:07:47.0109 3448 [ 47BEAA841455FBEFBAD547A3D2ADDE10 ] E:\WINDOWS\system32\lmabcoms.exe 15:07:47.0109 3448 E:\WINDOWS\system32\lmabcoms.exe - ok 15:07:47.0125 3448 [ 7E7D8DD0AFC6EFAA7F39CCF7B222D751 ] E:\WINDOWS\system32\certcli.dll 15:07:47.0125 3448 E:\WINDOWS\system32\certcli.dll - ok 15:07:47.0125 3448 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] E:\WINDOWS\system32\es.dll 15:07:47.0125 3448 E:\WINDOWS\system32\es.dll - ok 15:07:47.0125 3448 [ CB66BF85BF599BEFD6C6A57C2E20357F ] E:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll 15:07:47.0140 3448 E:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll - ok 15:07:47.0156 3448 [ 877C18558D70587AA7823A1A308AC96B ] E:\WINDOWS\system32\ersvc.dll 15:07:47.0156 3448 E:\WINDOWS\system32\ersvc.dll - ok 15:07:47.0156 3448 [ 128DF804D37C1A26B196B1507C89BED8 ] E:\WINDOWS\system32\lmabserv.dll 15:07:47.0156 3448 E:\WINDOWS\system32\lmabserv.dll - ok 15:07:47.0187 3448 [ A3962F4BBFE699B7EFFBBADE608E314F ] E:\WINDOWS\system32\netmsg.dll 15:07:47.0187 3448 E:\WINDOWS\system32\netmsg.dll - ok 15:07:47.0203 3448 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] E:\WINDOWS\system32\srvsvc.dll 15:07:47.0203 3448 E:\WINDOWS\system32\srvsvc.dll - ok 15:07:47.0203 3448 [ AF80C3FB20B7681AB89E15310AE043C8 ] E:\WINDOWS\system32\nvsvc32.exe 15:07:47.0203 3448 E:\WINDOWS\system32\nvsvc32.exe - ok 15:07:47.0250 3448 [ 5252605079810904E31C332E241CD59B ] E:\WINDOWS\system32\drivers\srv.sys 15:07:47.0250 3448 E:\WINDOWS\system32\drivers\srv.sys - ok 15:07:47.0250 3448 [ 72DC0AFC9BDCFEB18F390B937A24E32C ] E:\WINDOWS\system32\ipsecsvc.dll 15:07:47.0250 3448 E:\WINDOWS\system32\ipsecsvc.dll - ok 15:07:47.0265 3448 [ C8C0BDABC966B6C24D337DF0A0A399E1 ] E:\WINDOWS\system32\powrprof.dll 15:07:47.0265 3448 E:\WINDOWS\system32\powrprof.dll - ok 15:07:47.0265 3448 [ FD187D53C311478B270CFC56A62FF8E5 ] E:\WINDOWS\system32\nvcpl.dll 15:07:47.0265 3448 E:\WINDOWS\system32\nvcpl.dll - ok 15:07:47.0265 3448 [ A3101C65133F0E3FCFF3ABA073BBA89C ] E:\WINDOWS\system32\oakley.dll 15:07:47.0265 3448 E:\WINDOWS\system32\oakley.dll - ok 15:07:47.0281 3448 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] E:\WINDOWS\system32\seclogon.dll 15:07:47.0281 3448 E:\WINDOWS\system32\seclogon.dll - ok 15:07:47.0281 3448 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] E:\WINDOWS\system32\sens.dll 15:07:47.0281 3448 E:\WINDOWS\system32\sens.dll - ok 15:07:47.0281 3448 [ FE77A85495065F3AD59C5C65B6C54182 ] E:\WINDOWS\system32\srsvc.dll 15:07:47.0281 3448 E:\WINDOWS\system32\srsvc.dll - ok 15:07:47.0296 3448 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] E:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe 15:07:47.0296 3448 E:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok 15:07:47.0296 3448 [ AB0B97A27AA94AB681F0B0DD7C1B5E89 ] E:\WINDOWS\system32\psbase.dll 15:07:47.0296 3448 E:\WINDOWS\system32\psbase.dll - ok 15:07:47.0296 3448 [ 1F975474A91306BEFF9A2314A88DB3BF ] E:\WINDOWS\system32\pstorsvc.dll 15:07:47.0296 3448 E:\WINDOWS\system32\pstorsvc.dll - ok 15:07:47.0312 3448 [ 626504572B175867F30F3215C04B3E2F ] E:\WINDOWS\system32\trkwks.dll 15:07:47.0312 3448 E:\WINDOWS\system32\trkwks.dll - ok 15:07:47.0312 3448 [ C6D9B9487143C455C26BFA3D8BE7C445 ] E:\WINDOWS\system32\winipsec.dll 15:07:47.0312 3448 E:\WINDOWS\system32\winipsec.dll - ok 15:07:47.0312 3448 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] E:\WINDOWS\system32\dssenh.dll 15:07:47.0312 3448 E:\WINDOWS\system32\dssenh.dll - ok 15:07:47.0328 3448 [ FC3EC24FCE372C89423E015A2AC1A31E ] E:\WINDOWS\system32\wuaueng.dll 15:07:47.0328 3448 E:\WINDOWS\system32\wuaueng.dll - ok 15:07:47.0328 3448 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] E:\WINDOWS\system32\wuauserv.dll 15:07:47.0328 3448 E:\WINDOWS\system32\wuauserv.dll - ok 15:07:47.0343 3448 [ 5305B850984CFD51170ABA23744D111C ] E:\WINDOWS\system32\lmabinpa.dll 15:07:47.0343 3448 E:\WINDOWS\system32\lmabinpa.dll - ok 15:07:47.0343 3448 [ 77BF11D3757B7047BCF326941B8EA3D5 ] E:\WINDOWS\system32\lmabiesc.dll 15:07:47.0343 3448 E:\WINDOWS\system32\lmabiesc.dll - ok 15:07:47.0359 3448 [ 30EB8C06E567B06FB8EAC8EB0C244B55 ] E:\WINDOWS\system32\lmabiobj.dll 15:07:47.0359 3448 E:\WINDOWS\system32\lmabiobj.dll - ok 15:07:47.0375 3448 [ F5BA44B2017FB602969A94C3BDC9297A ] E:\WINDOWS\system32\lmabusb1.dll 15:07:47.0375 3448 E:\WINDOWS\system32\lmabusb1.dll - ok 15:07:47.0375 3448 [ 7659F638CC316E1771E6EE8116AB9309 ] E:\WINDOWS\system32\cabinet.dll 15:07:47.0375 3448 E:\WINDOWS\system32\cabinet.dll - ok 15:07:47.0406 3448 [ 3AA20F72B176DB71033217CEF7A0FAC5 ] E:\WINDOWS\system32\mspatcha.dll 15:07:47.0406 3448 E:\WINDOWS\system32\mspatcha.dll - ok 15:07:47.0421 3448 [ B42057F06BBB98B31876C0B3F2B54E33 ] E:\WINDOWS\system32\browser.dll 15:07:47.0421 3448 E:\WINDOWS\system32\browser.dll - ok 15:07:47.0421 3448 [ 3458EDA96E30FBD0477A2800D3FB1909 ] E:\WINDOWS\system32\wups.dll 15:07:47.0421 3448 E:\WINDOWS\system32\wups.dll - ok 15:07:47.0453 3448 [ 8E1714FC6103F585F00CF2FA883EB33A ] E:\WINDOWS\system32\hid.dll 15:07:47.0453 3448 E:\WINDOWS\system32\hid.dll - ok 15:07:47.0453 3448 [ BDC0C99E472176C8C2C853A68ADC5073 ] E:\WINDOWS\system32\wups2.dll 15:07:47.0453 3448 E:\WINDOWS\system32\wups2.dll - ok 15:07:47.0453 3448 [ C59AF022A223C0A428DFAF1B319A85C1 ] E:\WINDOWS\system32\lmabpar1.dll 15:07:47.0453 3448 E:\WINDOWS\system32\lmabpar1.dll - ok 15:07:47.0484 3448 [ 2E0B0A051FFAA86E358465BB0880D453 ] E:\WINDOWS\system32\wuauclt.exe 15:07:47.0484 3448 E:\WINDOWS\system32\wuauclt.exe - ok 15:07:47.0484 3448 [ 1E5449E4549FBA91760F9FCDF6B22D6E ] E:\WINDOWS\system32\lmabip1.dll 15:07:47.0484 3448 E:\WINDOWS\system32\lmabip1.dll - ok 15:07:47.0500 3448 [ B403C907017199BCFF8CE116F9F59F45 ] E:\WINDOWS\system32\nvapi.dll 15:07:47.0500 3448 E:\WINDOWS\system32\nvapi.dll - ok 15:07:47.0500 3448 [ 3D525867B7D228674C49E8C700225946 ] E:\WINDOWS\system32\nvdisps.dll 15:07:47.0500 3448 E:\WINDOWS\system32\nvdisps.dll - ok 15:07:47.0500 3448 [ 6582453D9A23287F6DCA15B82D339A48 ] E:\WINDOWS\system32\localspl.dll 15:07:47.0500 3448 E:\WINDOWS\system32\localspl.dll - ok 15:07:47.0515 3448 [ CD1A323D787B738DDE0D62AA28214E16 ] E:\WINDOWS\system32\cnbjmon.dll 15:07:47.0515 3448 E:\WINDOWS\system32\cnbjmon.dll - ok 15:07:47.0515 3448 [ 13E40C0B560E90007DF9F429877488BE ] E:\WINDOWS\system32\CNMLM78.DLL 15:07:47.0515 3448 E:\WINDOWS\system32\CNMLM78.DLL - ok 15:07:47.0515 3448 [ DF6BE05B03F506A62B3EB786D0336ED1 ] E:\WINDOWS\system32\CNMLM86.DLL 15:07:47.0515 3448 E:\WINDOWS\system32\CNMLM86.DLL - ok 15:07:47.0546 3448 [ D82A57C060543D79D0097E001DF6C397 ] E:\WINDOWS\system32\CNMLM92.DLL 15:07:47.0546 3448 E:\WINDOWS\system32\CNMLM92.DLL - ok 15:07:47.0546 3448 [ 658D434909B9AD45C2FE6D432BBC2BA2 ] E:\WINDOWS\system32\CNMLM9A.DLL 15:07:47.0546 3448 E:\WINDOWS\system32\CNMLM9A.DLL - ok 15:07:47.0578 3448 [ D4FDCC6B5E6DBE12333FD1B423924060 ] E:\WINDOWS\system32\CNMLMAF.DLL 15:07:47.0578 3448 E:\WINDOWS\system32\CNMLMAF.DLL - ok 15:07:47.0578 3448 [ DA4CFA5F8EC837ED867B748535B24798 ] E:\WINDOWS\system32\lmablmpm.dll 15:07:47.0578 3448 E:\WINDOWS\system32\lmablmpm.dll - ok 15:07:47.0593 3448 [ C35C59519A34C3E41DD3BDB387B63723 ] E:\WINDOWS\system32\lmabcomc.dll 15:07:47.0593 3448 E:\WINDOWS\system32\lmabcomc.dll - ok 15:07:47.0625 3448 [ CF0376023360AADD55C89BA50564AFDC ] E:\WINDOWS\system32\mdimon.dll 15:07:47.0625 3448 E:\WINDOWS\system32\mdimon.dll - ok 15:07:47.0625 3448 [ 943407905382C0A6E3993CE5B43076AF ] E:\WINDOWS\system32\msi.dll 15:07:47.0625 3448 E:\WINDOWS\system32\msi.dll - ok 15:07:47.0640 3448 [ 500FD332827CF9209D9FB2FC5D322D74 ] E:\WINDOWS\system32\OKLNGMON.DLL 15:07:47.0640 3448 E:\WINDOWS\system32\OKLNGMON.DLL - ok 15:07:47.0656 3448 [ CD7CBE79F16E13ADDF3D62B57608006E ] E:\WINDOWS\system32\OPDMN014.DLL 15:07:47.0656 3448 E:\WINDOWS\system32\OPDMN014.DLL - ok 15:07:47.0656 3448 [ 17C70A26B079BAB6BD753378E8DA655F ] E:\WINDOWS\system32\OZLIB114.DLL 15:07:47.0656 3448 E:\WINDOWS\system32\OZLIB114.DLL - ok 15:07:47.0656 3448 [ 49B0146603A52E5AB7E021E99C7CF6E3 ] E:\WINDOWS\system32\OPCLB012.DLL 15:07:47.0656 3448 E:\WINDOWS\system32\OPCLB012.DLL - ok 15:07:47.0671 3448 [ 3776D95DCC93E40B8ADDDBD936DA0DAF ] E:\WINDOWS\system32\OPDVA012.DLL 15:07:47.0671 3448 E:\WINDOWS\system32\OPDVA012.DLL - ok 15:07:47.0671 3448 [ 598BFC4C6E4FC1DCEE980BC05CC8FE10 ] E:\WINDOWS\system32\OPM01LOC.DLL 15:07:47.0671 3448 E:\WINDOWS\system32\OPM01LOC.DLL - ok 15:07:47.0671 3448 [ 9B3AC18DDD46EDAF662611FFD0FEF54C ] E:\WINDOWS\system32\OPSLD010.DLL 15:07:47.0671 3448 E:\WINDOWS\system32\OPSLD010.DLL - ok 15:07:47.0687 3448 [ 9B0B5DF56025F6E48C17C7BA75310D35 ] E:\WINDOWS\system32\pjlmon.dll 15:07:47.0687 3448 E:\WINDOWS\system32\pjlmon.dll - ok 15:07:47.0687 3448 [ CA8AA75C4DC6A48D65949A30CE46C970 ] E:\WINDOWS\system32\tcpmon.dll 15:07:47.0687 3448 E:\WINDOWS\system32\tcpmon.dll - ok 15:07:47.0687 3448 [ E7BB3BF2DFDF4483DFF8A4AB05805416 ] E:\WINDOWS\system32\usbmon.dll 15:07:47.0687 3448 E:\WINDOWS\system32\usbmon.dll - ok 15:07:47.0703 3448 [ 46E93E39E5A4EC82BA40719D3DFF49CB ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD78.DLL 15:07:47.0703 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD78.DLL - ok 15:07:47.0703 3448 [ FEC3ACE4D5E9B8B13C401941EE50F476 ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD86.DLL 15:07:47.0703 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD86.DLL - ok 15:07:47.0703 3448 [ D9E4FE541E2D99A2EA5A0551D124044F ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD92.DLL 15:07:47.0703 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD92.DLL - ok 15:07:47.0718 3448 [ 8D8BD4362598403B2B17F9EE57FB93C7 ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9A.DLL 15:07:47.0718 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9A.DLL - ok 15:07:47.0718 3448 [ 36B2D3C5710185AF01C8261D5CA6BA2C ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAF.DLL 15:07:47.0718 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAF.DLL - ok 15:07:47.0718 3448 [ 96C650DDAF9D98A71FBE8181AC605AC5 ] E:\WINDOWS\system32\spool\prtprocs\w32x86\LMACHL4C.DLL 15:07:47.0718 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\LMACHL4C.DLL - ok 15:07:47.0734 3448 [ 58E13A2292839321D3CDC918D5A4F5AE ] E:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll 15:07:47.0734 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok 15:07:47.0734 3448 [ A25F1F46410854467D52BE979C06D6EB ] E:\WINDOWS\system32\spool\prtprocs\w32x86\OPHAPP3.DLL 15:07:47.0734 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\OPHAPP3.DLL - ok 15:07:47.0734 3448 [ 6EF99663E38AEB1FF3EFDAD1A0BD0A6D ] E:\WINDOWS\system32\spool\prtprocs\w32x86\OPLAPP3.DLL 15:07:47.0734 3448 E:\WINDOWS\system32\spool\prtprocs\w32x86\OPLAPP3.DLL - ok 15:07:47.0750 3448 [ 4333010681772735474A64D984F175AB ] E:\WINDOWS\system32\win32spl.dll 15:07:47.0750 3448 E:\WINDOWS\system32\win32spl.dll - ok 15:07:47.0750 3448 [ 0E892525F035A10857E33153CF65CE6C ] E:\WINDOWS\system32\netrap.dll 15:07:47.0750 3448 E:\WINDOWS\system32\netrap.dll - ok 15:07:47.0750 3448 [ 4BAB096EE0673DE722536F0274DA2373 ] E:\WINDOWS\system32\inetpp.dll 15:07:47.0750 3448 E:\WINDOWS\system32\inetpp.dll - ok 15:07:47.0765 3448 [ 2B5A27FE35AC5EBBDFC1B23ECE358E42 ] E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\mpengine.dll 15:07:47.0765 3448 E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\mpengine.dll - ok 15:07:47.0765 3448 [ CB6B671ED6D97F2E9F2274EADB7517B2 ] E:\Programme\Microsoft Security Client\MpCmdRun.exe 15:07:47.0765 3448 E:\Programme\Microsoft Security Client\MpCmdRun.exe - ok 15:07:47.0765 3448 [ 42DD9011D54C3A91F14BDBBF50791DA9 ] E:\Programme\Microsoft Security Client\MsseWat.dll 15:07:47.0765 3448 E:\Programme\Microsoft Security Client\MsseWat.dll - ok 15:07:47.0781 3448 [ A26E0A6A7EBB45815A3583E170C27031 ] E:\Programme\Microsoft Security Client\LegitLib.dll 15:07:47.0781 3448 E:\Programme\Microsoft Security Client\LegitLib.dll - ok 15:07:47.0781 3448 [ 517A94B722F607B904061447939D7924 ] E:\WINDOWS\system32\wbem\wbemprox.dll 15:07:47.0781 3448 E:\WINDOWS\system32\wbem\wbemprox.dll - ok 15:07:47.0781 3448 [ 8747DA0A28057B6EF2366E4C951A23F5 ] E:\WINDOWS\system32\wbem\wbemcomn.dll 15:07:47.0781 3448 E:\WINDOWS\system32\wbem\wbemcomn.dll - ok 15:07:47.0812 3448 [ D57584096C1DB82B466281B4528D4A2E ] E:\WINDOWS\system32\licdll.dll 15:07:47.0812 3448 E:\WINDOWS\system32\licdll.dll - ok 15:07:47.0812 3448 [ C9DF83C3A1D58C59FF0E0924FCA858C1 ] E:\WINDOWS\system32\dpcdll.dll 15:07:47.0812 3448 E:\WINDOWS\system32\dpcdll.dll - ok 15:07:47.0812 3448 [ 262143DB2D3DCC2E3C711A84B0673531 ] E:\WINDOWS\system32\msxml3.dll 15:07:47.0812 3448 E:\WINDOWS\system32\msxml3.dll - ok 15:07:47.0828 3448 [ B7DE02C863D8F5A005A7BF375375A6A4 ] E:\WINDOWS\system32\termsrv.dll 15:07:47.0828 3448 E:\WINDOWS\system32\termsrv.dll - ok 15:07:47.0828 3448 [ 39E63B4B76CB20E20949FCC6DE1BC630 ] E:\WINDOWS\system32\icaapi.dll 15:07:47.0828 3448 E:\WINDOWS\system32\icaapi.dll - ok 15:07:47.0828 3448 [ F0D12C9FA5F8C3ED9329418FFDC4FE4C ] E:\WINDOWS\system32\mstlsapi.dll 15:07:47.0828 3448 E:\WINDOWS\system32\mstlsapi.dll - ok 15:07:47.0843 3448 [ 27EB9D671497EA236E6B59EB9EDE3607 ] E:\WINDOWS\system32\cscui.dll 15:07:47.0843 3448 E:\WINDOWS\system32\cscui.dll - ok 15:07:47.0843 3448 [ BE2C8BD5F596535D534C785B04A3B741 ] E:\WINDOWS\system32\wdmaud.drv 15:07:47.0843 3448 E:\WINDOWS\system32\wdmaud.drv - ok 15:07:47.0843 3448 [ 6768ACF64B18196494413695F0C3A00F ] E:\WINDOWS\system32\drivers\wdmaud.sys 15:07:47.0843 3448 E:\WINDOWS\system32\drivers\wdmaud.sys - ok 15:07:47.0859 3448 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] E:\WINDOWS\system32\drivers\sysaudio.sys 15:07:47.0859 3448 E:\WINDOWS\system32\drivers\sysaudio.sys - ok 15:07:47.0859 3448 [ 788F95312E26389D596C0FA55834E106 ] E:\WINDOWS\system32\userinit.exe 15:07:47.0859 3448 E:\WINDOWS\system32\userinit.exe - ok 15:07:47.0859 3448 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] E:\WINDOWS\system32\drivers\splitter.sys 15:07:47.0859 3448 E:\WINDOWS\system32\drivers\splitter.sys - ok 15:07:47.0875 3448 [ 8BED39E3C35D6A489438B8141717A557 ] E:\WINDOWS\system32\drivers\aec.sys 15:07:47.0875 3448 E:\WINDOWS\system32\drivers\aec.sys - ok 15:07:47.0875 3448 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] E:\WINDOWS\system32\drivers\swmidi.sys 15:07:47.0875 3448 E:\WINDOWS\system32\drivers\swmidi.sys - ok 15:07:47.0875 3448 [ 8A208DFCF89792A484E76C40E5F50B45 ] E:\WINDOWS\system32\drivers\DMusic.sys 15:07:47.0875 3448 E:\WINDOWS\system32\drivers\DMusic.sys - ok 15:07:47.0890 3448 [ 692BCF44383D056AED41B045A323D378 ] E:\WINDOWS\system32\drivers\kmixer.sys 15:07:47.0890 3448 E:\WINDOWS\system32\drivers\kmixer.sys - ok 15:07:47.0890 3448 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] E:\WINDOWS\system32\drivers\drmkaud.sys 15:07:47.0890 3448 E:\WINDOWS\system32\drivers\drmkaud.sys - ok 15:07:47.0890 3448 [ 84BDD3C4FADB534BD843D949CFCDE53C ] E:\WINDOWS\system32\msacm32.drv 15:07:47.0890 3448 E:\WINDOWS\system32\msacm32.drv - ok 15:07:47.0906 3448 [ 2CF969B9BF1EF069075DCDCE309FAAE1 ] E:\WINDOWS\system32\midimap.dll 15:07:47.0906 3448 E:\WINDOWS\system32\midimap.dll - ok 15:07:47.0906 3448 [ F6B34CD47CAF6D68106B9F8055F35C50 ] E:\WINDOWS\system32\rundll32.exe 15:07:47.0906 3448 E:\WINDOWS\system32\rundll32.exe - ok 15:07:47.0921 3448 [ 418045A93CD87A352098AB7DABE1B53E ] E:\WINDOWS\explorer.exe 15:07:47.0921 3448 E:\WINDOWS\explorer.exe - ok 15:07:47.0921 3448 [ 62982E7EF025B5D8FB31467265C43918 ] E:\WINDOWS\system32\browseui.dll 15:07:47.0921 3448 E:\WINDOWS\system32\browseui.dll - ok 15:07:47.0937 3448 [ 5F62AE472DDEC02CB3C635FAD6F3A632 ] E:\WINDOWS\system32\shdocvw.dll 15:07:47.0937 3448 E:\WINDOWS\system32\shdocvw.dll - ok 15:07:47.0937 3448 [ 4B0451C5A07470A3722171E354ABDADE ] E:\WINDOWS\system32\desk.cpl 15:07:47.0937 3448 E:\WINDOWS\system32\desk.cpl - ok 15:07:47.0953 3448 [ 78898165CF0E27AFBD8653EF6D2FDA07 ] E:\WINDOWS\system32\themeui.dll 15:07:47.0953 3448 E:\WINDOWS\system32\themeui.dll - ok 15:07:47.0953 3448 [ 18D926CD5F5BE2AA73EAD99C02BC719D ] E:\WINDOWS\system32\actxprxy.dll 15:07:47.0953 3448 E:\WINDOWS\system32\actxprxy.dll - ok 15:07:47.0953 3448 [ 9B890F756D087991322464912FE68E75 ] E:\WINDOWS\system32\cmd.exe 15:07:47.0953 3448 E:\WINDOWS\system32\cmd.exe - ok 15:07:47.0984 3448 [ 6E8A8866D2093A7DBB2156DC8E7FE395 ] E:\WINDOWS\system32\ieframe.dll 15:07:47.0984 3448 E:\WINDOWS\system32\ieframe.dll - ok 15:07:48.0000 3448 [ 4B57701BDEECED8714EE21C56DADD390 ] E:\WINDOWS\system32\cryptnet.dll 15:07:48.0000 3448 E:\WINDOWS\system32\cryptnet.dll - ok 15:07:48.0000 3448 [ 197153B4233375F28600C1E87EFE4881 ] E:\WINDOWS\system32\sensapi.dll 15:07:48.0000 3448 E:\WINDOWS\system32\sensapi.dll - ok 15:07:48.0015 3448 [ 178A34E5554DCE485E1262DDF027960C ] E:\DOKUME~1\PRINKTO\LOKALE~1\Temp\388983B7-87C0-4EBF-A1A8-0254936F256F.exe 15:07:48.0015 3448 E:\DOKUME~1\PRINKTO\LOKALE~1\Temp\388983B7-87C0-4EBF-A1A8-0254936F256F.exe - ok 15:07:48.0015 3448 [ 5543A9D4A1D0F9F84092482A9373A024 ] E:\WINDOWS\system32\linkinfo.dll 15:07:48.0015 3448 E:\WINDOWS\system32\linkinfo.dll - ok 15:07:48.0046 3448 [ 6AD81A33FE1E1DBB7A1E332C20160D05 ] E:\WINDOWS\system32\ntshrui.dll 15:07:48.0046 3448 E:\WINDOWS\system32\ntshrui.dll - ok 15:07:48.0062 3448 [ 712E48248A0D16D996D4F3A79CF485A8 ] E:\WINDOWS\system32\verclsid.exe 15:07:48.0062 3448 E:\WINDOWS\system32\verclsid.exe - ok 15:07:48.0062 3448 [ 58024E0237CBE2C0CEB8772473B93603 ] E:\WINDOWS\system32\nwiz.exe 15:07:48.0062 3448 E:\WINDOWS\system32\nwiz.exe - ok 15:07:48.0078 3448 [ 24ABEFFDE26EDD53F33187FB46068876 ] E:\WINDOWS\system32\upnp.dll 15:07:48.0078 3448 E:\WINDOWS\system32\upnp.dll - ok 15:07:48.0078 3448 [ 3F541BFA1043223844EBBFEBE3ED1AD8 ] E:\WINDOWS\system32\ssdpapi.dll 15:07:48.0078 3448 E:\WINDOWS\system32\ssdpapi.dll - ok 15:07:48.0078 3448 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] E:\WINDOWS\system32\drivers\http.sys 15:07:48.0078 3448 E:\WINDOWS\system32\drivers\http.sys - ok 15:07:48.0093 3448 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] E:\WINDOWS\system32\ssdpsrv.dll 15:07:48.0093 3448 E:\WINDOWS\system32\ssdpsrv.dll - ok 15:07:48.0093 3448 [ 2A8681AEA24003040CA7D677BE9F1702 ] E:\WINDOWS\system32\drivers\06133225.sys 15:07:48.0093 3448 E:\WINDOWS\system32\drivers\06133225.sys - ok 15:07:48.0093 3448 [ D9CD6674E57A27F3465878EFE56E8B4E ] E:\WINDOWS\system32\nview.dll 15:07:48.0093 3448 E:\WINDOWS\system32\nview.dll - ok 15:07:48.0109 3448 [ 47826742CF171F538528546D9A4AB9F1 ] E:\WINDOWS\system32\nvwddi.dll 15:07:48.0109 3448 E:\WINDOWS\system32\nvwddi.dll - ok 15:07:48.0109 3448 [ D37F604F98E1FC2D7AEC8EF3515409D7 ] E:\WINDOWS\RTHDCPL.EXE 15:07:48.0109 3448 E:\WINDOWS\RTHDCPL.EXE - ok 15:07:48.0109 3448 [ 4D2F7561D8A840450AABFAD3740B0E6B ] E:\Programme\Microsoft Security Client\msseces.exe 15:07:48.0109 3448 E:\Programme\Microsoft Security Client\msseces.exe - ok 15:07:48.0125 3448 [ 4DA6F4E3E0DCBC1D53FFECBCEEC77886 ] E:\WINDOWS\system32\riched32.dll 15:07:48.0125 3448 E:\WINDOWS\system32\riched32.dll - ok 15:07:48.0125 3448 [ 9236E736EDB57BE7D1EF6274410E3BAC ] E:\WINDOWS\system32\dsound.dll 15:07:48.0125 3448 E:\WINDOWS\system32\dsound.dll - ok 15:07:48.0125 3448 [ 2F9E20F8741E32076D498F39EBA71C16 ] E:\WINDOWS\system32\hhctrl.ocx 15:07:48.0125 3448 E:\WINDOWS\system32\hhctrl.ocx - ok 15:07:48.0140 3448 [ F2B1B01D07E3548588934C38C3CE7D30 ] E:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll 15:07:48.0140 3448 E:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll - ok 15:07:48.0140 3448 [ 5257778EDF2F2DDD882DAB24AACE9C08 ] E:\WINDOWS\system32\mui\0007\hhctrlui.dll 15:07:48.0140 3448 E:\WINDOWS\system32\mui\0007\hhctrlui.dll - ok 15:07:48.0140 3448 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] E:\WINDOWS\system32\webcheck.dll 15:07:48.0140 3448 E:\WINDOWS\system32\webcheck.dll - ok 15:07:48.0156 3448 [ 3CB07566302BCEEB898DE270A0BEC175 ] E:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe 15:07:48.0156 3448 E:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe - ok 15:07:48.0156 3448 [ D4B413AA210C21E46AEDD2BA5B68D38E ] E:\WINDOWS\system32\imapi.exe 15:07:48.0156 3448 E:\WINDOWS\system32\imapi.exe - ok 15:07:48.0156 3448 [ DE2CD737BB7C6B2F391D54A06C1B80A1 ] E:\WINDOWS\system32\stobject.dll 15:07:48.0156 3448 E:\WINDOWS\system32\stobject.dll - ok 15:07:48.0171 3448 [ F84AC3459F5ED9B77BC38C481F744729 ] E:\WINDOWS\system32\batmeter.dll 15:07:48.0171 3448 E:\WINDOWS\system32\batmeter.dll - ok 15:07:48.0171 3448 [ A379B75A6FFE4DFD3184F35F0141CE91 ] E:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe 15:07:48.0171 3448 E:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe - ok 15:07:48.0171 3448 [ D2AEADFD998706B4216315B2BD3FA79E ] E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe 15:07:48.0171 3448 E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe - ok 15:07:48.0187 3448 [ 3E4C03CEFAD8DE135263236B61A49C90 ] E:\WINDOWS\system32\NeroCheck.exe 15:07:48.0187 3448 E:\WINDOWS\system32\NeroCheck.exe - ok 15:07:48.0187 3448 [ E4AC9C29A423739C22C1C593A4CBDEF5 ] E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\_ispmres.dll 15:07:48.0187 3448 E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\_ispmres.dll - ok 15:07:48.0187 3448 [ 118D81523EA80B9E252CB840E94754C6 ] E:\Programme\Microsoft Security Client\EppManifest.dll 15:07:48.0187 3448 E:\Programme\Microsoft Security Client\EppManifest.dll - ok 15:07:48.0203 3448 [ DB69535D89EFEAA0B66A6429917A94C3 ] E:\Programme\Ask.com\Updater\Updater.exe 15:07:48.0203 3448 E:\Programme\Ask.com\Updater\Updater.exe - ok 15:07:48.0203 3448 [ EA8E4B556205ECEAE826F78FD61EF044 ] E:\WINDOWS\system32\msftedit.dll 15:07:48.0203 3448 E:\WINDOWS\system32\msftedit.dll - ok 15:07:48.0203 3448 [ 01B4E6E990B6C5EA8856D96C7FD044B2 ] E:\WINDOWS\system32\ctfmon.exe 15:07:48.0203 3448 E:\WINDOWS\system32\ctfmon.exe - ok 15:07:48.0218 3448 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] E:\Programme\Microsoft Security Client\SqmApi.dll 15:07:48.0218 3448 E:\Programme\Microsoft Security Client\SqmApi.dll - ok 15:07:48.0218 3448 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] E:\Programme\Adobe\Reader 11.0\Reader\reader_sl.exe 15:07:48.0218 3448 E:\Programme\Adobe\Reader 11.0\Reader\reader_sl.exe - ok 15:07:48.0234 3448 [ B738C9EB50A94D22A0259B340A97B8A4 ] E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\agent.exe 15:07:48.0234 3448 E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\agent.exe - ok 15:07:48.0234 3448 [ CD554362B82587991A244CF563283F63 ] E:\WINDOWS\system32\msisip.dll 15:07:48.0234 3448 E:\WINDOWS\system32\msisip.dll - ok 15:07:48.0234 3448 [ A178CDFF6CAFD25CEA366EE2FC8192DE ] E:\WINDOWS\system32\wshext.dll 15:07:48.0234 3448 E:\WINDOWS\system32\wshext.dll - ok 15:07:48.0265 3448 [ A4472EA73BFB27132483F86BAFCD7783 ] E:\WINDOWS\system32\msctf.dll 15:07:48.0265 3448 E:\WINDOWS\system32\msctf.dll - ok 15:07:48.0265 3448 [ 65657A27D1487BAAFE446ED3E20D2209 ] E:\WINDOWS\system32\msutb.dll 15:07:48.0265 3448 E:\WINDOWS\system32\msutb.dll - ok 15:07:48.0265 3448 [ F0B0D86C7E5CE1781BB92F300169A257 ] E:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL 15:07:48.0265 3448 E:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL - ok 15:07:48.0281 3448 [ C2FF17734176CD15221C10044EF0BA1A ] E:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe 15:07:48.0281 3448 E:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - ok 15:07:48.0281 3448 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] E:\WINDOWS\system32\msvcp100.dll 15:07:48.0281 3448 E:\WINDOWS\system32\msvcp100.dll - ok 15:07:48.0281 3448 [ BF38660A9125935658CFA3E53FDC7D65 ] E:\WINDOWS\system32\msvcr100.dll 15:07:48.0281 3448 E:\WINDOWS\system32\msvcr100.dll - ok 15:07:48.0296 3448 [ 456DFE2E9E04CAD282E19DE078DCF85B ] E:\WINDOWS\ime\sptip.dll 15:07:48.0296 3448 E:\WINDOWS\ime\sptip.dll - ok 15:07:48.0296 3448 [ B9E1B91828711D12BBF27C3A29255127 ] E:\WINDOWS\system32\netcfgx.dll 15:07:48.0296 3448 E:\WINDOWS\system32\netcfgx.dll - ok 15:07:48.0296 3448 [ B601A34A1BC3FFF07B005BC91FF58500 ] E:\WINDOWS\system32\clusapi.dll 15:07:48.0296 3448 E:\WINDOWS\system32\clusapi.dll - ok 15:07:48.0312 3448 [ C30D8C61884413FB35E241A2D98BD08F ] E:\WINDOWS\system32\mscms.dll 15:07:48.0312 3448 E:\WINDOWS\system32\mscms.dll - ok 15:07:48.0312 3448 [ C50E037D2E15CD6B39120DAB10541D34 ] E:\WINDOWS\system32\sti.dll 15:07:48.0312 3448 E:\WINDOWS\system32\sti.dll - ok 15:07:48.0312 3448 [ FB48C9B0B6382D5AEA6AEEDBDAEA55A3 ] E:\WINDOWS\system32\cfgmgr32.dll 15:07:48.0312 3448 E:\WINDOWS\system32\cfgmgr32.dll - ok 15:07:48.0328 3448 [ 31940D74AE890495C73E37482F150DC3 ] E:\WINDOWS\system32\rasdlg.dll 15:07:48.0328 3448 E:\WINDOWS\system32\rasdlg.dll - ok 15:07:48.0328 3448 [ 671ABB33C712B1585A5BF7ADD36AD96E ] E:\WINDOWS\system32\ksuser.dll 15:07:48.0328 3448 E:\WINDOWS\system32\ksuser.dll - ok 15:07:48.0328 3448 [ 5B8D89E523537B208E2C392776DA2E3A ] E:\Programme\PrintKey2000\Printkey2000.exe 15:07:48.0328 3448 E:\Programme\PrintKey2000\Printkey2000.exe - ok 15:07:48.0343 3448 [ A69630D039C38018689190234F866D77 ] E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\MpKsla48f499f.sys 15:07:48.0343 3448 E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\MpKsla48f499f.sys - ok 15:07:48.0343 3448 [ B60DDDD2D63CE41CB8C487FCFBB6419E ] E:\Programme\Internet Explorer\iexplore.exe 15:07:48.0343 3448 E:\Programme\Internet Explorer\iexplore.exe - ok 15:07:48.0343 3448 [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] E:\Programme\Internet Explorer\sqmapi.dll 15:07:48.0343 3448 E:\Programme\Internet Explorer\sqmapi.dll - ok 15:07:48.0359 3448 [ B3308816DD90899C0FF936F043F5286C ] E:\Programme\Internet Explorer\xpshims.dll 15:07:48.0359 3448 E:\Programme\Internet Explorer\xpshims.dll - ok 15:07:48.0359 3448 [ 11734790410900D2CD6B7839020E4DD9 ] E:\WINDOWS\system32\ieui.dll 15:07:48.0359 3448 E:\WINDOWS\system32\ieui.dll - ok 15:07:48.0359 3448 [ 25A8C40D90FC277FE4B3FAF217842BF1 ] E:\Programme\Internet Explorer\ieproxy.dll 15:07:48.0359 3448 E:\Programme\Internet Explorer\ieproxy.dll - ok 15:07:48.0375 3448 [ 05903CAC4B98908D55EA5774775B382E ] E:\WINDOWS\system32\tapisrv.dll 15:07:48.0375 3448 E:\WINDOWS\system32\tapisrv.dll - ok 15:07:48.0375 3448 [ ED706C98A2C31E31D8D51D43C8BC2855 ] E:\WINDOWS\system32\msimtf.dll 15:07:48.0375 3448 E:\WINDOWS\system32\msimtf.dll - ok 15:07:48.0375 3448 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] E:\WINDOWS\system32\rasmans.dll 15:07:48.0375 3448 E:\WINDOWS\system32\rasmans.dll - ok 15:07:48.0390 3448 [ 67F2A1E0D4EF9F276346E9FE5007C6A2 ] E:\WINDOWS\system32\rastapi.dll 15:07:48.0390 3448 E:\WINDOWS\system32\rastapi.dll - ok 15:07:48.0390 3448 [ A0D8D3E40071A2D46A174F358E579FF9 ] E:\WINDOWS\system32\unimdm.tsp 15:07:48.0390 3448 E:\WINDOWS\system32\unimdm.tsp - ok 15:07:48.0390 3448 [ 6880D17F2120260DED52864711FD5D40 ] E:\WINDOWS\system32\uniplat.dll 15:07:48.0390 3448 E:\WINDOWS\system32\uniplat.dll - ok 15:07:48.0406 3448 [ B88E7C1BECF19CB7DF5D14C139E1B129 ] E:\WINDOWS\system32\kmddsp.tsp 15:07:48.0406 3448 E:\WINDOWS\system32\kmddsp.tsp - ok 15:07:48.0406 3448 [ B6368A01066D60B47927E70C3FCC4F4E ] E:\WINDOWS\system32\ndptsp.tsp 15:07:48.0406 3448 E:\WINDOWS\system32\ndptsp.tsp - ok 15:07:48.0406 3448 [ FAB9161D01BAFED0FBA37B7EDC2E6C3E ] E:\WINDOWS\system32\ipconf.tsp 15:07:48.0421 3448 E:\WINDOWS\system32\ipconf.tsp - ok 15:07:48.0421 3448 [ A46C35D2222289E11498E63DC255D9EE ] E:\WINDOWS\system32\h323.tsp 15:07:48.0421 3448 E:\WINDOWS\system32\h323.tsp - ok 15:07:48.0421 3448 [ B469B24EB3B6A5FA2E9AD4679F209A5A ] E:\WINDOWS\system32\hidphone.tsp 15:07:48.0421 3448 E:\WINDOWS\system32\hidphone.tsp - ok 15:07:48.0437 3448 [ 784CE11452CEE7FA71BE94ACABC8D241 ] E:\WINDOWS\system32\rasppp.dll 15:07:48.0437 3448 E:\WINDOWS\system32\rasppp.dll - ok 15:07:48.0437 3448 [ 41AA6EB6D03E14F64CAE4E661C45F5FC ] E:\WINDOWS\system32\ntlsapi.dll 15:07:48.0437 3448 E:\WINDOWS\system32\ntlsapi.dll - ok 15:07:48.0437 3448 [ D1E18F4AE94FFEC7270BE0A10C0B295E ] E:\WINDOWS\system32\xmllite.dll 15:07:48.0437 3448 E:\WINDOWS\system32\xmllite.dll - ok 15:07:48.0437 3448 [ 1F869848291EFDBE3883B101EDD39025 ] E:\WINDOWS\system32\rasqec.dll 15:07:48.0437 3448 E:\WINDOWS\system32\rasqec.dll - ok 15:07:48.0468 3448 [ 74877B3E6DC33D8B4D762782C749CBCD ] E:\WINDOWS\system32\msfeeds.dll 15:07:48.0468 3448 E:\WINDOWS\system32\msfeeds.dll - ok 15:07:48.0468 3448 [ ACF599B952FFBCAD472D3084B780A98C ] E:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll 15:07:48.0468 3448 E:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll - ok 15:07:48.0468 3448 [ 041CDA6766DA9C388E91AF41B2114E4A ] E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 15:07:48.0468 3448 E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok 15:07:48.0484 3448 [ F9616D202B0124D373D2D82A4AA66B1D ] E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 15:07:48.0484 3448 E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - ok 15:07:48.0484 3448 [ 0F97F69D3CABBFFCFBAB193D77F62150 ] E:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll 15:07:48.0484 3448 E:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll - ok 15:07:48.0484 3448 [ 052F968390A85D37D5EE8BE3AB2A83A2 ] E:\WINDOWS\system32\usp10.dll 15:07:48.0484 3448 E:\WINDOWS\system32\usp10.dll - ok 15:07:48.0500 3448 [ EA9230C5CF9E866AE60115D5200D0477 ] E:\WINDOWS\system32\mshtml.dll 15:07:48.0500 3448 E:\WINDOWS\system32\mshtml.dll - ok 15:07:48.0500 3448 [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] E:\WINDOWS\system32\msls31.dll 15:07:48.0500 3448 E:\WINDOWS\system32\msls31.dll - ok 15:07:48.0500 3448 [ 38FFEC2CD31441A6B57D7A0B490D7299 ] E:\WINDOWS\system32\jscript.dll 15:07:48.0500 3448 E:\WINDOWS\system32\jscript.dll - ok 15:07:48.0515 3448 [ FC119BB74530A98B6605A69652A7CC13 ] E:\WINDOWS\system32\iepeers.dll 15:07:48.0515 3448 E:\WINDOWS\system32\iepeers.dll - ok 15:07:48.0515 3448 [ 42B928FC8518D793BF7A5EAFC57B1D8B ] E:\WINDOWS\system32\imgutil.dll 15:07:48.0515 3448 E:\WINDOWS\system32\imgutil.dll - ok 15:07:48.0515 3448 [ E5FA1B044DAC5F6F600A1742D73F6936 ] E:\WINDOWS\system32\pngfilt.dll 15:07:48.0515 3448 E:\WINDOWS\system32\pngfilt.dll - ok 15:07:48.0531 3448 [ 5E1A0476E009A1930A524DFF4CA13982 ] E:\WINDOWS\system32\dxtrans.dll 15:07:48.0531 3448 E:\WINDOWS\system32\dxtrans.dll - ok 15:07:48.0531 3448 [ B41ECC7B69B8458B1D936669193BAF04 ] E:\WINDOWS\system32\ddrawex.dll 15:07:48.0531 3448 E:\WINDOWS\system32\ddrawex.dll - ok 15:07:48.0531 3448 [ 4A37188B83B00DD9CFBA049687AD0DAF ] E:\WINDOWS\system32\ddraw.dll 15:07:48.0531 3448 E:\WINDOWS\system32\ddraw.dll - ok 15:07:48.0546 3448 [ 1999FC48B58F25076B970E3EA38AEFE7 ] E:\WINDOWS\system32\dciman32.dll 15:07:48.0546 3448 E:\WINDOWS\system32\dciman32.dll - ok 15:07:48.0546 3448 [ 057D53F1490598D41D9D4DEE9A92B0B1 ] E:\WINDOWS\system32\dxtmsft.dll 15:07:48.0546 3448 E:\WINDOWS\system32\dxtmsft.dll - ok 15:07:48.0546 3448 [ 8A1047310A341962434AADF1CD834ABC ] E:\WINDOWS\system32\msxml6.dll 15:07:48.0546 3448 E:\WINDOWS\system32\msxml6.dll - ok 15:07:48.0562 3448 [ DA40C5D347547427BCEBB28B1173917E ] E:\WINDOWS\system32\infosoft.dll 15:07:48.0562 3448 E:\WINDOWS\system32\infosoft.dll - ok 15:07:48.0562 3448 [ 9D8F3B5E2FACDAF0183CAA834AAD7171 ] E:\WINDOWS\system32\Macromed\Flash\Flash32_11_7_700_169.ocx 15:07:48.0562 3448 E:\WINDOWS\system32\Macromed\Flash\Flash32_11_7_700_169.ocx - ok 15:07:48.0578 3448 [ A13A724AD562D04C0246544FF5D7DD21 ] E:\WINDOWS\system32\query.dll 15:07:48.0578 3448 E:\WINDOWS\system32\query.dll - ok 15:07:48.0578 3448 [ 1C9A58EFA9E65EA27C45E12F38C6E2A8 ] E:\Programme\Microsoft Security Client\MpCommu.dll 15:07:48.0578 3448 E:\Programme\Microsoft Security Client\MpCommu.dll - ok 15:07:48.0578 3448 [ C60B1A819F38C05254E7035701B83919 ] E:\WINDOWS\system32\drprov.dll 15:07:48.0578 3448 E:\WINDOWS\system32\drprov.dll - ok 15:07:48.0578 3448 [ 6242D532697DF34EA197F0770A361EE6 ] E:\WINDOWS\system32\ntlanman.dll 15:07:48.0578 3448 E:\WINDOWS\system32\ntlanman.dll - ok 15:07:48.0593 3448 [ AA602642E235C46A8C7BF19D20642A89 ] E:\WINDOWS\system32\netui0.dll 15:07:48.0593 3448 E:\WINDOWS\system32\netui0.dll - ok 15:07:48.0593 3448 [ 09AE8DC3E430FA9111A2E2FDB92E305A ] E:\WINDOWS\system32\netui1.dll 15:07:48.0593 3448 E:\WINDOWS\system32\netui1.dll - ok 15:07:48.0593 3448 [ 1204982A78DFFD0D8F8261EC027A456D ] E:\WINDOWS\system32\davclnt.dll 15:07:48.0593 3448 E:\WINDOWS\system32\davclnt.dll - ok 15:07:48.0609 3448 [ E5D9F6A81032A8D47331B74E604D401E ] E:\WINDOWS\system32\d3dim700.dll 15:07:48.0609 3448 E:\WINDOWS\system32\d3dim700.dll - ok 15:07:48.0609 3448 [ 87D84FF3F19FC382C9358BCD3C7136FD ] E:\Programme\Ask.com\UpdateTask.exe 15:07:48.0609 3448 E:\Programme\Ask.com\UpdateTask.exe - ok 15:07:48.0609 3448 [ 7565B389F2281269FAD444991743CC5D ] E:\Programme\Ask.com\SaUpdate.exe 15:07:48.0609 3448 E:\Programme\Ask.com\SaUpdate.exe - ok 15:07:48.0625 3448 [ 843C84B5A4AD6FB9C5871118ED1DEC8C ] E:\WINDOWS\system32\mstask.dll 15:07:48.0625 3448 E:\WINDOWS\system32\mstask.dll - ok 15:07:48.0625 3448 [ 95110A1C5A1D228AC1DDF6AB67D00BEB ] E:\Programme\Mozilla Firefox\firefox.exe 15:07:48.0625 3448 E:\Programme\Mozilla Firefox\firefox.exe - ok 15:07:48.0625 3448 [ D7A99BBF38F69968A09C61C92C2D494F ] E:\Programme\Mozilla Firefox\mozglue.dll 15:07:48.0625 3448 E:\Programme\Mozilla Firefox\mozglue.dll - ok 15:07:48.0640 3448 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] E:\Programme\Mozilla Firefox\msvcr100.dll 15:07:48.0640 3448 E:\Programme\Mozilla Firefox\msvcr100.dll - ok 15:07:48.0640 3448 [ 7797E159D38F7EE35FAE45A785EDED08 ] E:\Programme\Mozilla Firefox\nspr4.dll 15:07:48.0640 3448 E:\Programme\Mozilla Firefox\nspr4.dll - ok 15:07:48.0640 3448 [ F0C803D84B89B2EA3CDB5580CECC15E3 ] E:\WINDOWS\system32\wsock32.dll 15:07:48.0640 3448 E:\WINDOWS\system32\wsock32.dll - ok 15:07:48.0656 3448 [ 8416CA752F8377EA151D53C0D52017F0 ] E:\Programme\Mozilla Firefox\mozjs.dll 15:07:48.0656 3448 E:\Programme\Mozilla Firefox\mozjs.dll - ok 15:07:48.0656 3448 [ 03E9314004F504A14A61C3D364B62F66 ] E:\Programme\Mozilla Firefox\msvcp100.dll 15:07:48.0656 3448 E:\Programme\Mozilla Firefox\msvcp100.dll - ok 15:07:48.0656 3448 [ 1992820D49D2C6AF5A7CD0D07D40A851 ] E:\Programme\Mozilla Firefox\plc4.dll 15:07:48.0656 3448 E:\Programme\Mozilla Firefox\plc4.dll - ok 15:07:48.0671 3448 [ E17BFF4A8EBF941A2C8B9AE99C477DA9 ] E:\Programme\Mozilla Firefox\nssutil3.dll 15:07:48.0671 3448 E:\Programme\Mozilla Firefox\nssutil3.dll - ok 15:07:48.0671 3448 [ D3FA27C8311AACC9B4394FD23C8086CD ] E:\Programme\Mozilla Firefox\plds4.dll 15:07:48.0671 3448 E:\Programme\Mozilla Firefox\plds4.dll - ok 15:07:48.0671 3448 [ 29C0B2468644975752B21FD55C08CEC1 ] E:\Programme\Mozilla Firefox\nss3.dll 15:07:48.0671 3448 E:\Programme\Mozilla Firefox\nss3.dll - ok 15:07:48.0687 3448 [ 5BECF8CF74F0E03854A21C7F5C203ACA ] E:\Programme\Mozilla Firefox\smime3.dll 15:07:48.0687 3448 E:\Programme\Mozilla Firefox\smime3.dll - ok 15:07:48.0687 3448 [ EB946F77055B8DB7A1A42CC9AE8C11F5 ] E:\Programme\Mozilla Firefox\ssl3.dll 15:07:48.0687 3448 E:\Programme\Mozilla Firefox\ssl3.dll - ok 15:07:48.0687 3448 [ FAC10E7AC8DB4E6B7B77A72990151188 ] E:\Programme\Mozilla Firefox\mozsqlite3.dll 15:07:48.0687 3448 E:\Programme\Mozilla Firefox\mozsqlite3.dll - ok 15:07:48.0703 3448 [ 9E349174A3A14D68CC74A13063B34EFD ] E:\Programme\Mozilla Firefox\gkmedias.dll 15:07:48.0703 3448 E:\Programme\Mozilla Firefox\gkmedias.dll - ok 15:07:48.0703 3448 [ E2083CA3A9DEEF9A9F8A478666918D52 ] E:\Programme\Mozilla Firefox\mozalloc.dll 15:07:48.0703 3448 E:\Programme\Mozilla Firefox\mozalloc.dll - ok 15:07:48.0703 3448 [ D6C1438020F899A252C4E477DA990D85 ] E:\Programme\Mozilla Firefox\xul.dll 15:07:48.0703 3448 E:\Programme\Mozilla Firefox\xul.dll - ok 15:07:48.0718 3448 [ 5BE3C41CAF78D0358C7BA33FC4F59256 ] E:\WINDOWS\system32\msdmo.dll 15:07:48.0718 3448 E:\WINDOWS\system32\msdmo.dll - ok 15:07:48.0718 3448 [ BB6ECA435489775EADD9B05947450058 ] E:\Programme\Mozilla Firefox\xpcom.dll 15:07:48.0718 3448 E:\Programme\Mozilla Firefox\xpcom.dll - ok 15:07:48.0718 3448 [ 4489039D3E2A17F795A774C5ECCCA0C2 ] E:\WINDOWS\system32\dbghelp.dll 15:07:48.0718 3448 E:\WINDOWS\system32\dbghelp.dll - ok 15:07:48.0718 3448 [ 3DE6649B4998FB435A6781D2C58EAD58 ] E:\Programme\Mozilla Firefox\browser\components\browsercomps.dll 15:07:48.0718 3448 E:\Programme\Mozilla Firefox\browser\components\browsercomps.dll - ok 15:07:48.0734 3448 [ 57133712ECF76459FB4117FC2B849D3F ] E:\WINDOWS\system32\feclient.dll 15:07:48.0734 3448 E:\WINDOWS\system32\feclient.dll - ok 15:07:48.0734 3448 [ 386C401D1432C5A13262B9A7196046D6 ] E:\WINDOWS\system32\t2embed.dll 15:07:48.0734 3448 E:\WINDOWS\system32\t2embed.dll - ok 15:07:48.0734 3448 [ C3200506FB212A0F4FB736A80E646C40 ] E:\WINDOWS\system32\lz32.dll 15:07:48.0734 3448 E:\WINDOWS\system32\lz32.dll - ok 15:07:48.0750 3448 [ 49314D17901B70A70322ECE4F8D29766 ] E:\Programme\Mozilla Firefox\softokn3.dll 15:07:48.0750 3448 E:\Programme\Mozilla Firefox\softokn3.dll - ok 15:07:48.0750 3448 [ F4E8B8F221B8DDEF2A504BDA7A24E6E5 ] E:\Programme\Mozilla Firefox\nssdbm3.dll 15:07:48.0750 3448 E:\Programme\Mozilla Firefox\nssdbm3.dll - ok 15:07:48.0765 3448 [ 1DC0B0A19F01735A74C254F23261F834 ] E:\Programme\Mozilla Firefox\freebl3.dll 15:07:48.0765 3448 E:\Programme\Mozilla Firefox\freebl3.dll - ok 15:07:48.0765 3448 [ 0EEB56F60913514DE7D6EDDFBB895CFB ] E:\Programme\Mozilla Firefox\nssckbi.dll 15:07:48.0765 3448 E:\Programme\Mozilla Firefox\nssckbi.dll - ok 15:07:48.0765 3448 [ 6FC79A950476A5F539EEB65F9097C0A8 ] E:\Programme\Mozilla Firefox\plugin-container.exe 15:07:48.0765 3448 E:\Programme\Mozilla Firefox\plugin-container.exe - ok 15:07:48.0765 3448 [ 47299371607DC2FB234444EEACB1639E ] E:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll 15:07:48.0765 3448 E:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll - ok 15:07:48.0781 3448 [ 07A880E2A81D533DAAFBBB9DE9EAC2C4 ] E:\WINDOWS\system32\browselc.dll 15:07:48.0781 3448 E:\WINDOWS\system32\browselc.dll - ok 15:07:48.0781 3448 [ 75B9D3FE25D597301FB7334147DB2498 ] E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.dll 15:07:48.0781 3448 E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.dll - ok 15:07:48.0781 3448 [ 8A29B5B5A881C6709F31FF5203F0FAC9 ] E:\WINDOWS\system32\notepad.exe 15:07:48.0781 3448 E:\WINDOWS\system32\notepad.exe - ok 15:07:48.0781 3448 [ 79B0A04E2DF042045A25706B4BAD2116 ] E:\Programme\Malwarebytes' Anti-Malware\mbamext.dll 15:07:48.0796 3448 E:\Programme\Malwarebytes' Anti-Malware\mbamext.dll - ok 15:07:48.0796 3448 [ 2D9D626F9EC48AE115B91490F34493D3 ] E:\Programme\WinRAR 3.61 Multi\RarExt.dll 15:07:48.0796 3448 E:\Programme\WinRAR 3.61 Multi\RarExt.dll - ok 15:07:48.0796 3448 [ 875E1A57B0D5469375F7060C226578DB ] E:\PROGRA~1\MICROS~2\shellext.dll 15:07:48.0796 3448 E:\PROGRA~1\MICROS~2\shellext.dll - ok 15:07:48.0796 3448 [ 178A34E5554DCE485E1262DDF027960C ] E:\Programme_download\tdsskiller.exe 15:07:48.0796 3448 E:\Programme_download\tdsskiller.exe - ok 15:07:48.0812 3448 [ 2A8681AEA24003040CA7D677BE9F1702 ] E:\WINDOWS\system32\drivers\96585107.sys 15:07:48.0812 3448 E:\WINDOWS\system32\drivers\96585107.sys - ok 15:07:48.0812 3448 ============================================================ 15:07:48.0812 3448 Scan finished 15:07:48.0812 3448 ============================================================ 15:07:48.0921 2656 Detected object count: 2 15:07:48.0921 2656 Actual detected object count: 2 15:08:45.0968 2656 E:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe - copied to quarantine 15:08:46.0109 2656 HKLM\SYSTEM\ControlSet001\services\ForceWare Intelligent Application Manager (IAM) - will be deleted on reboot 15:08:46.0125 2656 HKLM\SYSTEM\ControlSet002\services\ForceWare Intelligent Application Manager (IAM) - will be deleted on reboot 15:08:46.0125 2656 HKLM\SYSTEM\ControlSet003\services\ForceWare Intelligent Application Manager (IAM) - will be deleted on reboot 15:08:46.0156 2656 E:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe - will be deleted on reboot 15:08:46.0156 2656 ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - User select action: Delete 15:08:46.0171 2656 E:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe - copied to quarantine 15:08:46.0250 2656 HKLM\SYSTEM\ControlSet001\services\nSvcIp - will be deleted on reboot 15:08:46.0250 2656 HKLM\SYSTEM\ControlSet002\services\nSvcIp - will be deleted on reboot 15:08:46.0250 2656 HKLM\SYSTEM\ControlSet003\services\nSvcIp - will be deleted on reboot 15:08:46.0250 2656 E:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe - will be deleted on reboot 15:08:46.0250 2656 nSvcIp ( UnsignedFile.Multi.Generic ) - User select action: Delete |
13.06.2013, 14:19 | #10 |
| GVU auch im abgesicherrten Modus XP HOME 32 Ergebnis nach delete und reboot 15:16:25.0265 0472 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 15:16:25.0859 0472 ============================================================ 15:16:25.0859 0472 Current date / time: 2013/06/13 15:16:25.0859 15:16:25.0859 0472 SystemInfo: 15:16:25.0859 0472 15:16:25.0859 0472 OS Version: 5.1.2600 ServicePack: 3.0 15:16:25.0859 0472 Product type: Workstation 15:16:25.0859 0472 ComputerName: SHALIMAR 15:16:25.0859 0472 UserName: PRINKTO 15:16:25.0859 0472 Windows directory: E:\WINDOWS 15:16:25.0859 0472 System windows directory: E:\WINDOWS 15:16:25.0859 0472 Processor architecture: Intel x86 15:16:25.0859 0472 Number of processors: 2 15:16:25.0859 0472 Page size: 0x1000 15:16:25.0859 0472 Boot type: Normal boot 15:16:25.0859 0472 ============================================================ 15:16:27.0515 0472 BG loaded 15:16:29.0859 0472 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 15:16:29.0984 0472 ============================================================ 15:16:29.0984 0472 \Device\Harddisk0\DR0: 15:16:30.0140 0472 MBR partitions: 15:16:30.0140 0472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05 15:16:30.0140 0472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFFFAC44, BlocksNum 0x15432A7D 15:16:30.0140 0472 ============================================================ 15:16:30.0359 0472 E: <-> \Device\Harddisk0\DR0\Partition1 15:16:30.0453 0472 K: <-> \Device\Harddisk0\DR0\Partition2 15:16:30.0500 0472 ============================================================ 15:16:30.0500 0472 Initialize success 15:16:30.0500 0472 ============================================================ 15:16:42.0437 2140 ============================================================ 15:16:42.0437 2140 Scan started 15:16:42.0437 2140 Mode: Manual; SigCheck; TDLFS; 15:16:42.0437 2140 ============================================================ 15:16:43.0546 2140 ================ Scan system memory ======================== 15:16:43.0546 2140 System memory - ok 15:16:43.0546 2140 ================ Scan services ============================= 15:16:43.0796 2140 Abiosdsk - ok 15:16:43.0796 2140 abp480n5 - ok 15:16:43.0843 2140 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI E:\WINDOWS\system32\DRIVERS\ACPI.sys 15:16:44.0593 2140 ACPI - ok 15:16:44.0640 2140 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC E:\WINDOWS\system32\DRIVERS\ACPIEC.sys 15:16:44.0750 2140 ACPIEC - ok 15:16:44.0750 2140 adpu160m - ok 15:16:44.0781 2140 [ 8BED39E3C35D6A489438B8141717A557 ] aec E:\WINDOWS\system32\drivers\aec.sys 15:16:44.0890 2140 aec - ok 15:16:44.0921 2140 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD E:\WINDOWS\System32\drivers\afd.sys 15:16:45.0031 2140 AFD - ok 15:16:45.0031 2140 Aha154x - ok 15:16:45.0031 2140 aic78u2 - ok 15:16:45.0046 2140 aic78xx - ok 15:16:45.0062 2140 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter E:\WINDOWS\system32\alrsvc.dll 15:16:45.0171 2140 Alerter - ok 15:16:45.0187 2140 [ 190CD73D4984F94D823F9444980513E5 ] ALG E:\WINDOWS\System32\alg.exe 15:16:45.0312 2140 ALG - ok 15:16:45.0312 2140 AliIde - ok 15:16:45.0390 2140 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt E:\WINDOWS\system32\drivers\Ambfilt.sys 15:16:45.0625 2140 Ambfilt - ok 15:16:45.0640 2140 amsint - ok 15:16:45.0640 2140 AppMgmt - ok 15:16:45.0640 2140 asc - ok 15:16:45.0656 2140 asc3350p - ok 15:16:45.0656 2140 asc3550 - ok 15:16:45.0734 2140 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 15:16:45.0812 2140 aspnet_state - ok 15:16:45.0828 2140 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac E:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:16:45.0953 2140 AsyncMac - ok 15:16:46.0000 2140 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi E:\WINDOWS\system32\DRIVERS\atapi.sys 15:16:46.0093 2140 atapi - ok 15:16:46.0109 2140 Atdisk - ok 15:16:46.0140 2140 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc E:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:16:46.0265 2140 Atmarpc - ok 15:16:46.0312 2140 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv E:\WINDOWS\System32\audiosrv.dll 15:16:46.0421 2140 AudioSrv - ok 15:16:46.0453 2140 [ D9F724AA26C010A217C97606B160ED68 ] audstub E:\WINDOWS\system32\DRIVERS\audstub.sys 15:16:46.0562 2140 audstub - ok 15:16:46.0593 2140 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep E:\WINDOWS\system32\drivers\Beep.sys 15:16:46.0765 2140 Beep - ok 15:16:46.0828 2140 [ D6F603772A789BB3228F310D650B8BD1 ] BITS E:\WINDOWS\System32\qmgr.dll 15:16:46.0968 2140 BITS - ok 15:16:47.0000 2140 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser E:\WINDOWS\System32\browser.dll 15:16:47.0125 2140 Browser - ok 15:16:47.0156 2140 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k E:\WINDOWS\system32\drivers\cbidf2k.sys 15:16:47.0281 2140 cbidf2k - ok 15:16:47.0296 2140 cd20xrnt - ok 15:16:47.0328 2140 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio E:\WINDOWS\system32\drivers\Cdaudio.sys 15:16:47.0468 2140 Cdaudio - ok 15:16:47.0515 2140 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs E:\WINDOWS\system32\drivers\Cdfs.sys 15:16:47.0640 2140 Cdfs - ok 15:16:47.0656 2140 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom E:\WINDOWS\system32\DRIVERS\cdrom.sys 15:16:47.0796 2140 Cdrom - ok 15:16:47.0796 2140 Changer - ok 15:16:47.0828 2140 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc E:\WINDOWS\System32\cisvc.exe 15:16:47.0968 2140 cisvc - ok 15:16:47.0984 2140 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv E:\WINDOWS\system32\clipsrv.exe 15:16:48.0125 2140 ClipSrv - ok 15:16:48.0359 2140 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:16:48.0500 2140 clr_optimization_v2.0.50727_32 - ok 15:16:48.0546 2140 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:16:48.0609 2140 clr_optimization_v4.0.30319_32 - ok 15:16:48.0640 2140 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt E:\WINDOWS\system32\DRIVERS\CmBatt.sys 15:16:48.0750 2140 CmBatt - ok 15:16:48.0750 2140 CmdIde - ok 15:16:48.0765 2140 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt E:\WINDOWS\system32\DRIVERS\compbatt.sys 15:16:48.0875 2140 Compbatt - ok 15:16:48.0890 2140 COMSysApp - ok 15:16:48.0890 2140 Cpqarray - ok 15:16:48.0937 2140 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc E:\WINDOWS\System32\cryptsvc.dll 15:16:49.0046 2140 CryptSvc - ok 15:16:49.0046 2140 dac2w2k - ok 15:16:49.0062 2140 dac960nt - ok 15:16:49.0109 2140 [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch E:\WINDOWS\system32\rpcss.dll 15:16:49.0203 2140 DcomLaunch - ok 15:16:49.0234 2140 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp E:\WINDOWS\System32\dhcpcsvc.dll 15:16:49.0343 2140 Dhcp - ok 15:16:49.0343 2140 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk E:\WINDOWS\system32\DRIVERS\disk.sys 15:16:49.0468 2140 Disk - ok 15:16:49.0468 2140 dmadmin - ok 15:16:49.0500 2140 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot E:\WINDOWS\system32\drivers\dmboot.sys 15:16:49.0687 2140 dmboot - ok 15:16:49.0703 2140 [ 53720AB12B48719D00E327DA470A619A ] dmio E:\WINDOWS\system32\drivers\dmio.sys 15:16:49.0828 2140 dmio - ok 15:16:49.0859 2140 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload E:\WINDOWS\system32\drivers\dmload.sys 15:16:49.0968 2140 dmload - ok 15:16:50.0000 2140 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver E:\WINDOWS\System32\dmserver.dll 15:16:50.0093 2140 dmserver - ok 15:16:50.0125 2140 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic E:\WINDOWS\system32\drivers\DMusic.sys 15:16:50.0218 2140 DMusic - ok 15:16:50.0250 2140 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache E:\WINDOWS\System32\dnsrslvr.dll 15:16:50.0359 2140 Dnscache - ok 15:16:50.0406 2140 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc E:\WINDOWS\System32\dot3svc.dll 15:16:50.0640 2140 Dot3svc - ok 15:16:50.0640 2140 dpti2o - ok 15:16:50.0656 2140 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud E:\WINDOWS\system32\drivers\drmkaud.sys 15:16:50.0750 2140 drmkaud - ok 15:16:50.0781 2140 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost E:\WINDOWS\System32\eapsvc.dll 15:16:50.0921 2140 EapHost - ok 15:16:50.0953 2140 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc E:\WINDOWS\System32\ersvc.dll 15:16:51.0093 2140 ERSvc - ok 15:16:51.0140 2140 [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog E:\WINDOWS\system32\services.exe 15:16:51.0234 2140 Eventlog - ok 15:16:51.0250 2140 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem E:\WINDOWS\System32\es.dll 15:16:51.0343 2140 EventSystem - ok 15:16:51.0390 2140 [ 38D332A6D56AF32635675F132548343E ] Fastfat E:\WINDOWS\system32\drivers\Fastfat.sys 15:16:51.0500 2140 Fastfat - ok 15:16:51.0531 2140 [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility E:\WINDOWS\System32\shsvcs.dll 15:16:51.0656 2140 FastUserSwitchingCompatibility - ok 15:16:51.0687 2140 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc E:\WINDOWS\system32\drivers\Fdc.sys 15:16:51.0796 2140 Fdc - ok 15:16:51.0812 2140 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips E:\WINDOWS\system32\drivers\Fips.sys 15:16:51.0921 2140 Fips - ok 15:16:51.0921 2140 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk E:\WINDOWS\system32\drivers\Flpydisk.sys 15:16:52.0031 2140 Flpydisk - ok 15:16:52.0046 2140 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr E:\WINDOWS\system32\drivers\fltmgr.sys 15:16:52.0187 2140 FltMgr - ok 15:16:52.0187 2140 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec E:\WINDOWS\system32\drivers\Fs_Rec.sys 15:16:52.0296 2140 Fs_Rec - ok 15:16:52.0312 2140 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk E:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:16:52.0421 2140 Ftdisk - ok 15:16:52.0453 2140 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc E:\WINDOWS\system32\DRIVERS\msgpc.sys 15:16:52.0578 2140 Gpc - ok 15:16:52.0609 2140 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus E:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:16:52.0734 2140 HDAudBus - ok 15:16:52.0812 2140 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:16:52.0906 2140 helpsvc - ok 15:16:52.0921 2140 HidServ - ok 15:16:52.0953 2140 [ ED29F14101523A6E0E808107405D452C ] hkmsvc E:\WINDOWS\System32\kmsvc.dll 15:16:53.0078 2140 hkmsvc - ok 15:16:53.0078 2140 hpn - ok 15:16:53.0093 2140 hpt3xx - ok 15:16:53.0140 2140 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP E:\WINDOWS\system32\Drivers\HTTP.sys 15:16:53.0234 2140 HTTP - ok 15:16:53.0250 2140 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter E:\WINDOWS\System32\w3ssl.dll 15:16:53.0375 2140 HTTPFilter - ok 15:16:53.0375 2140 i2omgmt - ok 15:16:53.0375 2140 i2omp - ok 15:16:53.0390 2140 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt E:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:16:53.0515 2140 i8042prt - ok 15:16:53.0531 2140 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi E:\WINDOWS\system32\DRIVERS\imapi.sys 15:16:53.0671 2140 Imapi - ok 15:16:53.0718 2140 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService E:\WINDOWS\System32\imapi.exe 15:16:53.0812 2140 ImapiService - ok 15:16:53.0812 2140 ini910u - ok 15:16:53.0968 2140 [ 2B1CDDFE53715372B2677ACE12FC9FE5 ] IntcAzAudAddService E:\WINDOWS\system32\drivers\RtkHDAud.sys 15:16:54.0140 2140 IntcAzAudAddService - ok 15:16:54.0156 2140 IntelIde - ok 15:16:54.0156 2140 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm E:\WINDOWS\system32\DRIVERS\intelppm.sys 15:16:54.0281 2140 intelppm - ok 15:16:54.0312 2140 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw E:\WINDOWS\system32\drivers\ip6fw.sys 15:16:54.0484 2140 ip6fw - ok 15:16:54.0515 2140 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver E:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:16:54.0625 2140 IpFilterDriver - ok 15:16:54.0656 2140 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp E:\WINDOWS\system32\DRIVERS\ipinip.sys 15:16:54.0781 2140 IpInIp - ok 15:16:54.0796 2140 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat E:\WINDOWS\system32\DRIVERS\ipnat.sys 15:16:54.0906 2140 IpNat - ok 15:16:54.0937 2140 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec E:\WINDOWS\system32\DRIVERS\ipsec.sys 15:16:55.0062 2140 IPSec - ok 15:16:55.0093 2140 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM E:\WINDOWS\system32\DRIVERS\irenum.sys 15:16:55.0218 2140 IRENUM - ok 15:16:55.0234 2140 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp E:\WINDOWS\system32\DRIVERS\isapnp.sys 15:16:55.0343 2140 isapnp - ok 15:16:55.0359 2140 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass E:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:16:55.0484 2140 Kbdclass - ok 15:16:55.0515 2140 [ 692BCF44383D056AED41B045A323D378 ] kmixer E:\WINDOWS\system32\drivers\kmixer.sys 15:16:55.0609 2140 kmixer - ok 15:16:55.0609 2140 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD E:\WINDOWS\system32\drivers\KSecDD.sys 15:16:55.0750 2140 KSecDD - ok 15:16:55.0765 2140 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] lanmanserver E:\WINDOWS\System32\srvsvc.dll 15:16:55.0875 2140 lanmanserver - ok 15:16:55.0906 2140 [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] lanmanworkstation E:\WINDOWS\System32\wkssvc.dll 15:16:56.0015 2140 lanmanworkstation - ok 15:16:56.0031 2140 lbrtfdc - ok 15:16:56.0031 2140 lmab_device - ok 15:16:56.0062 2140 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts E:\WINDOWS\System32\lmhsvc.dll 15:16:56.0156 2140 LmHosts - ok 15:16:56.0203 2140 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy E:\WINDOWS\system32\drivers\mbamswissarmy.sys 15:16:56.0328 2140 MBAMSwissArmy - ok 15:16:56.0343 2140 [ B7550A7107281D170CE85524B1488C98 ] Messenger E:\WINDOWS\System32\msgsvc.dll 15:16:56.0453 2140 Messenger - ok 15:16:56.0484 2140 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd E:\WINDOWS\system32\drivers\mnmdd.sys 15:16:56.0593 2140 mnmdd - ok 15:16:56.0625 2140 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc E:\WINDOWS\System32\mnmsrvc.exe 15:16:56.0750 2140 mnmsrvc - ok 15:16:56.0750 2140 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem E:\WINDOWS\system32\drivers\Modem.sys 15:16:56.0875 2140 Modem - ok 15:16:56.0937 2140 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt E:\WINDOWS\system32\drivers\Monfilt.sys 15:16:57.0109 2140 Monfilt - ok 15:16:57.0125 2140 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass E:\WINDOWS\system32\DRIVERS\mouclass.sys 15:16:57.0234 2140 Mouclass - ok 15:16:57.0250 2140 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr E:\WINDOWS\system32\drivers\MountMgr.sys 15:16:57.0390 2140 MountMgr - ok 15:16:57.0453 2140 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance E:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 15:16:57.0531 2140 MozillaMaintenance - ok 15:16:57.0546 2140 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter E:\WINDOWS\system32\DRIVERS\MpFilter.sys 15:16:57.0609 2140 MpFilter - ok 15:16:57.0625 2140 mraid35x - ok 15:16:57.0625 2140 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV E:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:16:57.0750 2140 MRxDAV - ok 15:16:57.0781 2140 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb E:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:16:57.0906 2140 MRxSmb - ok 15:16:57.0937 2140 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC E:\WINDOWS\System32\msdtc.exe 15:16:58.0046 2140 MSDTC - ok 15:16:58.0062 2140 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs E:\WINDOWS\system32\drivers\Msfs.sys 15:16:58.0218 2140 Msfs - ok 15:16:58.0218 2140 MSIServer - ok 15:16:58.0250 2140 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV E:\WINDOWS\system32\drivers\MSKSSRV.sys 15:16:58.0359 2140 MSKSSRV - ok 15:16:58.0421 2140 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc E:\Programme\Microsoft Security Client\MsMpEng.exe 15:16:58.0453 2140 MsMpSvc - ok 15:16:58.0484 2140 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK E:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:16:58.0578 2140 MSPCLOCK - ok 15:16:58.0609 2140 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM E:\WINDOWS\system32\drivers\MSPQM.sys 15:16:58.0718 2140 MSPQM - ok 15:16:58.0734 2140 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios E:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:16:58.0843 2140 mssmbios - ok 15:16:58.0859 2140 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup E:\WINDOWS\system32\drivers\Mup.sys 15:16:59.0000 2140 Mup - ok 15:16:59.0046 2140 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent E:\WINDOWS\System32\qagentrt.dll 15:16:59.0234 2140 napagent - ok 15:16:59.0265 2140 [ 1DF7F42665C94B825322FAE71721130D ] NDIS E:\WINDOWS\system32\drivers\NDIS.sys 15:16:59.0406 2140 NDIS - ok 15:16:59.0421 2140 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi E:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:16:59.0531 2140 NdisTapi - ok 15:16:59.0546 2140 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio E:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:16:59.0656 2140 Ndisuio - ok 15:16:59.0671 2140 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan E:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:16:59.0828 2140 NdisWan - ok 15:16:59.0843 2140 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy E:\WINDOWS\system32\drivers\NDProxy.sys 15:16:59.0968 2140 NDProxy - ok 15:16:59.0984 2140 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS E:\WINDOWS\system32\DRIVERS\netbios.sys 15:17:00.0093 2140 NetBIOS - ok 15:17:00.0125 2140 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT E:\WINDOWS\system32\DRIVERS\netbt.sys 15:17:00.0265 2140 NetBT - ok 15:17:00.0328 2140 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE E:\WINDOWS\system32\netdde.exe 15:17:00.0531 2140 NetDDE - ok 15:17:00.0562 2140 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm E:\WINDOWS\system32\netdde.exe 15:17:00.0765 2140 NetDDEdsdm - ok 15:17:00.0812 2140 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon E:\WINDOWS\System32\lsass.exe 15:17:00.0890 2140 Netlogon - ok 15:17:00.0937 2140 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman E:\WINDOWS\System32\netman.dll 15:17:01.0062 2140 Netman - ok 15:17:01.0109 2140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 15:17:01.0171 2140 NetTcpPortSharing - ok 15:17:01.0203 2140 [ F12B9D9A069331877D006CC81B4735F9 ] Nla E:\WINDOWS\System32\mswsock.dll 15:17:01.0296 2140 Nla - ok 15:17:01.0328 2140 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs E:\WINDOWS\system32\drivers\Npfs.sys 15:17:01.0437 2140 Npfs - ok 15:17:01.0468 2140 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs E:\WINDOWS\system32\drivers\Ntfs.sys 15:17:01.0640 2140 Ntfs - ok 15:17:01.0656 2140 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp E:\WINDOWS\System32\lsass.exe 15:17:01.0734 2140 NtLmSsp - ok 15:17:01.0765 2140 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc E:\WINDOWS\system32\ntmssvc.dll 15:17:01.0906 2140 NtmsSvc - ok 15:17:01.0937 2140 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null E:\WINDOWS\system32\drivers\Null.sys 15:17:02.0031 2140 Null - ok 15:17:02.0218 2140 [ 69CC3F6412875865DB687A487C5AF66E ] nv E:\WINDOWS\system32\DRIVERS\nv4_mini.sys 15:17:02.0515 2140 nv - ok 15:17:02.0578 2140 [ 28727D0F5CA6579890D0B6AD1598C935 ] NVENETFD E:\WINDOWS\system32\DRIVERS\NVENETFD.sys 15:17:02.0703 2140 NVENETFD - ok 15:17:02.0750 2140 [ AB899F1C08D01C2D2D14E45867A6982A ] NVHDA E:\WINDOWS\system32\drivers\nvhda32.sys 15:17:02.0812 2140 NVHDA - ok 15:17:02.0859 2140 [ A3CD61AF33E8B3CC2CC22BD37F867D54 ] nvnetbus E:\WINDOWS\system32\DRIVERS\nvnetbus.sys 15:17:02.0953 2140 nvnetbus - ok 15:17:03.0000 2140 [ 2A085AEC3AB2B1211611D2A7B9E22456 ] nvsmu E:\WINDOWS\system32\DRIVERS\nvsmu.sys 15:17:03.0078 2140 nvsmu - ok 15:17:03.0125 2140 [ AF80C3FB20B7681AB89E15310AE043C8 ] NVSvc E:\WINDOWS\System32\nvsvc32.exe 15:17:03.0156 2140 NVSvc - ok 15:17:03.0187 2140 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt E:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:17:03.0296 2140 NwlnkFlt - ok 15:17:03.0312 2140 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd E:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:17:03.0453 2140 NwlnkFwd - ok 15:17:03.0531 2140 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose E:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 15:17:03.0609 2140 ose - ok 15:17:03.0656 2140 [ F84785660305B9B903FB3BCA8BA29837 ] Parport E:\WINDOWS\system32\drivers\Parport.sys 15:17:03.0812 2140 Parport - ok 15:17:03.0828 2140 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr E:\WINDOWS\system32\drivers\PartMgr.sys 15:17:03.0953 2140 PartMgr - ok 15:17:03.0984 2140 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm E:\WINDOWS\system32\drivers\ParVdm.sys 15:17:04.0109 2140 ParVdm - ok 15:17:04.0265 2140 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI E:\WINDOWS\system32\DRIVERS\pci.sys 15:17:04.0421 2140 PCI - ok 15:17:04.0437 2140 PCIDump - ok 15:17:04.0437 2140 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde E:\WINDOWS\system32\DRIVERS\pciide.sys 15:17:04.0593 2140 PCIIde - ok 15:17:04.0609 2140 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia E:\WINDOWS\system32\drivers\Pcmcia.sys 15:17:04.0812 2140 Pcmcia - ok 15:17:04.0812 2140 PDCOMP - ok 15:17:04.0828 2140 PDFRAME - ok 15:17:04.0828 2140 PDRELI - ok 15:17:04.0843 2140 PDRFRAME - ok 15:17:04.0843 2140 perc2 - ok 15:17:04.0859 2140 perc2hib - ok 15:17:04.0906 2140 [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay E:\WINDOWS\system32\services.exe 15:17:05.0015 2140 PlugPlay - ok 15:17:05.0031 2140 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent E:\WINDOWS\System32\lsass.exe 15:17:05.0109 2140 PolicyAgent - ok 15:17:05.0156 2140 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport E:\WINDOWS\system32\DRIVERS\raspptp.sys 15:17:05.0328 2140 PptpMiniport - ok 15:17:05.0375 2140 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor E:\WINDOWS\system32\DRIVERS\processr.sys 15:17:05.0531 2140 Processor - ok 15:17:05.0562 2140 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage E:\WINDOWS\system32\lsass.exe 15:17:05.0640 2140 ProtectedStorage - ok 15:17:05.0671 2140 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched E:\WINDOWS\system32\DRIVERS\psched.sys 15:17:05.0812 2140 PSched - ok 15:17:05.0843 2140 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink E:\WINDOWS\system32\DRIVERS\ptilink.sys 15:17:05.0968 2140 Ptilink - ok 15:17:05.0984 2140 ql1080 - ok 15:17:05.0984 2140 Ql10wnt - ok 15:17:05.0984 2140 ql12160 - ok 15:17:05.0984 2140 ql1240 - ok 15:17:06.0000 2140 ql1280 - ok 15:17:06.0031 2140 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd E:\WINDOWS\system32\DRIVERS\rasacd.sys 15:17:06.0203 2140 RasAcd - ok 15:17:06.0218 2140 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto E:\WINDOWS\System32\rasauto.dll 15:17:06.0359 2140 RasAuto - ok 15:17:06.0375 2140 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp E:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:17:06.0515 2140 Rasl2tp - ok 15:17:06.0578 2140 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan E:\WINDOWS\System32\rasmans.dll 15:17:06.0687 2140 RasMan - ok 15:17:06.0703 2140 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe E:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:17:06.0843 2140 RasPppoe - ok 15:17:06.0859 2140 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti E:\WINDOWS\system32\DRIVERS\raspti.sys 15:17:06.0968 2140 Raspti - ok 15:17:07.0031 2140 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss E:\WINDOWS\system32\DRIVERS\rdbss.sys 15:17:07.0171 2140 Rdbss - ok 15:17:07.0187 2140 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD E:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:17:07.0296 2140 RDPCDD - ok 15:17:07.0343 2140 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD E:\WINDOWS\system32\drivers\RDPWD.sys 15:17:07.0546 2140 RDPWD - ok 15:17:07.0578 2140 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr E:\WINDOWS\system32\sessmgr.exe 15:17:07.0781 2140 RDSessMgr - ok 15:17:07.0812 2140 [ ED761D453856F795A7FE056E42C36365 ] redbook E:\WINDOWS\system32\DRIVERS\redbook.sys 15:17:07.0984 2140 redbook - ok 15:17:08.0046 2140 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess E:\WINDOWS\System32\mprdim.dll 15:17:08.0281 2140 RemoteAccess - ok 15:17:08.0359 2140 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator E:\WINDOWS\System32\locator.exe 15:17:08.0515 2140 RpcLocator - ok 15:17:08.0640 2140 [ E970C2296916BF4A2F958680016FE312 ] RpcSs E:\WINDOWS\system32\rpcss.dll 15:17:08.0750 2140 RpcSs - ok 15:17:08.0796 2140 [ C7C13D4F574CF7794348B3B2A3F198D8 ] RSUSBSTOR E:\WINDOWS\system32\Drivers\RtsUStor.sys 15:17:08.0859 2140 RSUSBSTOR - ok 15:17:08.0890 2140 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP E:\WINDOWS\System32\rsvp.exe 15:17:09.0046 2140 RSVP - ok 15:17:09.0171 2140 [ 4B0F4924376C1D6CE2955D2FA1E8C9D1 ] RT80x86 E:\WINDOWS\system32\DRIVERS\RT2860.sys 15:17:09.0296 2140 RT80x86 - ok 15:17:09.0296 2140 RtsUIR - ok 15:17:09.0312 2140 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs E:\WINDOWS\system32\lsass.exe 15:17:09.0390 2140 SamSs - ok 15:17:09.0421 2140 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr E:\WINDOWS\System32\SCardSvr.exe 15:17:09.0593 2140 SCardSvr - ok 15:17:09.0656 2140 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule E:\WINDOWS\system32\schedsvc.dll 15:17:09.0796 2140 Schedule - ok 15:17:10.0015 2140 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv E:\WINDOWS\system32\DRIVERS\secdrv.sys 15:17:10.0140 2140 Secdrv - ok 15:17:10.0203 2140 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon E:\WINDOWS\System32\seclogon.dll 15:17:10.0296 2140 seclogon - ok 15:17:10.0328 2140 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS E:\WINDOWS\system32\sens.dll 15:17:10.0437 2140 SENS - ok 15:17:10.0468 2140 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial E:\WINDOWS\system32\drivers\Serial.sys 15:17:10.0640 2140 Serial - ok 15:17:10.0812 2140 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy E:\WINDOWS\system32\drivers\Sfloppy.sys 15:17:10.0937 2140 Sfloppy - ok 15:17:11.0265 2140 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess E:\WINDOWS\System32\ipnathlp.dll 15:17:11.0562 2140 SharedAccess - ok 15:17:11.0796 2140 [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection E:\WINDOWS\System32\shsvcs.dll 15:17:11.0953 2140 ShellHWDetection - ok 15:17:11.0953 2140 Simbad - ok 15:17:11.0953 2140 Sparrow - ok 15:17:12.0125 2140 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter E:\WINDOWS\system32\drivers\splitter.sys 15:17:12.0250 2140 splitter - ok 15:17:12.0312 2140 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler E:\WINDOWS\system32\spoolsv.exe 15:17:12.0500 2140 Spooler - ok 15:17:12.0609 2140 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr E:\WINDOWS\system32\DRIVERS\sr.sys 15:17:12.0765 2140 sr - ok 15:17:12.0921 2140 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice E:\WINDOWS\System32\srsvc.dll 15:17:13.0078 2140 srservice - ok 15:17:13.0093 2140 [ 5252605079810904E31C332E241CD59B ] Srv E:\WINDOWS\system32\DRIVERS\srv.sys 15:17:13.0265 2140 Srv - ok 15:17:13.0421 2140 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV E:\WINDOWS\System32\ssdpsrv.dll 15:17:13.0546 2140 SSDPSRV - ok 15:17:13.0671 2140 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc E:\WINDOWS\system32\wiaservc.dll 15:17:14.0046 2140 stisvc - ok 15:17:14.0093 2140 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum E:\WINDOWS\system32\DRIVERS\swenum.sys 15:17:14.0203 2140 swenum - ok 15:17:14.0343 2140 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi E:\WINDOWS\system32\drivers\swmidi.sys 15:17:14.0453 2140 swmidi - ok 15:17:14.0453 2140 SwPrv - ok 15:17:14.0468 2140 symc810 - ok 15:17:14.0484 2140 symc8xx - ok 15:17:14.0500 2140 sym_hi - ok 15:17:14.0515 2140 sym_u3 - ok 15:17:14.0546 2140 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio E:\WINDOWS\system32\drivers\sysaudio.sys 15:17:14.0671 2140 sysaudio - ok 15:17:14.0796 2140 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog E:\WINDOWS\system32\smlogsvc.exe 15:17:15.0062 2140 SysmonLog - ok 15:17:15.0156 2140 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv E:\WINDOWS\System32\tapisrv.dll 15:17:15.0250 2140 TapiSrv - ok 15:17:15.0390 2140 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip E:\WINDOWS\system32\DRIVERS\tcpip.sys 15:17:15.0593 2140 Tcpip - ok 15:17:15.0640 2140 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE E:\WINDOWS\system32\drivers\TDPIPE.sys 15:17:15.0796 2140 TDPIPE - ok 15:17:15.0812 2140 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP E:\WINDOWS\system32\drivers\TDTCP.sys 15:17:15.0968 2140 TDTCP - ok 15:17:15.0984 2140 [ 88155247177638048422893737429D9E ] TermDD E:\WINDOWS\system32\DRIVERS\termdd.sys 15:17:16.0125 2140 TermDD - ok 15:17:16.0156 2140 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService E:\WINDOWS\System32\termsrv.dll 15:17:16.0250 2140 TermService - ok 15:17:16.0281 2140 [ 40602EBFBE06AA075C8E4560743F6883 ] Themes E:\WINDOWS\System32\shsvcs.dll 15:17:16.0359 2140 Themes - ok 15:17:16.0359 2140 TosIde - ok 15:17:16.0406 2140 [ 626504572B175867F30F3215C04B3E2F ] TrkWks E:\WINDOWS\system32\trkwks.dll 15:17:16.0531 2140 TrkWks - ok 15:17:16.0546 2140 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs E:\WINDOWS\system32\drivers\Udfs.sys 15:17:16.0687 2140 Udfs - ok 15:17:16.0703 2140 ultra - ok 15:17:16.0750 2140 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update E:\WINDOWS\system32\DRIVERS\update.sys 15:17:16.0859 2140 Update - ok 15:17:16.0906 2140 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost E:\WINDOWS\System32\upnphost.dll 15:17:17.0046 2140 upnphost - ok 15:17:17.0062 2140 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS E:\WINDOWS\System32\ups.exe 15:17:17.0234 2140 UPS - ok 15:17:17.0234 2140 USBCCID - ok 15:17:17.0250 2140 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci E:\WINDOWS\system32\DRIVERS\usbehci.sys 15:17:17.0375 2140 usbehci - ok 15:17:17.0406 2140 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub E:\WINDOWS\system32\DRIVERS\usbhub.sys 15:17:17.0546 2140 usbhub - ok 15:17:17.0562 2140 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci E:\WINDOWS\system32\DRIVERS\usbohci.sys 15:17:17.0687 2140 usbohci - ok 15:17:17.0718 2140 [ A717C8721046828520C9EDF31288FC00 ] usbprint E:\WINDOWS\system32\DRIVERS\usbprint.sys 15:17:18.0359 2140 usbprint - ok 15:17:18.0390 2140 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:17:18.0546 2140 usbstor - ok 15:17:18.0578 2140 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave E:\WINDOWS\System32\drivers\vga.sys 15:17:18.0718 2140 VgaSave - ok 15:17:18.0718 2140 ViaIde - ok 15:17:18.0750 2140 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap E:\WINDOWS\system32\drivers\VolSnap.sys 15:17:18.0890 2140 VolSnap - ok 15:17:18.0937 2140 [ 68F106273BE29E7B7EF8266977268E78 ] VSS E:\WINDOWS\System32\vssvc.exe 15:17:19.0125 2140 VSS - ok 15:17:19.0156 2140 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time E:\WINDOWS\System32\w32time.dll 15:17:19.0281 2140 W32Time - ok 15:17:19.0328 2140 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp E:\WINDOWS\system32\DRIVERS\wanarp.sys 15:17:19.0437 2140 Wanarp - ok 15:17:19.0453 2140 WDICA - ok 15:17:19.0468 2140 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud E:\WINDOWS\system32\drivers\wdmaud.sys 15:17:19.0578 2140 wdmaud - ok 15:17:19.0625 2140 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient E:\WINDOWS\System32\webclnt.dll 15:17:19.0781 2140 WebClient - ok 15:17:19.0859 2140 winmgmt - ok 15:17:19.0921 2140 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN E:\WINDOWS\System32\mspmsnsv.dll 15:17:20.0062 2140 WmdmPmSN - ok 15:17:20.0109 2140 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi E:\WINDOWS\system32\DRIVERS\wmiacpi.sys 15:17:20.0218 2140 WmiAcpi - ok 15:17:20.0281 2140 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv E:\WINDOWS\System32\wbem\wmiapsrv.exe 15:17:20.0468 2140 WmiApSrv - ok 15:17:20.0625 2140 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 15:17:20.0859 2140 WPFFontCache_v0400 - ok 15:17:20.0906 2140 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL E:\WINDOWS\System32\drivers\ws2ifsl.sys 15:17:21.0046 2140 WS2IFSL - ok 15:17:21.0093 2140 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc E:\WINDOWS\system32\wscsvc.dll 15:17:21.0265 2140 wscsvc - ok 15:17:21.0343 2140 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv E:\WINDOWS\system32\wuauserv.dll 15:17:21.0468 2140 wuauserv - ok 15:17:21.0578 2140 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC E:\WINDOWS\System32\wzcsvc.dll 15:17:21.0718 2140 WZCSVC - ok 15:17:21.0750 2140 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov E:\WINDOWS\System32\xmlprov.dll 15:17:21.0921 2140 xmlprov - ok 15:17:21.0968 2140 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService E:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe 15:17:22.0265 2140 YahooAUService - ok 15:17:22.0265 2140 ================ Scan global =============================== 15:17:22.0312 2140 [ 2C60091CA5F67C3032EAB3B30390C27F ] E:\WINDOWS\system32\basesrv.dll 15:17:22.0359 2140 [ 4CD408F799D4A72B0DE1F1116A77A48E ] E:\WINDOWS\system32\winsrv.dll 15:17:22.0406 2140 [ 4CD408F799D4A72B0DE1F1116A77A48E ] E:\WINDOWS\system32\winsrv.dll 15:17:22.0421 2140 [ 4BB6A83640F1D1792AD21CE767B621C6 ] E:\WINDOWS\system32\services.exe 15:17:22.0421 2140 [Global] - ok 15:17:22.0421 2140 ================ Scan MBR ================================== 15:17:22.0437 2140 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 15:17:22.0718 2140 \Device\Harddisk0\DR0 - ok 15:17:22.0718 2140 ================ Scan VBR ================================== 15:17:22.0718 2140 [ F6AEB760BDB4241C895660634A48C687 ] \Device\Harddisk0\DR0\Partition1 15:17:22.0718 2140 \Device\Harddisk0\DR0\Partition1 - ok 15:17:22.0750 2140 [ E71D37667C41BD5CDE024824CCBC6BEA ] \Device\Harddisk0\DR0\Partition2 15:17:22.0750 2140 \Device\Harddisk0\DR0\Partition2 - ok 15:17:22.0750 2140 ================ Scan active images ======================== 15:17:22.0750 2140 [ E283B97CFBEB86C1D86BAED5F7846A92 ] E:\WINDOWS\system32\drivers\i8042prt.sys 15:17:22.0750 2140 E:\WINDOWS\system32\drivers\i8042prt.sys - ok 15:17:22.0765 2140 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] E:\WINDOWS\system32\drivers\intelppm.sys 15:17:22.0765 2140 E:\WINDOWS\system32\drivers\intelppm.sys - ok 15:17:22.0765 2140 [ 1704D8C4C8807B889E43C649B478A452 ] E:\WINDOWS\system32\drivers\kbdclass.sys 15:17:22.0765 2140 E:\WINDOWS\system32\drivers\kbdclass.sys - ok 15:17:22.0765 2140 [ 0F6C187D38D98F8DF904589A5F94D411 ] E:\WINDOWS\system32\drivers\cmbatt.sys 15:17:22.0765 2140 E:\WINDOWS\system32\drivers\cmbatt.sys - ok 15:17:22.0765 2140 [ B24CE8005DEAB254C0251E15CB71D802 ] E:\WINDOWS\system32\drivers\mouclass.sys 15:17:22.0765 2140 E:\WINDOWS\system32\drivers\mouclass.sys - ok 15:17:22.0765 2140 [ C42584FD66CE9E17403AEBCA199F7BDB ] E:\WINDOWS\system32\drivers\wmiacpi.sys 15:17:22.0765 2140 E:\WINDOWS\system32\drivers\wmiacpi.sys - ok 15:17:22.0781 2140 [ 573C7D0A32852B48F3058CFD8026F511 ] E:\WINDOWS\system32\drivers\hdaudbus.sys 15:17:22.0781 2140 E:\WINDOWS\system32\drivers\hdaudbus.sys - ok 15:17:22.0781 2140 [ 2A085AEC3AB2B1211611D2A7B9E22456 ] E:\WINDOWS\system32\drivers\nvsmu.sys 15:17:22.0781 2140 E:\WINDOWS\system32\drivers\nvsmu.sys - ok 15:17:22.0781 2140 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] E:\WINDOWS\system32\drivers\usbehci.sys 15:17:22.0781 2140 E:\WINDOWS\system32\drivers\usbehci.sys - ok 15:17:22.0781 2140 [ 0DAECCE65366EA32B162F85F07C6753B ] E:\WINDOWS\system32\drivers\usbohci.sys 15:17:22.0781 2140 E:\WINDOWS\system32\drivers\usbohci.sys - ok 15:17:22.0796 2140 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] E:\WINDOWS\system32\drivers\usbport.sys 15:17:22.0796 2140 E:\WINDOWS\system32\drivers\usbport.sys - ok 15:17:22.0796 2140 [ 42DDEC86AF1378BD6E5FFC0D2C8E9F40 ] E:\WINDOWS\system32\drivers\nvnrm.sys 15:17:22.0796 2140 E:\WINDOWS\system32\drivers\nvnrm.sys - ok 15:17:22.0796 2140 [ 083A052659F5310DD8B6A6CB05EDCF8E ] E:\WINDOWS\system32\drivers\imapi.sys 15:17:22.0796 2140 E:\WINDOWS\system32\drivers\imapi.sys - ok 15:17:22.0796 2140 [ A3CD61AF33E8B3CC2CC22BD37F867D54 ] E:\WINDOWS\system32\drivers\nvnetbus.sys 15:17:22.0796 2140 E:\WINDOWS\system32\drivers\nvnetbus.sys - ok 15:17:22.0796 2140 [ 1F4260CC5B42272D71F79E570A27A4FE ] E:\WINDOWS\system32\drivers\cdrom.sys 15:17:22.0796 2140 E:\WINDOWS\system32\drivers\cdrom.sys - ok 15:17:22.0812 2140 [ 0753515F78DF7F271A5E61C20BCD36A1 ] E:\WINDOWS\system32\drivers\ks.sys 15:17:22.0812 2140 E:\WINDOWS\system32\drivers\ks.sys - ok 15:17:22.0812 2140 [ ED761D453856F795A7FE056E42C36365 ] E:\WINDOWS\system32\drivers\redbook.sys 15:17:22.0812 2140 E:\WINDOWS\system32\drivers\redbook.sys - ok 15:17:22.0812 2140 [ E28726B72C46821A28830E077D39A55B ] E:\WINDOWS\system32\drivers\videoprt.sys 15:17:22.0812 2140 E:\WINDOWS\system32\drivers\videoprt.sys - ok 15:17:22.0812 2140 [ 69CC3F6412875865DB687A487C5AF66E ] E:\WINDOWS\system32\drivers\nv4_mini.sys 15:17:22.0812 2140 E:\WINDOWS\system32\drivers\nv4_mini.sys - ok 15:17:22.0812 2140 [ 4B0F4924376C1D6CE2955D2FA1E8C9D1 ] E:\WINDOWS\system32\drivers\rt2860.sys 15:17:22.0812 2140 E:\WINDOWS\system32\drivers\rt2860.sys - ok 15:17:22.0828 2140 [ D9F724AA26C010A217C97606B160ED68 ] E:\WINDOWS\system32\drivers\audstub.sys 15:17:22.0828 2140 E:\WINDOWS\system32\drivers\audstub.sys - ok 15:17:22.0828 2140 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] E:\WINDOWS\system32\drivers\rasl2tp.sys 15:17:22.0828 2140 E:\WINDOWS\system32\drivers\rasl2tp.sys - ok 15:17:22.0843 2140 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] E:\WINDOWS\system32\drivers\ndistapi.sys 15:17:22.0843 2140 E:\WINDOWS\system32\drivers\ndistapi.sys - ok 15:17:22.0843 2140 [ EDC1531A49C80614B2CFDA43CA8659AB ] E:\WINDOWS\system32\drivers\ndiswan.sys 15:17:22.0843 2140 E:\WINDOWS\system32\drivers\ndiswan.sys - ok 15:17:22.0843 2140 [ 5BC962F2654137C9909C3D4603587DEE ] E:\WINDOWS\system32\drivers\raspppoe.sys 15:17:22.0843 2140 E:\WINDOWS\system32\drivers\raspppoe.sys - ok 15:17:22.0843 2140 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] E:\WINDOWS\system32\drivers\raspptp.sys 15:17:22.0843 2140 E:\WINDOWS\system32\drivers\raspptp.sys - ok 15:17:22.0859 2140 [ 0539D5E53587F82D1B4FD74C5BE205CF ] E:\WINDOWS\system32\drivers\tdi.sys 15:17:22.0859 2140 E:\WINDOWS\system32\drivers\tdi.sys - ok 15:17:22.0859 2140 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] E:\WINDOWS\system32\drivers\msgpc.sys 15:17:22.0859 2140 E:\WINDOWS\system32\drivers\msgpc.sys - ok 15:17:22.0859 2140 [ 09298EC810B07E5D582CB3A3F9255424 ] E:\WINDOWS\system32\drivers\psched.sys 15:17:22.0859 2140 E:\WINDOWS\system32\drivers\psched.sys - ok 15:17:22.0859 2140 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] E:\WINDOWS\system32\drivers\ptilink.sys 15:17:22.0859 2140 E:\WINDOWS\system32\drivers\ptilink.sys - ok 15:17:22.0859 2140 [ FDBB1D60066FCFBB7452FD8F9829B242 ] E:\WINDOWS\system32\drivers\raspti.sys 15:17:22.0859 2140 E:\WINDOWS\system32\drivers\raspti.sys - ok 15:17:22.0875 2140 [ 88155247177638048422893737429D9E ] E:\WINDOWS\system32\drivers\termdd.sys 15:17:22.0875 2140 E:\WINDOWS\system32\drivers\termdd.sys - ok 15:17:22.0875 2140 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] E:\WINDOWS\system32\drivers\swenum.sys 15:17:22.0875 2140 E:\WINDOWS\system32\drivers\swenum.sys - ok 15:17:22.0875 2140 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] E:\WINDOWS\system32\drivers\update.sys 15:17:22.0875 2140 E:\WINDOWS\system32\drivers\update.sys - ok 15:17:22.0875 2140 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] E:\WINDOWS\system32\drivers\mssmbios.sys 15:17:22.0875 2140 E:\WINDOWS\system32\drivers\mssmbios.sys - ok 15:17:22.0875 2140 [ 6215023940CFD3702B46ABC304E1D45A ] E:\WINDOWS\system32\drivers\ndproxy.sys 15:17:22.0875 2140 E:\WINDOWS\system32\drivers\ndproxy.sys - ok 15:17:22.0890 2140 [ 596EB39B50D6EBD9B734DC4AE0544693 ] E:\WINDOWS\system32\drivers\usbd.sys 15:17:22.0890 2140 E:\WINDOWS\system32\drivers\usbd.sys - ok 15:17:22.0890 2140 [ 1AB3CDDE553B6E064D2E754EFE20285C ] E:\WINDOWS\system32\drivers\usbhub.sys 15:17:22.0890 2140 E:\WINDOWS\system32\drivers\usbhub.sys - ok 15:17:22.0890 2140 [ 28727D0F5CA6579890D0B6AD1598C935 ] E:\WINDOWS\system32\drivers\NVENETFD.sys 15:17:22.0890 2140 E:\WINDOWS\system32\drivers\NVENETFD.sys - ok 15:17:22.0890 2140 [ 6CB08593487F5701D2D2254E693EAFCE ] E:\WINDOWS\system32\drivers\drmk.sys 15:17:22.0890 2140 E:\WINDOWS\system32\drivers\drmk.sys - ok 15:17:22.0890 2140 [ E82A496C3961EFC6828B508C310CE98F ] E:\WINDOWS\system32\drivers\portcls.sys 15:17:22.0890 2140 E:\WINDOWS\system32\drivers\portcls.sys - ok 15:17:22.0906 2140 [ 2B1CDDFE53715372B2677ACE12FC9FE5 ] E:\WINDOWS\system32\drivers\RtkHDAud.sys 15:17:22.0906 2140 E:\WINDOWS\system32\drivers\RtkHDAud.sys - ok 15:17:22.0906 2140 [ AB899F1C08D01C2D2D14E45867A6982A ] E:\WINDOWS\system32\drivers\nvhda32.sys 15:17:22.0906 2140 E:\WINDOWS\system32\drivers\nvhda32.sys - ok 15:17:22.0906 2140 [ DA1F27D85E0D1525F6621372E7B685E9 ] E:\WINDOWS\system32\drivers\beep.sys 15:17:22.0906 2140 E:\WINDOWS\system32\drivers\beep.sys - ok 15:17:22.0906 2140 [ C1B486A7658353D33A10CC15211A873B ] E:\WINDOWS\system32\drivers\cdaudio.sys 15:17:22.0906 2140 E:\WINDOWS\system32\drivers\cdaudio.sys - ok 15:17:22.0906 2140 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] E:\WINDOWS\system32\drivers\fdc.sys 15:17:22.0906 2140 E:\WINDOWS\system32\drivers\fdc.sys - ok 15:17:22.0921 2140 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] E:\WINDOWS\system32\drivers\flpydisk.sys 15:17:22.0921 2140 E:\WINDOWS\system32\drivers\flpydisk.sys - ok 15:17:22.0921 2140 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] E:\WINDOWS\system32\drivers\fs_rec.sys 15:17:22.0921 2140 E:\WINDOWS\system32\drivers\fs_rec.sys - ok 15:17:22.0921 2140 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] E:\WINDOWS\system32\drivers\null.sys 15:17:22.0921 2140 E:\WINDOWS\system32\drivers\null.sys - ok 15:17:22.0921 2140 [ 8E6B8C671615D126FDC553D1E2DE5562 ] E:\WINDOWS\system32\drivers\sfloppy.sys 15:17:22.0921 2140 E:\WINDOWS\system32\drivers\sfloppy.sys - ok 15:17:22.0937 2140 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] E:\WINDOWS\system32\drivers\vga.sys 15:17:22.0937 2140 E:\WINDOWS\system32\drivers\vga.sys - ok 15:17:22.0937 2140 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] E:\WINDOWS\system32\drivers\mnmdd.sys 15:17:22.0937 2140 E:\WINDOWS\system32\drivers\mnmdd.sys - ok 15:17:22.0937 2140 [ 4912D5B403614CE99C28420F75353332 ] E:\WINDOWS\system32\drivers\rdpcdd.sys 15:17:22.0937 2140 E:\WINDOWS\system32\drivers\rdpcdd.sys - ok 15:17:22.0937 2140 [ C941EA2454BA8350021D774DAF0F1027 ] E:\WINDOWS\system32\drivers\msfs.sys 15:17:22.0937 2140 E:\WINDOWS\system32\drivers\msfs.sys - ok 15:17:22.0953 2140 [ 23C74D75E36E7158768DD63D92789A91 ] E:\WINDOWS\system32\drivers\ipsec.sys 15:17:22.0953 2140 E:\WINDOWS\system32\drivers\ipsec.sys - ok 15:17:22.0953 2140 [ 3182D64AE053D6FB034F44B6DEF8034A ] E:\WINDOWS\system32\drivers\npfs.sys 15:17:22.0953 2140 E:\WINDOWS\system32\drivers\npfs.sys - ok 15:17:22.0953 2140 [ FE0D99D6F31E4FAD8159F690D68DED9C ] E:\WINDOWS\system32\drivers\rasacd.sys 15:17:22.0953 2140 E:\WINDOWS\system32\drivers\rasacd.sys - ok 15:17:22.0953 2140 [ 93EA8D04EC73A85DB02EB8805988F733 ] E:\WINDOWS\system32\drivers\tcpip.sys 15:17:22.0953 2140 E:\WINDOWS\system32\drivers\tcpip.sys - ok 15:17:22.0953 2140 [ 322D0E36693D6E24A2398BEE62A268CD ] E:\WINDOWS\system32\drivers\afd.sys 15:17:22.0953 2140 E:\WINDOWS\system32\drivers\afd.sys - ok 15:17:22.0968 2140 [ CC748EA12C6EFFDE940EE98098BF96BB ] E:\WINDOWS\system32\drivers\ipnat.sys 15:17:22.0968 2140 E:\WINDOWS\system32\drivers\ipnat.sys - ok 15:17:22.0968 2140 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] E:\WINDOWS\system32\drivers\netbios.sys 15:17:22.0968 2140 E:\WINDOWS\system32\drivers\netbios.sys - ok 15:17:22.0968 2140 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] E:\WINDOWS\system32\drivers\netbt.sys 15:17:22.0968 2140 E:\WINDOWS\system32\drivers\netbt.sys - ok 15:17:22.0968 2140 [ E20B95BAEDB550F32DD489265C1DA1F6 ] E:\WINDOWS\system32\drivers\wanarp.sys 15:17:22.0968 2140 E:\WINDOWS\system32\drivers\wanarp.sys - ok 15:17:22.0968 2140 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] E:\WINDOWS\system32\drivers\ws2ifsl.sys 15:17:22.0968 2140 E:\WINDOWS\system32\drivers\ws2ifsl.sys - ok 15:17:22.0984 2140 [ 2CB55427C58679F49AD600FCCBA76360 ] E:\WINDOWS\system32\drivers\processr.sys 15:17:22.0984 2140 E:\WINDOWS\system32\drivers\processr.sys - ok 15:17:22.0984 2140 [ 7AD224AD1A1437FE28D89CF22B17780A ] E:\WINDOWS\system32\drivers\rdbss.sys 15:17:22.0984 2140 E:\WINDOWS\system32\drivers\rdbss.sys - ok 15:17:22.0984 2140 [ 68755F0FF16070178B54674FE5B847B0 ] E:\WINDOWS\system32\drivers\mrxsmb.sys 15:17:22.0984 2140 E:\WINDOWS\system32\drivers\mrxsmb.sys - ok 15:17:22.0984 2140 [ B0678A548587C5F1967B0D70BACAD6C1 ] E:\WINDOWS\system32\drivers\fips.sys 15:17:22.0984 2140 E:\WINDOWS\system32\drivers\fips.sys - ok 15:17:22.0984 2140 [ B3EFDE4B2CC3AC949BCDE7A89712AFCF ] E:\WINDOWS\system32\smss.exe 15:17:22.0984 2140 E:\WINDOWS\system32\smss.exe - ok 15:17:23.0000 2140 [ 95092EFBE367A108ECDD5D6E439754C3 ] E:\WINDOWS\system32\ntdll.dll 15:17:23.0000 2140 E:\WINDOWS\system32\ntdll.dll - ok 15:17:23.0000 2140 [ 813DB4805C6EF1D8A86EAF530597EAB7 ] E:\WINDOWS\system32\autochk.exe 15:17:23.0000 2140 E:\WINDOWS\system32\autochk.exe - ok 15:17:23.0000 2140 [ C7C13D4F574CF7794348B3B2A3F198D8 ] E:\WINDOWS\system32\drivers\RtsUStor.sys 15:17:23.0000 2140 E:\WINDOWS\system32\drivers\RtsUStor.sys - ok 15:17:23.0000 2140 [ 5251425B86EA4A3532B8BB8D14044E61 ] E:\WINDOWS\system32\sfcfiles.dll 15:17:23.0000 2140 E:\WINDOWS\system32\sfcfiles.dll - ok 15:17:23.0000 2140 [ C885B02847F5D2FD45A24E219ED93B32 ] E:\WINDOWS\system32\drivers\cdfs.sys 15:17:23.0000 2140 E:\WINDOWS\system32\drivers\cdfs.sys - ok 15:17:23.0015 2140 [ 2F31B7F954BED437F2C75026C65CAF7B ] E:\WINDOWS\system32\drivers\wmilib.sys 15:17:23.0015 2140 E:\WINDOWS\system32\drivers\wmilib.sys - ok 15:17:23.0015 2140 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] E:\WINDOWS\system32\drivers\atapi.sys 15:17:23.0015 2140 E:\WINDOWS\system32\drivers\atapi.sys - ok 15:17:23.0015 2140 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] E:\WINDOWS\system32\drivers\dxapi.sys 15:17:23.0015 2140 E:\WINDOWS\system32\drivers\dxapi.sys - ok 15:17:23.0015 2140 [ 9A10AACBFDC4922715375FB4065EC930 ] E:\WINDOWS\system32\watchdog.sys 15:17:23.0015 2140 E:\WINDOWS\system32\watchdog.sys - ok 15:17:23.0031 2140 [ 261BC0644BEFEF7D3DB5E45D244866FA ] E:\WINDOWS\system32\win32k.sys 15:17:23.0031 2140 E:\WINDOWS\system32\win32k.sys - ok 15:17:23.0031 2140 [ 2C60091CA5F67C3032EAB3B30390C27F ] E:\WINDOWS\system32\basesrv.dll 15:17:23.0031 2140 E:\WINDOWS\system32\basesrv.dll - ok 15:17:23.0031 2140 [ D192E1ECA15213F90601FF4DF5683C15 ] E:\WINDOWS\system32\csrsrv.dll 15:17:23.0031 2140 E:\WINDOWS\system32\csrsrv.dll - ok 15:17:23.0031 2140 [ 9B22AAE3566AEFEE33CE498DBE0D2FD2 ] E:\WINDOWS\system32\csrss.exe 15:17:23.0031 2140 E:\WINDOWS\system32\csrss.exe - ok 15:17:23.0031 2140 [ ADDA37626598A6F5ED786195EAC26A4F ] E:\WINDOWS\system32\gdi32.dll 15:17:23.0031 2140 E:\WINDOWS\system32\gdi32.dll - ok 15:17:23.0046 2140 [ 4C897C69754D88F496339B1A666907C1 ] E:\WINDOWS\system32\kernel32.dll 15:17:23.0046 2140 E:\WINDOWS\system32\kernel32.dll - ok 15:17:23.0046 2140 [ 4CD408F799D4A72B0DE1F1116A77A48E ] E:\WINDOWS\system32\winsrv.dll 15:17:23.0046 2140 E:\WINDOWS\system32\winsrv.dll - ok 15:17:23.0046 2140 [ B0050CC5340E3A0760DD8B417FF7AEBD ] E:\WINDOWS\system32\user32.dll 15:17:23.0046 2140 E:\WINDOWS\system32\user32.dll - ok 15:17:23.0046 2140 [ AC7280566A7BB85CB3291F04DDC1198E ] E:\WINDOWS\system32\drivers\dxg.sys 15:17:23.0046 2140 E:\WINDOWS\system32\drivers\dxg.sys - ok 15:17:23.0046 2140 [ A73F5D6705B1D820C19B18782E176EFD ] E:\WINDOWS\system32\drivers\dxgthk.sys 15:17:23.0046 2140 E:\WINDOWS\system32\drivers\dxgthk.sys - ok 15:17:23.0062 2140 [ 6BDDA3A99C84C2F3467392D4C6EDAC1F ] E:\WINDOWS\system32\nv4_disp.dll 15:17:23.0062 2140 E:\WINDOWS\system32\nv4_disp.dll - ok 15:17:23.0062 2140 [ 95C6B8206B8A55D89CD517675583AA4B ] E:\WINDOWS\system32\vga.dll 15:17:23.0062 2140 E:\WINDOWS\system32\vga.dll - ok 15:17:23.0062 2140 [ F09A527B422E25C478E38CAA0E44417A ] E:\WINDOWS\system32\winlogon.exe 15:17:23.0062 2140 E:\WINDOWS\system32\winlogon.exe - ok 15:17:23.0062 2140 [ 53E1CCF332A2F40B5E08476921CD8B44 ] E:\WINDOWS\system32\advapi32.dll 15:17:23.0062 2140 E:\WINDOWS\system32\advapi32.dll - ok 15:17:23.0078 2140 [ E7E67C2EE5A306B2AF30D4B446248E34 ] E:\WINDOWS\system32\rpcrt4.dll 15:17:23.0093 2140 E:\WINDOWS\system32\rpcrt4.dll - ok 15:17:23.0093 2140 [ 8B171E51F5486FC0ACE108BE3E76B1E0 ] E:\WINDOWS\system32\authz.dll 15:17:23.0093 2140 E:\WINDOWS\system32\authz.dll - ok 15:17:23.0093 2140 [ C6A6E53A0C34EC87883137A6CB87AE5E ] E:\WINDOWS\system32\msvcrt.dll 15:17:23.0093 2140 E:\WINDOWS\system32\msvcrt.dll - ok 15:17:23.0093 2140 [ 7CB4DF6D66F99E6C5E09ADFBE29E0275 ] E:\WINDOWS\system32\secur32.dll 15:17:23.0093 2140 E:\WINDOWS\system32\secur32.dll - ok 15:17:23.0109 2140 [ 7727D9C5FFB84E103484D52F978D5DC6 ] E:\WINDOWS\system32\crypt32.dll 15:17:23.0109 2140 E:\WINDOWS\system32\crypt32.dll - ok 15:17:23.0109 2140 [ AE8ACAD9F6931ECC0BD9A3751A0AB0C4 ] E:\WINDOWS\system32\msasn1.dll 15:17:23.0109 2140 E:\WINDOWS\system32\msasn1.dll - ok 15:17:23.0109 2140 [ E500CB5F6FE4C1AF388608A54B32E7F7 ] E:\WINDOWS\system32\nddeapi.dll 15:17:23.0109 2140 E:\WINDOWS\system32\nddeapi.dll - ok 15:17:23.0109 2140 [ 7B40A9A5029111D94AB6B97AF0C9FA5E ] E:\WINDOWS\system32\netapi32.dll 15:17:23.0109 2140 E:\WINDOWS\system32\netapi32.dll - ok 15:17:23.0125 2140 [ B50FBE927DA41AB4A151663F59664B82 ] E:\WINDOWS\system32\profmap.dll 15:17:23.0125 2140 E:\WINDOWS\system32\profmap.dll - ok 15:17:23.0125 2140 [ 8CB206B85C69B8FB0E7AD1E949BF3194 ] E:\WINDOWS\system32\userenv.dll 15:17:23.0125 2140 E:\WINDOWS\system32\userenv.dll - ok 15:17:23.0125 2140 [ D0112D84372AB2C47DC9755696354CE6 ] E:\WINDOWS\system32\psapi.dll 15:17:23.0125 2140 E:\WINDOWS\system32\psapi.dll - ok 15:17:23.0125 2140 [ 06C0391672FB97E017B431076F455857 ] E:\WINDOWS\system32\regapi.dll 15:17:23.0125 2140 E:\WINDOWS\system32\regapi.dll - ok 15:17:23.0125 2140 [ 5B04BC7C5AF0E2A0A8EC402B2FCBD9E5 ] E:\WINDOWS\system32\setupapi.dll 15:17:23.0125 2140 E:\WINDOWS\system32\setupapi.dll - ok 15:17:23.0140 2140 [ 24EEC6968BF76464609B2C96523976B8 ] E:\WINDOWS\system32\imagehlp.dll 15:17:23.0140 2140 E:\WINDOWS\system32\imagehlp.dll - ok 15:17:23.0140 2140 [ F86000634319F71535BCE6B06995EE99 ] E:\WINDOWS\system32\version.dll 15:17:23.0140 2140 E:\WINDOWS\system32\version.dll - ok 15:17:23.0140 2140 [ 455AEC2D466FB582D1CB0EF49CE8EDEC ] E:\WINDOWS\system32\winsta.dll 15:17:23.0140 2140 E:\WINDOWS\system32\winsta.dll - ok 15:17:23.0140 2140 [ 493A290C0D641E22578129BE23F2CA82 ] E:\WINDOWS\system32\wintrust.dll 15:17:23.0140 2140 E:\WINDOWS\system32\wintrust.dll - ok 15:17:23.0156 2140 [ F9954695D246B33A5BF105029A4C6AB6 ] E:\WINDOWS\system32\imm32.dll 15:17:23.0156 2140 E:\WINDOWS\system32\imm32.dll - ok 15:17:23.0156 2140 [ C7D8A0517CBF16B84F657DE87EBE9D4B ] E:\WINDOWS\system32\ws2help.dll 15:17:23.0156 2140 E:\WINDOWS\system32\ws2help.dll - ok 15:17:23.0156 2140 [ 6A35E2D6F5F052C84EC2CEB296389439 ] E:\WINDOWS\system32\ws2_32.dll 15:17:23.0156 2140 E:\WINDOWS\system32\ws2_32.dll - ok 15:17:23.0156 2140 [ 3C1708C5C05910FE495D832C6536ED78 ] E:\WINDOWS\system32\kbdgr.dll 15:17:23.0156 2140 E:\WINDOWS\system32\kbdgr.dll - ok 15:17:23.0171 2140 [ 56C5B179FE3308B655EB6208C3256FEC ] E:\WINDOWS\system32\kbdus.dll 15:17:23.0171 2140 E:\WINDOWS\system32\kbdus.dll - ok 15:17:23.0171 2140 [ BEEB23CAA0A08CBECB13D55C1922C86E ] E:\WINDOWS\system32\msgina.dll 15:17:23.0171 2140 E:\WINDOWS\system32\msgina.dll - ok 15:17:23.0171 2140 [ AD28671D1B83A386B070DC451A113C13 ] E:\WINDOWS\system32\comctl32.dll 15:17:23.0171 2140 E:\WINDOWS\system32\comctl32.dll - ok 15:17:23.0171 2140 [ 96E31F7B305D0CD510950B945E2ED829 ] E:\WINDOWS\system32\comdlg32.dll 15:17:23.0171 2140 E:\WINDOWS\system32\comdlg32.dll - ok 15:17:23.0171 2140 [ 220A7166831EE2B71F07010E70AFA34A ] E:\WINDOWS\system32\odbc32.dll 15:17:23.0171 2140 E:\WINDOWS\system32\odbc32.dll - ok 15:17:23.0187 2140 [ 0721590C8C1E99FB4286F1EEA65731C2 ] E:\WINDOWS\system32\shell32.dll 15:17:23.0187 2140 E:\WINDOWS\system32\shell32.dll - ok 15:17:23.0187 2140 [ 21F5F91A49CADC4AB873417F54D17D25 ] E:\WINDOWS\system32\shlwapi.dll 15:17:23.0187 2140 E:\WINDOWS\system32\shlwapi.dll - ok 15:17:23.0187 2140 [ 353FC7A3091E25F831439E94082C9B35 ] E:\WINDOWS\system32\sxs.dll 15:17:23.0187 2140 E:\WINDOWS\system32\sxs.dll - ok 15:17:23.0187 2140 [ 3C93CE6C6985C55952B7BE6673E9FD15 ] E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll 15:17:23.0187 2140 E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - ok 15:17:23.0187 2140 [ 4E7F74CFC0DBB2DB988A8A460A603407 ] E:\WINDOWS\system32\odbcint.dll 15:17:23.0187 2140 E:\WINDOWS\system32\odbcint.dll - ok 15:17:23.0203 2140 [ 40602EBFBE06AA075C8E4560743F6883 ] E:\WINDOWS\system32\shsvcs.dll 15:17:23.0203 2140 E:\WINDOWS\system32\shsvcs.dll - ok 15:17:23.0203 2140 [ E08D638BA3D3DD6DF6E31216AB66AE0B ] E:\WINDOWS\system32\ole32.dll 15:17:23.0203 2140 E:\WINDOWS\system32\ole32.dll - ok 15:17:23.0203 2140 [ 44161A59DC33AC2EA9C95438ADFFFB7F ] E:\WINDOWS\system32\sfc.dll 15:17:23.0203 2140 E:\WINDOWS\system32\sfc.dll - ok 15:17:23.0203 2140 [ D110369E8D883029325B77D7E1B7B2AD ] E:\WINDOWS\system32\sfc_os.dll 15:17:23.0203 2140 E:\WINDOWS\system32\sfc_os.dll - ok 15:17:23.0203 2140 [ 07CBC9E96C70214034E00136D5642492 ] E:\WINDOWS\system32\apphelp.dll 15:17:23.0203 2140 E:\WINDOWS\system32\apphelp.dll - ok 15:17:23.0218 2140 [ 4BB6A83640F1D1792AD21CE767B621C6 ] E:\WINDOWS\system32\services.exe 15:17:23.0218 2140 E:\WINDOWS\system32\services.exe - ok 15:17:23.0218 2140 [ CB28AF8C4F50DDD91D1DB253DF0C2679 ] E:\WINDOWS\system32\lsasrv.dll 15:17:23.0218 2140 E:\WINDOWS\system32\lsasrv.dll - ok 15:17:23.0218 2140 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] E:\WINDOWS\system32\lsass.exe 15:17:23.0218 2140 E:\WINDOWS\system32\lsass.exe - ok 15:17:23.0218 2140 [ 243955BFA314C7D48D7A6D5BC4A9922A ] E:\WINDOWS\system32\msvcp60.dll 15:17:23.0218 2140 E:\WINDOWS\system32\msvcp60.dll - ok 15:17:23.0218 2140 [ 2957CF1BDDCF21D3F5DB13AD5E406A7B ] E:\WINDOWS\system32\ncobjapi.dll 15:17:23.0218 2140 E:\WINDOWS\system32\ncobjapi.dll - ok 15:17:23.0234 2140 [ 37499389DEAE0FF44437AAB7A75DAB73 ] E:\WINDOWS\system32\scesrv.dll 15:17:23.0234 2140 E:\WINDOWS\system32\scesrv.dll - ok 15:17:23.0234 2140 [ 327507F0FD1C410917AD951FE7CAAC2D ] E:\WINDOWS\system32\umpnpmgr.dll 15:17:23.0234 2140 E:\WINDOWS\system32\umpnpmgr.dll - ok 15:17:23.0234 2140 [ 4B6C449D5AAC708E1BBFDF8BB603E4FA ] E:\WINDOWS\AppPatch\acadproc.dll 15:17:23.0234 2140 E:\WINDOWS\AppPatch\acadproc.dll - ok 15:17:23.0234 2140 [ 7717633EB7A76FBD3FB09BACAB07124E ] E:\WINDOWS\system32\mpr.dll 15:17:23.0234 2140 E:\WINDOWS\system32\mpr.dll - ok 15:17:23.0234 2140 [ B5E7026D1CB7D9BCBA0083B9F69683F1 ] E:\WINDOWS\system32\shimeng.dll 15:17:23.0234 2140 E:\WINDOWS\system32\shimeng.dll - ok 15:17:23.0234 2140 [ 292AEB6CBF02DC02445C61EB3F5DAC69 ] E:\WINDOWS\system32\dnsapi.dll 15:17:23.0234 2140 E:\WINDOWS\system32\dnsapi.dll - ok 15:17:23.0250 2140 [ 8007D5DC09EB8646C03B6D61AACC3B20 ] E:\WINDOWS\system32\ntdsapi.dll 15:17:23.0250 2140 E:\WINDOWS\system32\ntdsapi.dll - ok 15:17:23.0250 2140 [ FEB0A547DF442F353E1FC83BC7D7AE73 ] E:\WINDOWS\system32\wldap32.dll 15:17:23.0250 2140 E:\WINDOWS\system32\wldap32.dll - ok 15:17:23.0250 2140 [ 6D526EF248128FCEEAD9D35B3744A10B ] E:\WINDOWS\system32\samlib.dll 15:17:23.0250 2140 E:\WINDOWS\system32\samlib.dll - ok 15:17:23.0265 2140 [ 434ADBB2F0875D881D73A9861220A7FD ] E:\WINDOWS\system32\samsrv.dll 15:17:23.0265 2140 E:\WINDOWS\system32\samsrv.dll - ok 15:17:23.0265 2140 [ AC6927F5C5B4A0478BE981E25C4BDDB6 ] E:\WINDOWS\AppPatch\acgenral.dll 15:17:23.0265 2140 E:\WINDOWS\AppPatch\acgenral.dll - ok 15:17:23.0265 2140 [ 447AF8FE53D79E4F59F9452743C3BB68 ] E:\WINDOWS\system32\cryptdll.dll 15:17:23.0265 2140 E:\WINDOWS\system32\cryptdll.dll - ok 15:17:23.0265 2140 [ 56EB828638033E8DA33A720B22FBBA8A ] E:\WINDOWS\system32\msacm32.dll 15:17:23.0265 2140 E:\WINDOWS\system32\msacm32.dll - ok 15:17:23.0265 2140 [ 6AEA30E09213A468AE8F2F6071557246 ] E:\WINDOWS\system32\oleaut32.dll 15:17:23.0265 2140 E:\WINDOWS\system32\oleaut32.dll - ok 15:17:23.0281 2140 [ FF452D340940822DF0A1D1BC1D734186 ] E:\WINDOWS\system32\winmm.dll 15:17:23.0281 2140 E:\WINDOWS\system32\winmm.dll - ok 15:17:23.0281 2140 [ A00674B8ACB5F8726E5AD35202E091D4 ] E:\WINDOWS\system32\uxtheme.dll 15:17:23.0281 2140 E:\WINDOWS\system32\uxtheme.dll - ok 15:17:23.0281 2140 [ 394CCD355E86092FFDCCA41F8797861E ] E:\WINDOWS\system32\kerberos.dll 15:17:23.0281 2140 E:\WINDOWS\system32\kerberos.dll - ok 15:17:23.0281 2140 [ 275CAC40038A2643833B5F48FB474857 ] E:\WINDOWS\system32\msctfime.ime 15:17:23.0281 2140 E:\WINDOWS\system32\msctfime.ime - ok 15:17:23.0281 2140 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] E:\WINDOWS\system32\msprivs.dll 15:17:23.0281 2140 E:\WINDOWS\system32\msprivs.dll - ok 15:17:23.0281 2140 [ FEA07EF8DE796B6956ED23933675CBE8 ] E:\WINDOWS\system32\schannel.dll 15:17:23.0281 2140 E:\WINDOWS\system32\schannel.dll - ok 15:17:23.0281 2140 [ B65FA22811B17544F24A3E2520F087EF ] E:\WINDOWS\system32\iphlpapi.dll 15:17:23.0281 2140 E:\WINDOWS\system32\iphlpapi.dll - ok 15:17:23.0296 2140 [ 1579CF2100A10C85A4C0758DB66006EE ] E:\WINDOWS\system32\msv1_0.dll 15:17:23.0296 2140 E:\WINDOWS\system32\msv1_0.dll - ok 15:17:23.0296 2140 [ 0098D35F91DEAB9C127360A877F2CF84 ] E:\WINDOWS\system32\netlogon.dll 15:17:23.0296 2140 E:\WINDOWS\system32\netlogon.dll - ok 15:17:23.0296 2140 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] E:\WINDOWS\system32\w32time.dll 15:17:23.0296 2140 E:\WINDOWS\system32\w32time.dll - ok 15:17:23.0296 2140 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] E:\WINDOWS\system32\rsaenh.dll 15:17:23.0296 2140 E:\WINDOWS\system32\rsaenh.dll - ok 15:17:23.0312 2140 [ 22D7E027DD7B81EDAA0BCDCC02449B86 ] E:\WINDOWS\system32\wdigest.dll 15:17:23.0312 2140 E:\WINDOWS\system32\wdigest.dll - ok 15:17:23.0312 2140 [ 798D5AE675FD3A9B7CB836112C0EEC78 ] E:\WINDOWS\system32\winscard.dll 15:17:23.0312 2140 E:\WINDOWS\system32\winscard.dll - ok 15:17:23.0312 2140 [ 0752206793CCA5825C0F8E863D83D81E ] E:\WINDOWS\system32\wtsapi32.dll 15:17:23.0312 2140 E:\WINDOWS\system32\wtsapi32.dll - ok 15:17:23.0312 2140 [ 5132443DF6FC3771A17AB4AE55DCBC28 ] E:\WINDOWS\system32\scecli.dll 15:17:23.0312 2140 E:\WINDOWS\system32\scecli.dll - ok 15:17:23.0312 2140 [ 4FBC75B74479C7A6F829E0CA19DF3366 ] E:\WINDOWS\system32\svchost.exe 15:17:23.0312 2140 E:\WINDOWS\system32\svchost.exe - ok 15:17:23.0328 2140 [ 65ABA37DE32716D6D1164216DB6263BA ] E:\WINDOWS\system32\ntmarta.dll 15:17:23.0328 2140 E:\WINDOWS\system32\ntmarta.dll - ok 15:17:23.0328 2140 [ E970C2296916BF4A2F958680016FE312 ] E:\WINDOWS\system32\rpcss.dll 15:17:23.0328 2140 E:\WINDOWS\system32\rpcss.dll - ok 15:17:23.0328 2140 [ FDB5E2CA5763E37E1D19B7C4AFAE8055 ] E:\WINDOWS\system32\xpsp2res.dll 15:17:23.0328 2140 E:\WINDOWS\system32\xpsp2res.dll - ok 15:17:23.0328 2140 [ 04955AA695448C181B367D964AF158AA ] E:\WINDOWS\system32\eventlog.dll 15:17:23.0328 2140 E:\WINDOWS\system32\eventlog.dll - ok 15:17:23.0328 2140 [ F12B9D9A069331877D006CC81B4735F9 ] E:\WINDOWS\system32\mswsock.dll 15:17:23.0328 2140 E:\WINDOWS\system32\mswsock.dll - ok 15:17:23.0343 2140 [ 0DAF0705D7B39C94E287913226688804 ] E:\WINDOWS\system32\hnetcfg.dll 15:17:23.0343 2140 E:\WINDOWS\system32\hnetcfg.dll - ok 15:17:23.0343 2140 [ 02AF8A799D173C2D0C71F399C03AC9E1 ] E:\WINDOWS\system32\wshtcpip.dll 15:17:23.0343 2140 E:\WINDOWS\system32\wshtcpip.dll - ok 15:17:23.0343 2140 [ F556912E70B22D740C9C99E310E3C11F ] E:\Programme\Microsoft Security Client\MpSvc.dll 15:17:23.0343 2140 E:\Programme\Microsoft Security Client\MpSvc.dll - ok 15:17:23.0343 2140 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] E:\Programme\Microsoft Security Client\MsMpEng.exe 15:17:23.0343 2140 E:\Programme\Microsoft Security Client\MsMpEng.exe - ok 15:17:23.0343 2140 [ 469FED8597896DB77B49384BE90E2E0A ] E:\WINDOWS\system32\rasadhlp.dll 15:17:23.0343 2140 E:\WINDOWS\system32\rasadhlp.dll - ok 15:17:23.0359 2140 [ 4934FF44C8B6AE7B4CA0118B3D2CF666 ] E:\WINDOWS\system32\winrnr.dll 15:17:23.0359 2140 E:\WINDOWS\system32\winrnr.dll - ok 15:17:23.0359 2140 [ 3D9381A332E4373F8811C71BA5078B31 ] E:\Programme\Microsoft Security Client\MpClient.dll 15:17:23.0359 2140 E:\Programme\Microsoft Security Client\MpClient.dll - ok 15:17:23.0359 2140 [ F927A4434C5028758A842943EF1A3849 ] E:\WINDOWS\system32\drivers\ndisuio.sys 15:17:23.0359 2140 E:\WINDOWS\system32\drivers\ndisuio.sys - ok 15:17:23.0359 2140 [ C29A1C9B75BA38FA37F8C44405DEC360 ] E:\WINDOWS\system32\dhcpcsvc.dll 15:17:23.0359 2140 E:\WINDOWS\system32\dhcpcsvc.dll - ok 15:17:23.0375 2140 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] E:\WINDOWS\system32\dnsrslvr.dll 15:17:23.0375 2140 E:\WINDOWS\system32\dnsrslvr.dll - ok 15:17:23.0375 2140 [ 636714B7D43C8D0C80449123FD266920 ] E:\WINDOWS\system32\lmhsvc.dll 15:17:23.0375 2140 E:\WINDOWS\system32\lmhsvc.dll - ok 15:17:23.0375 2140 [ C4F109C005F6725162D2D12CA751E4A7 ] E:\WINDOWS\system32\wzcsvc.dll 15:17:23.0375 2140 E:\WINDOWS\system32\wzcsvc.dll - ok 15:17:23.0375 2140 [ AA87D7709021503687326432DC59590D ] E:\Programme\Microsoft Security Client\MpRTP.dll 15:17:23.0375 2140 E:\Programme\Microsoft Security Client\MpRTP.dll - ok 15:17:23.0375 2140 [ 3D9F4EE2A1D0EB842DED330FA06C7FC3 ] E:\WINDOWS\system32\fltlib.dll 15:17:23.0375 2140 E:\WINDOWS\system32\fltlib.dll - ok 15:17:23.0390 2140 [ 6F5ABF78CEB2A64DAC1CD8A8A04E30A5 ] E:\WINDOWS\system32\atl.dll 15:17:23.0390 2140 E:\WINDOWS\system32\atl.dll - ok 15:17:23.0390 2140 [ 6B08275230504D5112CE379A3D9DF8D9 ] E:\WINDOWS\system32\dot3api.dll 15:17:23.0390 2140 E:\WINDOWS\system32\dot3api.dll - ok 15:17:23.0390 2140 [ 27EE4C04D81A9B5658C819C43221598B ] E:\WINDOWS\system32\eapolqec.dll 15:17:23.0390 2140 E:\WINDOWS\system32\eapolqec.dll - ok 15:17:23.0390 2140 [ EC9DB893C89020C2B95D301429535162 ] E:\WINDOWS\system32\esent.dll 15:17:23.0390 2140 E:\WINDOWS\system32\esent.dll - ok 15:17:23.0390 2140 [ 06BE178035B554A7638CC45030DFB7A5 ] E:\WINDOWS\system32\qutil.dll 15:17:23.0390 2140 E:\WINDOWS\system32\qutil.dll - ok 15:17:23.0406 2140 [ 7CC640E3B8D427752F1D5B1093609338 ] E:\WINDOWS\system32\rtutils.dll 15:17:23.0406 2140 E:\WINDOWS\system32\rtutils.dll - ok 15:17:23.0406 2140 [ 43AD9160D7AF6E7EAD00B485EBBAB6A5 ] E:\WINDOWS\system32\wmi.dll 15:17:23.0406 2140 E:\WINDOWS\system32\wmi.dll - ok 15:17:23.0406 2140 [ 78CC39AD817831F5BAD2B5D79A299F25 ] E:\WINDOWS\system32\clbcatq.dll 15:17:23.0406 2140 E:\WINDOWS\system32\clbcatq.dll - ok 15:17:23.0406 2140 [ D0DE8A2EC95184E5193BB4B3112E29DF ] E:\WINDOWS\system32\comres.dll 15:17:23.0406 2140 E:\WINDOWS\system32\comres.dll - ok 15:17:23.0406 2140 [ 02F9FA9C679A2BFF4F5A8151619F42CF ] E:\WINDOWS\system32\mlang.dll 15:17:23.0406 2140 E:\WINDOWS\system32\mlang.dll - ok 15:17:23.0421 2140 [ B1CDCB462C2B50F0D66E755D2B285820 ] E:\WINDOWS\system32\rastls.dll 15:17:23.0421 2140 E:\WINDOWS\system32\rastls.dll - ok 15:17:23.0421 2140 [ 8395FB1049CB49B2C14C3CACDF9B2B5A ] E:\WINDOWS\system32\cryptui.dll 15:17:23.0421 2140 E:\WINDOWS\system32\cryptui.dll - ok 15:17:23.0421 2140 [ 214501D3CC7007F42822D22B01D1D2F7 ] E:\WINDOWS\system32\wininet.dll 15:17:23.0421 2140 E:\WINDOWS\system32\wininet.dll - ok 15:17:23.0421 2140 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] E:\WINDOWS\system32\normaliz.dll 15:17:23.0421 2140 E:\WINDOWS\system32\normaliz.dll - ok 15:17:23.0421 2140 [ B29C65369392CCB5BF2302879F2803CA ] E:\WINDOWS\system32\urlmon.dll 15:17:23.0421 2140 E:\WINDOWS\system32\urlmon.dll - ok 15:17:23.0437 2140 [ C432F3D464213BA15B6C4EDC9EDF0256 ] E:\WINDOWS\system32\iertutil.dll 15:17:23.0437 2140 E:\WINDOWS\system32\iertutil.dll - ok 15:17:23.0437 2140 [ C310CEAF283A8B5D4100E7C81E711F74 ] E:\WINDOWS\system32\mprapi.dll 15:17:23.0437 2140 E:\WINDOWS\system32\mprapi.dll - ok 15:17:23.0437 2140 [ 210199B7F3F632A95C29C916B040EABE ] E:\WINDOWS\system32\activeds.dll 15:17:23.0437 2140 E:\WINDOWS\system32\activeds.dll - ok 15:17:23.0437 2140 [ DEF910C95F7C0C9B36C9A90EE25C924E ] E:\WINDOWS\system32\adsldpc.dll 15:17:23.0437 2140 E:\WINDOWS\system32\adsldpc.dll - ok 15:17:23.0453 2140 [ FC5F5F2EC1676C7CD898155B6546D2AE ] E:\WINDOWS\system32\rasapi32.dll 15:17:23.0453 2140 E:\WINDOWS\system32\rasapi32.dll - ok 15:17:23.0453 2140 [ D4A61C9CFD998B132541C658E60C239D ] E:\WINDOWS\system32\rasman.dll 15:17:23.0453 2140 E:\WINDOWS\system32\rasman.dll - ok 15:17:23.0453 2140 [ 995857A5138976FAEE6455F00033F607 ] E:\WINDOWS\system32\tapi32.dll 15:17:23.0453 2140 E:\WINDOWS\system32\tapi32.dll - ok 15:17:23.0453 2140 [ B4B91D8615D022B4143B9AED662008D1 ] E:\WINDOWS\system32\riched20.dll 15:17:23.0453 2140 E:\WINDOWS\system32\riched20.dll - ok 15:17:23.0453 2140 [ D1A962D2DA4241977634365E33DB2417 ] E:\WINDOWS\system32\cscdll.dll 15:17:23.0453 2140 E:\WINDOWS\system32\cscdll.dll - ok 15:17:23.0453 2140 [ F2FBB810CEE3E25F8F923959C400E457 ] E:\WINDOWS\system32\logonui.exe 15:17:23.0453 2140 E:\WINDOWS\system32\logonui.exe - ok 15:17:23.0453 2140 [ FED5D601190B0CCD6A625C92FACDDC74 ] E:\WINDOWS\system32\raschap.dll 15:17:23.0453 2140 E:\WINDOWS\system32\raschap.dll - ok 15:17:23.0453 2140 [ 41696F6200C7151CC0A4A26816E3F577 ] E:\WINDOWS\system32\wzcsapi.dll 15:17:23.0453 2140 E:\WINDOWS\system32\wzcsapi.dll - ok 15:17:23.0468 2140 [ 65F97FA4F5761F74200456AA942E9866 ] E:\WINDOWS\system32\xmlprovi.dll 15:17:23.0468 2140 E:\WINDOWS\system32\xmlprovi.dll - ok 15:17:23.0468 2140 [ 2449D2A51EA2083FA05058F7CEF44714 ] E:\WINDOWS\system32\dimsntfy.dll 15:17:23.0468 2140 E:\WINDOWS\system32\dimsntfy.dll - ok 15:17:23.0468 2140 [ E12D149442BBFEA6AA952327B2EA0079 ] E:\WINDOWS\system32\winspool.drv 15:17:23.0468 2140 E:\WINDOWS\system32\winspool.drv - ok 15:17:23.0468 2140 [ 85D87ABB3889CE139BFFD7C7CBAC396B ] E:\WINDOWS\system32\wlnotify.dll 15:17:23.0468 2140 E:\WINDOWS\system32\wlnotify.dll - ok 15:17:23.0468 2140 [ BDB7897C7845025C085EA76B7210150E ] E:\WINDOWS\system32\duser.dll 15:17:23.0468 2140 E:\WINDOWS\system32\duser.dll - ok 15:17:23.0468 2140 [ A050194A44D7FA8D7186ED2F4E8367AE ] E:\WINDOWS\system32\schedsvc.dll 15:17:23.0468 2140 E:\WINDOWS\system32\schedsvc.dll - ok 15:17:23.0484 2140 [ DC4E223F5813150073FB5CC63D13293B ] E:\WINDOWS\system32\msimg32.dll 15:17:23.0484 2140 E:\WINDOWS\system32\msimg32.dll - ok 15:17:23.0484 2140 [ DF2A4BD2F67F35D803F5342046BA07C6 ] E:\WINDOWS\system32\oleacc.dll 15:17:23.0484 2140 E:\WINDOWS\system32\oleacc.dll - ok 15:17:23.0484 2140 [ C52B07091AD6E6201FA535686E5642FA ] E:\WINDOWS\system32\msidle.dll 15:17:23.0484 2140 E:\WINDOWS\system32\msidle.dll - ok 15:17:23.0484 2140 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] E:\WINDOWS\system32\spoolsv.exe 15:17:23.0484 2140 E:\WINDOWS\system32\spoolsv.exe - ok 15:17:23.0484 2140 [ 8DD8B3F22B6E6E62D6D113AB319D1839 ] E:\WINDOWS\system32\shgina.dll 15:17:23.0484 2140 E:\WINDOWS\system32\shgina.dll - ok 15:17:23.0500 2140 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] E:\WINDOWS\system32\audiosrv.dll 15:17:23.0500 2140 E:\WINDOWS\system32\audiosrv.dll - ok 15:17:23.0500 2140 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] E:\WINDOWS\system32\drivers\mrxdav.sys 15:17:23.0500 2140 E:\WINDOWS\system32\drivers\mrxdav.sys - ok 15:17:23.0500 2140 [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] E:\WINDOWS\system32\wkssvc.dll 15:17:23.0500 2140 E:\WINDOWS\system32\wkssvc.dll - ok 15:17:23.0500 2140 [ 9621BE9F6EA24F3D7F09B07853CB5AC8 ] E:\WINDOWS\system32\spoolss.dll 15:17:23.0500 2140 E:\WINDOWS\system32\spoolss.dll - ok 15:17:23.0500 2140 [ 81727C9873E3905A2FFC1EBD07265002 ] E:\WINDOWS\system32\webclnt.dll 15:17:23.0500 2140 E:\WINDOWS\system32\webclnt.dll - ok 15:17:23.0500 2140 [ F84785660305B9B903FB3BCA8BA29837 ] E:\WINDOWS\system32\drivers\parport.sys 15:17:23.0500 2140 E:\WINDOWS\system32\drivers\parport.sys - ok 15:17:23.0500 2140 [ CF24EB4F0412C82BCD1F4F35A025E31D ] E:\WINDOWS\system32\drivers\serial.sys 15:17:23.0500 2140 E:\WINDOWS\system32\drivers\serial.sys - ok 15:17:23.0500 2140 [ D6F603772A789BB3228F310D650B8BD1 ] E:\WINDOWS\system32\qmgr.dll 15:17:23.0500 2140 E:\WINDOWS\system32\qmgr.dll - ok 15:17:23.0515 2140 [ C5A75EB48E2344ABDC162BDA79E16841 ] E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:17:23.0515 2140 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok 15:17:23.0515 2140 [ E5F7C30EDF0892667933BE879F067D67 ] E:\WINDOWS\system32\msvcr100_clr0400.dll 15:17:23.0515 2140 E:\WINDOWS\system32\msvcr100_clr0400.dll - ok 15:17:23.0515 2140 [ DC6A38A2A41B2B40BE3F143203872479 ] E:\WINDOWS\system32\shfolder.dll 15:17:23.0515 2140 E:\WINDOWS\system32\shfolder.dll - ok 15:17:23.0515 2140 [ A7A221F7ED230E24A3186A5234751A08 ] E:\WINDOWS\system32\winhttp.dll 15:17:23.0515 2140 E:\WINDOWS\system32\winhttp.dll - ok 15:17:23.0515 2140 [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] E:\WINDOWS\system32\mscoree.dll 15:17:23.0515 2140 E:\WINDOWS\system32\mscoree.dll - ok 15:17:23.0515 2140 [ E6D88F1F6745BF00B57E7855A2AB696C ] E:\WINDOWS\system32\netman.dll 15:17:23.0515 2140 E:\WINDOWS\system32\netman.dll - ok 15:17:23.0515 2140 [ 121E5C473F0AD53BCFDB6E8181C44F81 ] E:\WINDOWS\system32\netshell.dll 15:17:23.0515 2140 E:\WINDOWS\system32\netshell.dll - ok 15:17:23.0531 2140 [ AFF1657382B09291DCB40ECFD2B673F2 ] E:\WINDOWS\system32\credui.dll 15:17:23.0531 2140 E:\WINDOWS\system32\credui.dll - ok 15:17:23.0531 2140 [ AE1BFF56A081E11208AFFCC7209BF5CE ] E:\WINDOWS\system32\dot3dlg.dll 15:17:23.0531 2140 E:\WINDOWS\system32\dot3dlg.dll - ok 15:17:23.0531 2140 [ 4BAC361B11D8C5F3B38EC668ADD95D60 ] E:\WINDOWS\system32\onex.dll 15:17:23.0531 2140 E:\WINDOWS\system32\onex.dll - ok 15:17:23.0531 2140 [ 14FA15EF89423FBFE55F55BB892C5CF2 ] E:\WINDOWS\system32\eappcfg.dll 15:17:23.0531 2140 E:\WINDOWS\system32\eappcfg.dll - ok 15:17:23.0546 2140 [ D6633FC7D1FCE7DCD7A1FE2564DC4FA6 ] E:\WINDOWS\system32\eappprxy.dll 15:17:23.0546 2140 E:\WINDOWS\system32\eappprxy.dll - ok 15:17:23.0546 2140 [ 47BEAA841455FBEFBAD547A3D2ADDE10 ] E:\WINDOWS\system32\lmabcoms.exe 15:17:23.0546 2140 E:\WINDOWS\system32\lmabcoms.exe - ok 15:17:23.0546 2140 [ 611F824E5C703A5A899F84C5F1699E4D ] E:\WINDOWS\system32\cryptsvc.dll 15:17:23.0546 2140 E:\WINDOWS\system32\cryptsvc.dll - ok 15:17:23.0546 2140 [ 7E7D8DD0AFC6EFAA7F39CCF7B222D751 ] E:\WINDOWS\system32\certcli.dll 15:17:23.0546 2140 E:\WINDOWS\system32\certcli.dll - ok 15:17:23.0546 2140 [ 877C18558D70587AA7823A1A308AC96B ] E:\WINDOWS\system32\ersvc.dll 15:17:23.0546 2140 E:\WINDOWS\system32\ersvc.dll - ok 15:17:23.0562 2140 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] E:\WINDOWS\system32\es.dll 15:17:23.0562 2140 E:\WINDOWS\system32\es.dll - ok 15:17:23.0562 2140 [ 128DF804D37C1A26B196B1507C89BED8 ] E:\WINDOWS\system32\lmabserv.dll 15:17:23.0562 2140 E:\WINDOWS\system32\lmabserv.dll - ok 15:17:23.0562 2140 [ CB66BF85BF599BEFD6C6A57C2E20357F ] E:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll 15:17:23.0562 2140 E:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll - ok 15:17:23.0562 2140 [ AF80C3FB20B7681AB89E15310AE043C8 ] E:\WINDOWS\system32\nvsvc32.exe 15:17:23.0562 2140 E:\WINDOWS\system32\nvsvc32.exe - ok 15:17:23.0562 2140 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] E:\WINDOWS\system32\srvsvc.dll 15:17:23.0578 2140 E:\WINDOWS\system32\srvsvc.dll - ok 15:17:23.0578 2140 [ 72DC0AFC9BDCFEB18F390B937A24E32C ] E:\WINDOWS\system32\ipsecsvc.dll 15:17:23.0578 2140 E:\WINDOWS\system32\ipsecsvc.dll - ok 15:17:23.0578 2140 [ A3962F4BBFE699B7EFFBBADE608E314F ] E:\WINDOWS\system32\netmsg.dll 15:17:23.0578 2140 E:\WINDOWS\system32\netmsg.dll - ok 15:17:23.0578 2140 [ FD187D53C311478B270CFC56A62FF8E5 ] E:\WINDOWS\system32\nvcpl.dll 15:17:23.0578 2140 E:\WINDOWS\system32\nvcpl.dll - ok 15:17:23.0578 2140 [ C8C0BDABC966B6C24D337DF0A0A399E1 ] E:\WINDOWS\system32\powrprof.dll 15:17:23.0578 2140 E:\WINDOWS\system32\powrprof.dll - ok 15:17:23.0578 2140 [ A3101C65133F0E3FCFF3ABA073BBA89C ] E:\WINDOWS\system32\oakley.dll 15:17:23.0578 2140 E:\WINDOWS\system32\oakley.dll - ok 15:17:23.0578 2140 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] E:\WINDOWS\system32\seclogon.dll 15:17:23.0578 2140 E:\WINDOWS\system32\seclogon.dll - ok 15:17:23.0578 2140 [ 1F975474A91306BEFF9A2314A88DB3BF ] E:\WINDOWS\system32\pstorsvc.dll 15:17:23.0578 2140 E:\WINDOWS\system32\pstorsvc.dll - ok 15:17:23.0578 2140 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] E:\WINDOWS\system32\sens.dll 15:17:23.0578 2140 E:\WINDOWS\system32\sens.dll - ok 15:17:23.0593 2140 [ FE77A85495065F3AD59C5C65B6C54182 ] E:\WINDOWS\system32\srsvc.dll 15:17:23.0593 2140 E:\WINDOWS\system32\srsvc.dll - ok 15:17:23.0593 2140 [ C6D9B9487143C455C26BFA3D8BE7C445 ] E:\WINDOWS\system32\winipsec.dll 15:17:23.0593 2140 E:\WINDOWS\system32\winipsec.dll - ok 15:17:23.0593 2140 [ 5252605079810904E31C332E241CD59B ] E:\WINDOWS\system32\drivers\srv.sys 15:17:23.0593 2140 E:\WINDOWS\system32\drivers\srv.sys - ok 15:17:23.0593 2140 [ AB0B97A27AA94AB681F0B0DD7C1B5E89 ] E:\WINDOWS\system32\psbase.dll 15:17:23.0593 2140 E:\WINDOWS\system32\psbase.dll - ok 15:17:23.0593 2140 [ 626504572B175867F30F3215C04B3E2F ] E:\WINDOWS\system32\trkwks.dll 15:17:23.0593 2140 E:\WINDOWS\system32\trkwks.dll - ok 15:17:23.0609 2140 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] E:\WINDOWS\system32\dssenh.dll 15:17:23.0609 2140 E:\WINDOWS\system32\dssenh.dll - ok 15:17:23.0609 2140 [ 5305B850984CFD51170ABA23744D111C ] E:\WINDOWS\system32\lmabinpa.dll 15:17:23.0609 2140 E:\WINDOWS\system32\lmabinpa.dll - ok 15:17:23.0609 2140 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] E:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe 15:17:23.0609 2140 E:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok 15:17:23.0609 2140 [ 77BF11D3757B7047BCF326941B8EA3D5 ] E:\WINDOWS\system32\lmabiesc.dll 15:17:23.0609 2140 E:\WINDOWS\system32\lmabiesc.dll - ok 15:17:23.0609 2140 [ FC3EC24FCE372C89423E015A2AC1A31E ] E:\WINDOWS\system32\wuaueng.dll 15:17:23.0609 2140 E:\WINDOWS\system32\wuaueng.dll - ok 15:17:23.0625 2140 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] E:\WINDOWS\system32\wuauserv.dll 15:17:23.0625 2140 E:\WINDOWS\system32\wuauserv.dll - ok 15:17:23.0625 2140 [ 30EB8C06E567B06FB8EAC8EB0C244B55 ] E:\WINDOWS\system32\lmabiobj.dll 15:17:23.0625 2140 E:\WINDOWS\system32\lmabiobj.dll - ok 15:17:23.0625 2140 [ F5BA44B2017FB602969A94C3BDC9297A ] E:\WINDOWS\system32\lmabusb1.dll 15:17:23.0625 2140 E:\WINDOWS\system32\lmabusb1.dll - ok 15:17:23.0625 2140 [ 8E1714FC6103F585F00CF2FA883EB33A ] E:\WINDOWS\system32\hid.dll 15:17:23.0625 2140 E:\WINDOWS\system32\hid.dll - ok 15:17:23.0625 2140 [ C59AF022A223C0A428DFAF1B319A85C1 ] E:\WINDOWS\system32\lmabpar1.dll 15:17:23.0625 2140 E:\WINDOWS\system32\lmabpar1.dll - ok 15:17:23.0640 2140 [ 1E5449E4549FBA91760F9FCDF6B22D6E ] E:\WINDOWS\system32\lmabip1.dll 15:17:23.0640 2140 E:\WINDOWS\system32\lmabip1.dll - ok 15:17:23.0640 2140 [ 7659F638CC316E1771E6EE8116AB9309 ] E:\WINDOWS\system32\cabinet.dll 15:17:23.0640 2140 E:\WINDOWS\system32\cabinet.dll - ok 15:17:23.0640 2140 [ 3AA20F72B176DB71033217CEF7A0FAC5 ] E:\WINDOWS\system32\mspatcha.dll 15:17:23.0640 2140 E:\WINDOWS\system32\mspatcha.dll - ok 15:17:23.0640 2140 [ B42057F06BBB98B31876C0B3F2B54E33 ] E:\WINDOWS\system32\browser.dll 15:17:23.0640 2140 E:\WINDOWS\system32\browser.dll - ok 15:17:23.0640 2140 [ 3458EDA96E30FBD0477A2800D3FB1909 ] E:\WINDOWS\system32\wups.dll 15:17:23.0640 2140 E:\WINDOWS\system32\wups.dll - ok 15:17:23.0656 2140 [ BDC0C99E472176C8C2C853A68ADC5073 ] E:\WINDOWS\system32\wups2.dll 15:17:23.0656 2140 E:\WINDOWS\system32\wups2.dll - ok 15:17:23.0656 2140 [ 2E0B0A051FFAA86E358465BB0880D453 ] E:\WINDOWS\system32\wuauclt.exe 15:17:23.0656 2140 E:\WINDOWS\system32\wuauclt.exe - ok 15:17:23.0656 2140 [ B403C907017199BCFF8CE116F9F59F45 ] E:\WINDOWS\system32\nvapi.dll 15:17:23.0656 2140 E:\WINDOWS\system32\nvapi.dll - ok 15:17:23.0656 2140 [ 3D525867B7D228674C49E8C700225946 ] E:\WINDOWS\system32\nvdisps.dll 15:17:23.0656 2140 E:\WINDOWS\system32\nvdisps.dll - ok 15:17:23.0671 2140 [ 6582453D9A23287F6DCA15B82D339A48 ] E:\WINDOWS\system32\localspl.dll 15:17:23.0671 2140 E:\WINDOWS\system32\localspl.dll - ok 15:17:23.0671 2140 [ CD1A323D787B738DDE0D62AA28214E16 ] E:\WINDOWS\system32\cnbjmon.dll 15:17:23.0671 2140 E:\WINDOWS\system32\cnbjmon.dll - ok 15:17:23.0671 2140 [ 13E40C0B560E90007DF9F429877488BE ] E:\WINDOWS\system32\CNMLM78.DLL 15:17:23.0671 2140 E:\WINDOWS\system32\CNMLM78.DLL - ok 15:17:23.0671 2140 [ DF6BE05B03F506A62B3EB786D0336ED1 ] E:\WINDOWS\system32\CNMLM86.DLL 15:17:23.0671 2140 E:\WINDOWS\system32\CNMLM86.DLL - ok 15:17:23.0671 2140 [ D82A57C060543D79D0097E001DF6C397 ] E:\WINDOWS\system32\CNMLM92.DLL 15:17:23.0671 2140 E:\WINDOWS\system32\CNMLM92.DLL - ok 15:17:23.0687 2140 [ 658D434909B9AD45C2FE6D432BBC2BA2 ] E:\WINDOWS\system32\CNMLM9A.DLL 15:17:23.0687 2140 E:\WINDOWS\system32\CNMLM9A.DLL - ok 15:17:23.0687 2140 [ D4FDCC6B5E6DBE12333FD1B423924060 ] E:\WINDOWS\system32\CNMLMAF.DLL 15:17:23.0687 2140 E:\WINDOWS\system32\CNMLMAF.DLL - ok 15:17:23.0687 2140 [ DA4CFA5F8EC837ED867B748535B24798 ] E:\WINDOWS\system32\lmablmpm.dll 15:17:23.0687 2140 E:\WINDOWS\system32\lmablmpm.dll - ok 15:17:23.0687 2140 [ C35C59519A34C3E41DD3BDB387B63723 ] E:\WINDOWS\system32\lmabcomc.dll 15:17:23.0687 2140 E:\WINDOWS\system32\lmabcomc.dll - ok 15:17:23.0687 2140 [ CF0376023360AADD55C89BA50564AFDC ] E:\WINDOWS\system32\mdimon.dll 15:17:23.0687 2140 E:\WINDOWS\system32\mdimon.dll - ok 15:17:23.0703 2140 [ 943407905382C0A6E3993CE5B43076AF ] E:\WINDOWS\system32\msi.dll 15:17:23.0703 2140 E:\WINDOWS\system32\msi.dll - ok 15:17:23.0703 2140 [ 500FD332827CF9209D9FB2FC5D322D74 ] E:\WINDOWS\system32\OKLNGMON.DLL 15:17:23.0703 2140 E:\WINDOWS\system32\OKLNGMON.DLL - ok 15:17:23.0703 2140 [ CD7CBE79F16E13ADDF3D62B57608006E ] E:\WINDOWS\system32\OPDMN014.DLL 15:17:23.0703 2140 E:\WINDOWS\system32\OPDMN014.DLL - ok 15:17:23.0703 2140 [ 17C70A26B079BAB6BD753378E8DA655F ] E:\WINDOWS\system32\OZLIB114.DLL 15:17:23.0703 2140 E:\WINDOWS\system32\OZLIB114.DLL - ok 15:17:23.0703 2140 [ 49B0146603A52E5AB7E021E99C7CF6E3 ] E:\WINDOWS\system32\OPCLB012.DLL 15:17:23.0703 2140 E:\WINDOWS\system32\OPCLB012.DLL - ok 15:17:23.0703 2140 [ 3776D95DCC93E40B8ADDDBD936DA0DAF ] E:\WINDOWS\system32\OPDVA012.DLL 15:17:23.0703 2140 E:\WINDOWS\system32\OPDVA012.DLL - ok 15:17:23.0703 2140 [ 598BFC4C6E4FC1DCEE980BC05CC8FE10 ] E:\WINDOWS\system32\OPM01LOC.DLL 15:17:23.0703 2140 E:\WINDOWS\system32\OPM01LOC.DLL - ok 15:17:23.0718 2140 [ 9B3AC18DDD46EDAF662611FFD0FEF54C ] E:\WINDOWS\system32\OPSLD010.DLL 15:17:23.0718 2140 E:\WINDOWS\system32\OPSLD010.DLL - ok 15:17:23.0718 2140 [ 9B0B5DF56025F6E48C17C7BA75310D35 ] E:\WINDOWS\system32\pjlmon.dll 15:17:23.0718 2140 E:\WINDOWS\system32\pjlmon.dll - ok 15:17:23.0718 2140 [ CA8AA75C4DC6A48D65949A30CE46C970 ] E:\WINDOWS\system32\tcpmon.dll 15:17:23.0718 2140 E:\WINDOWS\system32\tcpmon.dll - ok 15:17:23.0718 2140 [ E7BB3BF2DFDF4483DFF8A4AB05805416 ] E:\WINDOWS\system32\usbmon.dll 15:17:23.0718 2140 E:\WINDOWS\system32\usbmon.dll - ok 15:17:23.0718 2140 [ 46E93E39E5A4EC82BA40719D3DFF49CB ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD78.DLL 15:17:23.0718 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD78.DLL - ok 15:17:23.0718 2140 [ FEC3ACE4D5E9B8B13C401941EE50F476 ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD86.DLL 15:17:23.0718 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD86.DLL - ok 15:17:23.0734 2140 [ D9E4FE541E2D99A2EA5A0551D124044F ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD92.DLL 15:17:23.0734 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD92.DLL - ok 15:17:23.0734 2140 [ 8D8BD4362598403B2B17F9EE57FB93C7 ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9A.DLL 15:17:23.0734 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9A.DLL - ok 15:17:23.0734 2140 [ 36B2D3C5710185AF01C8261D5CA6BA2C ] E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAF.DLL 15:17:23.0734 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAF.DLL - ok 15:17:23.0734 2140 [ 96C650DDAF9D98A71FBE8181AC605AC5 ] E:\WINDOWS\system32\spool\prtprocs\w32x86\LMACHL4C.DLL 15:17:23.0734 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\LMACHL4C.DLL - ok 15:17:23.0734 2140 [ 58E13A2292839321D3CDC918D5A4F5AE ] E:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll 15:17:23.0734 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok 15:17:23.0734 2140 [ A25F1F46410854467D52BE979C06D6EB ] E:\WINDOWS\system32\spool\prtprocs\w32x86\OPHAPP3.DLL 15:17:23.0734 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\OPHAPP3.DLL - ok 15:17:23.0750 2140 [ 6EF99663E38AEB1FF3EFDAD1A0BD0A6D ] E:\WINDOWS\system32\spool\prtprocs\w32x86\OPLAPP3.DLL 15:17:23.0750 2140 E:\WINDOWS\system32\spool\prtprocs\w32x86\OPLAPP3.DLL - ok 15:17:23.0750 2140 [ 0E892525F035A10857E33153CF65CE6C ] E:\WINDOWS\system32\netrap.dll 15:17:23.0750 2140 E:\WINDOWS\system32\netrap.dll - ok 15:17:23.0750 2140 [ 4333010681772735474A64D984F175AB ] E:\WINDOWS\system32\win32spl.dll 15:17:23.0750 2140 E:\WINDOWS\system32\win32spl.dll - ok 15:17:23.0750 2140 [ 4BAB096EE0673DE722536F0274DA2373 ] E:\WINDOWS\system32\inetpp.dll 15:17:23.0750 2140 E:\WINDOWS\system32\inetpp.dll - ok 15:17:23.0750 2140 [ 2B5A27FE35AC5EBBDFC1B23ECE358E42 ] E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\mpengine.dll 15:17:23.0750 2140 E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\mpengine.dll - ok 15:17:23.0765 2140 [ CB6B671ED6D97F2E9F2274EADB7517B2 ] E:\Programme\Microsoft Security Client\MpCmdRun.exe 15:17:23.0765 2140 E:\Programme\Microsoft Security Client\MpCmdRun.exe - ok 15:17:23.0765 2140 [ 42DD9011D54C3A91F14BDBBF50791DA9 ] E:\Programme\Microsoft Security Client\MsseWat.dll 15:17:23.0765 2140 E:\Programme\Microsoft Security Client\MsseWat.dll - ok 15:17:23.0765 2140 [ A26E0A6A7EBB45815A3583E170C27031 ] E:\Programme\Microsoft Security Client\LegitLib.dll 15:17:23.0765 2140 E:\Programme\Microsoft Security Client\LegitLib.dll - ok 15:17:23.0765 2140 [ 517A94B722F607B904061447939D7924 ] E:\WINDOWS\system32\wbem\wbemprox.dll 15:17:23.0765 2140 E:\WINDOWS\system32\wbem\wbemprox.dll - ok 15:17:23.0781 2140 [ 8747DA0A28057B6EF2366E4C951A23F5 ] E:\WINDOWS\system32\wbem\wbemcomn.dll 15:17:23.0781 2140 E:\WINDOWS\system32\wbem\wbemcomn.dll - ok 15:17:23.0781 2140 [ D57584096C1DB82B466281B4528D4A2E ] E:\WINDOWS\system32\licdll.dll 15:17:23.0781 2140 E:\WINDOWS\system32\licdll.dll - ok 15:17:23.0781 2140 [ C9DF83C3A1D58C59FF0E0924FCA858C1 ] E:\WINDOWS\system32\dpcdll.dll 15:17:23.0781 2140 E:\WINDOWS\system32\dpcdll.dll - ok 15:17:23.0781 2140 [ 262143DB2D3DCC2E3C711A84B0673531 ] E:\WINDOWS\system32\msxml3.dll 15:17:23.0781 2140 E:\WINDOWS\system32\msxml3.dll - ok 15:17:23.0781 2140 [ B7DE02C863D8F5A005A7BF375375A6A4 ] E:\WINDOWS\system32\termsrv.dll 15:17:23.0781 2140 E:\WINDOWS\system32\termsrv.dll - ok 15:17:23.0781 2140 [ 39E63B4B76CB20E20949FCC6DE1BC630 ] E:\WINDOWS\system32\icaapi.dll 15:17:23.0781 2140 E:\WINDOWS\system32\icaapi.dll - ok 15:17:23.0796 2140 [ F0D12C9FA5F8C3ED9329418FFDC4FE4C ] E:\WINDOWS\system32\mstlsapi.dll 15:17:23.0796 2140 E:\WINDOWS\system32\mstlsapi.dll - ok 15:17:23.0796 2140 [ 27EB9D671497EA236E6B59EB9EDE3607 ] E:\WINDOWS\system32\cscui.dll 15:17:23.0796 2140 E:\WINDOWS\system32\cscui.dll - ok 15:17:23.0796 2140 [ BE2C8BD5F596535D534C785B04A3B741 ] E:\WINDOWS\system32\wdmaud.drv 15:17:23.0796 2140 E:\WINDOWS\system32\wdmaud.drv - ok 15:17:23.0796 2140 [ 6768ACF64B18196494413695F0C3A00F ] E:\WINDOWS\system32\drivers\wdmaud.sys 15:17:23.0796 2140 E:\WINDOWS\system32\drivers\wdmaud.sys - ok 15:17:23.0796 2140 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] E:\WINDOWS\system32\drivers\sysaudio.sys 15:17:23.0796 2140 E:\WINDOWS\system32\drivers\sysaudio.sys - ok 15:17:23.0812 2140 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] E:\WINDOWS\system32\drivers\splitter.sys 15:17:23.0812 2140 E:\WINDOWS\system32\drivers\splitter.sys - ok 15:17:23.0812 2140 [ 8BED39E3C35D6A489438B8141717A557 ] E:\WINDOWS\system32\drivers\aec.sys 15:17:23.0812 2140 E:\WINDOWS\system32\drivers\aec.sys - ok 15:17:23.0812 2140 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] E:\WINDOWS\system32\drivers\swmidi.sys 15:17:23.0812 2140 E:\WINDOWS\system32\drivers\swmidi.sys - ok 15:17:23.0812 2140 [ 788F95312E26389D596C0FA55834E106 ] E:\WINDOWS\system32\userinit.exe 15:17:23.0812 2140 E:\WINDOWS\system32\userinit.exe - ok 15:17:23.0812 2140 [ 8A208DFCF89792A484E76C40E5F50B45 ] E:\WINDOWS\system32\drivers\DMusic.sys 15:17:23.0812 2140 E:\WINDOWS\system32\drivers\DMusic.sys - ok 15:17:23.0828 2140 [ 692BCF44383D056AED41B045A323D378 ] E:\WINDOWS\system32\drivers\kmixer.sys 15:17:23.0828 2140 E:\WINDOWS\system32\drivers\kmixer.sys - ok 15:17:23.0828 2140 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] E:\WINDOWS\system32\drivers\drmkaud.sys 15:17:23.0828 2140 E:\WINDOWS\system32\drivers\drmkaud.sys - ok 15:17:23.0828 2140 [ 84BDD3C4FADB534BD843D949CFCDE53C ] E:\WINDOWS\system32\msacm32.drv 15:17:23.0828 2140 E:\WINDOWS\system32\msacm32.drv - ok 15:17:23.0828 2140 [ 2CF969B9BF1EF069075DCDCE309FAAE1 ] E:\WINDOWS\system32\midimap.dll 15:17:23.0828 2140 E:\WINDOWS\system32\midimap.dll - ok 15:17:23.0843 2140 [ 418045A93CD87A352098AB7DABE1B53E ] E:\WINDOWS\explorer.exe 15:17:23.0843 2140 E:\WINDOWS\explorer.exe - ok 15:17:23.0843 2140 [ F6B34CD47CAF6D68106B9F8055F35C50 ] E:\WINDOWS\system32\rundll32.exe 15:17:23.0843 2140 E:\WINDOWS\system32\rundll32.exe - ok 15:17:23.0843 2140 [ 62982E7EF025B5D8FB31467265C43918 ] E:\WINDOWS\system32\browseui.dll 15:17:23.0843 2140 E:\WINDOWS\system32\browseui.dll - ok 15:17:23.0843 2140 [ 5F62AE472DDEC02CB3C635FAD6F3A632 ] E:\WINDOWS\system32\shdocvw.dll 15:17:23.0843 2140 E:\WINDOWS\system32\shdocvw.dll - ok 15:17:23.0843 2140 [ 4B0451C5A07470A3722171E354ABDADE ] E:\WINDOWS\system32\desk.cpl 15:17:23.0843 2140 E:\WINDOWS\system32\desk.cpl - ok 15:17:23.0843 2140 [ 78898165CF0E27AFBD8653EF6D2FDA07 ] E:\WINDOWS\system32\themeui.dll 15:17:23.0843 2140 E:\WINDOWS\system32\themeui.dll - ok 15:17:23.0859 2140 [ 18D926CD5F5BE2AA73EAD99C02BC719D ] E:\WINDOWS\system32\actxprxy.dll 15:17:23.0859 2140 E:\WINDOWS\system32\actxprxy.dll - ok 15:17:23.0859 2140 [ 9B890F756D087991322464912FE68E75 ] E:\WINDOWS\system32\cmd.exe 15:17:23.0859 2140 E:\WINDOWS\system32\cmd.exe - ok 15:17:23.0859 2140 [ 6E8A8866D2093A7DBB2156DC8E7FE395 ] E:\WINDOWS\system32\ieframe.dll 15:17:23.0859 2140 E:\WINDOWS\system32\ieframe.dll - ok 15:17:23.0859 2140 [ 4B57701BDEECED8714EE21C56DADD390 ] E:\WINDOWS\system32\cryptnet.dll 15:17:23.0859 2140 E:\WINDOWS\system32\cryptnet.dll - ok 15:17:23.0875 2140 [ 197153B4233375F28600C1E87EFE4881 ] E:\WINDOWS\system32\sensapi.dll 15:17:23.0875 2140 E:\WINDOWS\system32\sensapi.dll - ok 15:17:23.0875 2140 [ 178A34E5554DCE485E1262DDF027960C ] E:\DOKUME~1\PRINKTO\LOKALE~1\Temp\2BF0B8E2-213E-4264-9C1B-79FB9E449346.exe 15:17:23.0875 2140 E:\DOKUME~1\PRINKTO\LOKALE~1\Temp\2BF0B8E2-213E-4264-9C1B-79FB9E449346.exe - ok 15:17:23.0875 2140 [ 5543A9D4A1D0F9F84092482A9373A024 ] E:\WINDOWS\system32\linkinfo.dll 15:17:23.0875 2140 E:\WINDOWS\system32\linkinfo.dll - ok 15:17:23.0875 2140 [ 6AD81A33FE1E1DBB7A1E332C20160D05 ] E:\WINDOWS\system32\ntshrui.dll 15:17:23.0875 2140 E:\WINDOWS\system32\ntshrui.dll - ok 15:17:23.0875 2140 [ 2A8681AEA24003040CA7D677BE9F1702 ] E:\WINDOWS\system32\drivers\13549634.sys 15:17:23.0875 2140 E:\WINDOWS\system32\drivers\13549634.sys - ok 15:17:23.0875 2140 [ 712E48248A0D16D996D4F3A79CF485A8 ] E:\WINDOWS\system32\verclsid.exe 15:17:23.0875 2140 E:\WINDOWS\system32\verclsid.exe - ok 15:17:23.0875 2140 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] E:\WINDOWS\system32\webcheck.dll 15:17:23.0875 2140 E:\WINDOWS\system32\webcheck.dll - ok 15:17:23.0875 2140 [ DE2CD737BB7C6B2F391D54A06C1B80A1 ] E:\WINDOWS\system32\stobject.dll 15:17:23.0875 2140 E:\WINDOWS\system32\stobject.dll - ok 15:17:23.0890 2140 [ D4B413AA210C21E46AEDD2BA5B68D38E ] E:\WINDOWS\system32\imapi.exe 15:17:23.0890 2140 E:\WINDOWS\system32\imapi.exe - ok 15:17:23.0890 2140 [ F84AC3459F5ED9B77BC38C481F744729 ] E:\WINDOWS\system32\batmeter.dll 15:17:23.0890 2140 E:\WINDOWS\system32\batmeter.dll - ok 15:17:23.0890 2140 [ 24ABEFFDE26EDD53F33187FB46068876 ] E:\WINDOWS\system32\upnp.dll 15:17:23.0890 2140 E:\WINDOWS\system32\upnp.dll - ok 15:17:23.0890 2140 [ 3F541BFA1043223844EBBFEBE3ED1AD8 ] E:\WINDOWS\system32\ssdpapi.dll 15:17:23.0890 2140 E:\WINDOWS\system32\ssdpapi.dll - ok 15:17:23.0890 2140 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] E:\WINDOWS\system32\drivers\http.sys 15:17:23.0890 2140 E:\WINDOWS\system32\drivers\http.sys - ok 15:17:23.0906 2140 [ 58024E0237CBE2C0CEB8772473B93603 ] E:\WINDOWS\system32\nwiz.exe 15:17:23.0906 2140 E:\WINDOWS\system32\nwiz.exe - ok 15:17:23.0906 2140 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] E:\WINDOWS\system32\ssdpsrv.dll 15:17:23.0906 2140 E:\WINDOWS\system32\ssdpsrv.dll - ok 15:17:23.0906 2140 [ D9CD6674E57A27F3465878EFE56E8B4E ] E:\WINDOWS\system32\nview.dll 15:17:23.0906 2140 E:\WINDOWS\system32\nview.dll - ok 15:17:23.0906 2140 [ 47826742CF171F538528546D9A4AB9F1 ] E:\WINDOWS\system32\nvwddi.dll 15:17:23.0906 2140 E:\WINDOWS\system32\nvwddi.dll - ok 15:17:23.0906 2140 [ 4DA6F4E3E0DCBC1D53FFECBCEEC77886 ] E:\WINDOWS\system32\riched32.dll 15:17:23.0906 2140 E:\WINDOWS\system32\riched32.dll - ok 15:17:23.0921 2140 [ D37F604F98E1FC2D7AEC8EF3515409D7 ] E:\WINDOWS\RTHDCPL.EXE 15:17:23.0921 2140 E:\WINDOWS\RTHDCPL.EXE - ok 15:17:23.0921 2140 [ 4D2F7561D8A840450AABFAD3740B0E6B ] E:\Programme\Microsoft Security Client\msseces.exe 15:17:23.0921 2140 E:\Programme\Microsoft Security Client\msseces.exe - ok 15:17:23.0921 2140 [ 3CB07566302BCEEB898DE270A0BEC175 ] E:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe 15:17:23.0921 2140 E:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe - ok 15:17:23.0921 2140 [ 9236E736EDB57BE7D1EF6274410E3BAC ] E:\WINDOWS\system32\dsound.dll 15:17:23.0921 2140 E:\WINDOWS\system32\dsound.dll - ok 15:17:23.0921 2140 [ 2F9E20F8741E32076D498F39EBA71C16 ] E:\WINDOWS\system32\hhctrl.ocx 15:17:23.0921 2140 E:\WINDOWS\system32\hhctrl.ocx - ok 15:17:23.0937 2140 [ A379B75A6FFE4DFD3184F35F0141CE91 ] E:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe 15:17:23.0937 2140 E:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe - ok 15:17:23.0937 2140 [ 5257778EDF2F2DDD882DAB24AACE9C08 ] E:\WINDOWS\system32\mui\0007\hhctrlui.dll 15:17:23.0937 2140 E:\WINDOWS\system32\mui\0007\hhctrlui.dll - ok 15:17:23.0937 2140 [ D2AEADFD998706B4216315B2BD3FA79E ] E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe 15:17:23.0937 2140 E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe - ok 15:17:23.0937 2140 [ F2B1B01D07E3548588934C38C3CE7D30 ] E:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll 15:17:23.0937 2140 E:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll - ok 15:17:23.0937 2140 [ 3E4C03CEFAD8DE135263236B61A49C90 ] E:\WINDOWS\system32\NeroCheck.exe 15:17:23.0937 2140 E:\WINDOWS\system32\NeroCheck.exe - ok 15:17:23.0953 2140 [ E4AC9C29A423739C22C1C593A4CBDEF5 ] E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\_ispmres.dll 15:17:23.0953 2140 E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\_ispmres.dll - ok 15:17:23.0953 2140 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] E:\Programme\Adobe\Reader 11.0\Reader\reader_sl.exe 15:17:23.0953 2140 E:\Programme\Adobe\Reader 11.0\Reader\reader_sl.exe - ok 15:17:23.0953 2140 [ B738C9EB50A94D22A0259B340A97B8A4 ] E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\agent.exe 15:17:23.0953 2140 E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\agent.exe - ok 15:17:23.0953 2140 [ 118D81523EA80B9E252CB840E94754C6 ] E:\Programme\Microsoft Security Client\EppManifest.dll 15:17:23.0953 2140 E:\Programme\Microsoft Security Client\EppManifest.dll - ok 15:17:23.0953 2140 [ DB69535D89EFEAA0B66A6429917A94C3 ] E:\Programme\Ask.com\Updater\Updater.exe 15:17:23.0953 2140 E:\Programme\Ask.com\Updater\Updater.exe - ok 15:17:23.0968 2140 [ EA8E4B556205ECEAE826F78FD61EF044 ] E:\WINDOWS\system32\msftedit.dll 15:17:23.0968 2140 E:\WINDOWS\system32\msftedit.dll - ok 15:17:23.0968 2140 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] E:\WINDOWS\system32\msvcp100.dll 15:17:23.0968 2140 E:\WINDOWS\system32\msvcp100.dll - ok 15:17:23.0968 2140 [ 01B4E6E990B6C5EA8856D96C7FD044B2 ] E:\WINDOWS\system32\ctfmon.exe 15:17:23.0968 2140 E:\WINDOWS\system32\ctfmon.exe - ok 15:17:23.0968 2140 [ BF38660A9125935658CFA3E53FDC7D65 ] E:\WINDOWS\system32\msvcr100.dll 15:17:23.0968 2140 E:\WINDOWS\system32\msvcr100.dll - ok 15:17:23.0968 2140 [ CD554362B82587991A244CF563283F63 ] E:\WINDOWS\system32\msisip.dll 15:17:23.0968 2140 E:\WINDOWS\system32\msisip.dll - ok 15:17:23.0984 2140 [ A4472EA73BFB27132483F86BAFCD7783 ] E:\WINDOWS\system32\msctf.dll 15:17:23.0984 2140 E:\WINDOWS\system32\msctf.dll - ok 15:17:23.0984 2140 [ 65657A27D1487BAAFE446ED3E20D2209 ] E:\WINDOWS\system32\msutb.dll 15:17:23.0984 2140 E:\WINDOWS\system32\msutb.dll - ok 15:17:23.0984 2140 [ A178CDFF6CAFD25CEA366EE2FC8192DE ] E:\WINDOWS\system32\wshext.dll 15:17:23.0984 2140 E:\WINDOWS\system32\wshext.dll - ok 15:17:23.0984 2140 [ 456DFE2E9E04CAD282E19DE078DCF85B ] E:\WINDOWS\ime\sptip.dll 15:17:23.0984 2140 E:\WINDOWS\ime\sptip.dll - ok 15:17:23.0984 2140 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] E:\Programme\Microsoft Security Client\SqmApi.dll 15:17:23.0984 2140 E:\Programme\Microsoft Security Client\SqmApi.dll - ok 15:17:24.0000 2140 [ F0B0D86C7E5CE1781BB92F300169A257 ] E:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL 15:17:24.0000 2140 E:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL - ok 15:17:24.0000 2140 [ 671ABB33C712B1585A5BF7ADD36AD96E ] E:\WINDOWS\system32\ksuser.dll 15:17:24.0000 2140 E:\WINDOWS\system32\ksuser.dll - ok 15:17:24.0000 2140 [ C2FF17734176CD15221C10044EF0BA1A ] E:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe 15:17:24.0000 2140 E:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - ok 15:17:24.0000 2140 [ C30D8C61884413FB35E241A2D98BD08F ] E:\WINDOWS\system32\mscms.dll 15:17:24.0000 2140 E:\WINDOWS\system32\mscms.dll - ok 15:17:24.0000 2140 [ C50E037D2E15CD6B39120DAB10541D34 ] E:\WINDOWS\system32\sti.dll 15:17:24.0000 2140 E:\WINDOWS\system32\sti.dll - ok 15:17:24.0015 2140 [ FB48C9B0B6382D5AEA6AEEDBDAEA55A3 ] E:\WINDOWS\system32\cfgmgr32.dll 15:17:24.0015 2140 E:\WINDOWS\system32\cfgmgr32.dll - ok 15:17:24.0015 2140 [ 5B8D89E523537B208E2C392776DA2E3A ] E:\Programme\PrintKey2000\Printkey2000.exe 15:17:24.0015 2140 E:\Programme\PrintKey2000\Printkey2000.exe - ok 15:17:24.0015 2140 [ B9E1B91828711D12BBF27C3A29255127 ] E:\WINDOWS\system32\netcfgx.dll 15:17:24.0015 2140 E:\WINDOWS\system32\netcfgx.dll - ok 15:17:24.0015 2140 [ B601A34A1BC3FFF07B005BC91FF58500 ] E:\WINDOWS\system32\clusapi.dll 15:17:24.0015 2140 E:\WINDOWS\system32\clusapi.dll - ok 15:17:24.0015 2140 [ 31940D74AE890495C73E37482F150DC3 ] E:\WINDOWS\system32\rasdlg.dll 15:17:24.0015 2140 E:\WINDOWS\system32\rasdlg.dll - ok 15:17:24.0015 2140 ============================================================ 15:17:24.0015 2140 Scan finished 15:17:24.0015 2140 ============================================================ 15:17:24.0125 2132 Detected object count: 0 15:17:24.0125 2132 Actual detected object count: 0 |
13.06.2013, 14:23 | #11 |
/// Malware-holic | GVU auch im abgesicherrten Modus XP HOME 32 hatte ich was von quarantäne geschrieben, skip steht oben evtl. musst du NVIDIA reinstalieren. Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
17.06.2013, 14:47 | #12 |
| GVU auch im abgesicherrten Modus XP HOME 32 Hi markusg, war so begeistert, dass der Rechner wieder läuft. Hier die Combo.txt Combofix Logfile: Code:
ATTFilter ComboFix 13-06-17.01 - PRINKTO 17.06.2013 15:35:05.1.2 - x86 ausgeführt von:: k:\programme_download\ComboFix.exe . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . e:\dokumente und einstellungen\Besitzer\WINDOWS e:\dokumente und einstellungen\PRINKTO\WINDOWS e:\windows\IsUn0407.exe e:\windows\unin0407.exe . . ((((((((((((((((((((((( Dateien erstellt von 2013-05-17 bis 2013-06-17 )))))))))))))))))))))))))))))) . . 2013-06-17 13:30 . 2013-06-17 13:30 29904 ----a-w- e:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\MpKsl7803822a.sys 2013-06-14 09:06 . 2008-04-13 22:15 15104 -c--a-w- e:\windows\system32\dllcache\usbscan.sys 2013-06-14 09:06 . 2008-04-13 22:15 15104 ----a-w- e:\windows\system32\drivers\usbscan.sys 2013-06-14 08:50 . 2001-08-18 02:34 7040 -c--a-w- e:\windows\system32\dllcache\serscan.sys 2013-06-14 08:50 . 2001-08-18 02:34 7040 ----a-w- e:\windows\system32\drivers\serscan.sys 2013-06-14 08:50 . 2007-10-29 03:00 69632 ----a-w- e:\windows\system32\Spool\prtprocs\w32x86\CNMPP98.DLL 2013-06-14 08:50 . 2007-10-29 03:00 27136 ----a-w- e:\windows\system32\Spool\prtprocs\w32x86\CNMPD98.DLL 2013-06-14 08:50 . 2007-10-29 03:00 223744 ----a-w- e:\windows\system32\CNMLM98.DLL 2013-06-14 08:50 . 2007-10-26 06:54 204800 ----a-w- e:\windows\system32\CNC850L.DLL 2013-06-14 08:50 . 2007-09-20 14:29 1339392 ----a-w- e:\windows\system32\CNC850C.DLL 2013-06-14 08:50 . 2007-09-20 14:28 98304 ----a-w- e:\windows\system32\CNC850I.DLL 2013-06-14 08:50 . 2007-03-15 12:12 188416 ----a-w- e:\windows\system32\CNC850O.DLL 2013-06-14 08:14 . 2008-04-13 22:15 32128 -c--a-w- e:\windows\system32\dllcache\usbccgp.sys 2013-06-14 08:14 . 2008-04-13 22:15 32128 ----a-w- e:\windows\system32\drivers\usbccgp.sys 2013-06-13 19:15 . 2013-06-14 08:55 -------- d-----w- E:\_OTL 2013-06-13 12:01 . 2013-06-13 12:02 40776 ----a-w- e:\windows\system32\drivers\mbamswissarmy.sys 2013-06-13 11:39 . 2013-05-13 06:19 7016152 ----a-w- e:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\mpengine.dll 2013-06-12 15:49 . 2013-06-13 16:43 -------- d-----w- e:\dokumente und einstellungen\Administrator 2013-06-12 15:45 . 2013-06-12 15:45 -------- d-----w- e:\dokumente und einstellungen\Besitzer\Anwendungsdaten\Yahoo! 2013-06-10 14:44 . 2013-06-10 14:44 -------- d-----w- e:\dokumente und einstellungen\All Users\Anwendungsdaten\Sage 2013-06-10 14:44 . 2012-08-07 06:33 98304 ----a-w- e:\windows\system32\dunzip32.dll 2013-06-10 14:44 . 2012-08-07 06:33 487424 ----a-w- e:\windows\system32\msvcp70.dll 2013-06-10 14:44 . 2012-08-07 06:33 344064 ----a-w- e:\windows\system32\msvcr70.dll 2013-06-10 14:44 . 2013-06-10 14:44 -------- d-----w- e:\programme\Gemeinsame Dateien\Sage Group 2013-06-10 14:44 . 2012-08-07 06:33 570128 ----a-w- e:\programme\Gemeinsame Dateien\Microsoft Shared\DAO\dao350.dll 2013-06-10 14:43 . 2012-08-07 06:33 407312 ----a-w- e:\windows\system32\msrepl35.dll 2013-06-10 14:43 . 2012-08-07 06:33 252176 ----a-w- e:\windows\system32\msrd2x35.dll 2013-06-10 14:43 . 2012-08-07 06:33 24848 ----a-w- e:\windows\system32\msjter35.dll 2013-06-10 14:43 . 2012-08-07 06:33 123664 ----a-w- e:\windows\system32\msjint35.dll 2013-06-10 14:43 . 2012-08-07 06:33 1045776 ----a-w- e:\windows\system32\msjet35.dll 2013-06-10 14:43 . 2013-06-10 14:45 -------- d-----w- e:\programme\Gemeinsame Dateien\Sage KHK Shared 2013-06-10 14:43 . 2013-06-10 14:43 -------- d-----w- e:\programme\Sage 2013-06-10 14:33 . 2001-04-11 16:25 225280 ----a-w- e:\programme\Gemeinsame Dateien\InstallShield\IScript\iscript.dll 2013-06-10 14:33 . 2001-04-11 16:21 176128 ----a-w- e:\programme\Gemeinsame Dateien\InstallShield\Engine\6\Intel 32\iuser.dll 2013-06-10 14:33 . 2001-04-11 16:20 32768 ----a-w- e:\programme\Gemeinsame Dateien\InstallShield\Engine\6\Intel 32\objectps.dll 2013-06-10 14:33 . 2001-04-11 16:25 77824 ----a-w- e:\programme\Gemeinsame Dateien\InstallShield\Engine\6\Intel 32\ctor.dll 2013-06-10 14:33 . 2001-09-05 02:24 610436 ----a-w- e:\programme\Gemeinsame Dateien\InstallShield\Engine\6\Intel 32\IKernel.exe 2013-06-10 14:29 . 2013-06-10 14:45 -------- d-----w- e:\programme\Gemeinsame Dateien\Sage Software Shared 2013-06-10 07:52 . 2013-05-13 06:19 7016152 ----a-w- e:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-06-05 09:35 . 2013-06-05 09:35 -------- d-----w- e:\dokumente und einstellungen\PRINKTO\Anwendungsdaten\CD-LabelPrint 2013-05-23 09:56 . 2003-06-19 10:05 10752 ----a-w- e:\windows\system32\hh.exe 2013-05-23 09:56 . 2002-01-04 07:05 94208 ----a-w- e:\windows\system32\DataMatrix.dll 2013-05-23 09:56 . 1999-09-07 15:00 49152 ----a-w- e:\windows\system32\PDF417.dll 2013-05-23 08:45 . 2013-05-23 08:45 -------- d-sh--w- e:\dokumente und einstellungen\PRINKTO\IECompatCache . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-13 14:32 . 2013-03-13 15:00 71048 ----a-w- e:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-13 14:32 . 2013-03-13 15:00 691592 ----a-w- e:\windows\system32\FlashPlayerApp.exe 2013-05-02 15:28 . 2013-03-14 10:50 238872 ------w- e:\windows\system32\MpSigStub.exe 2013-04-04 12:50 . 2013-03-14 09:36 22856 ----a-w- e:\windows\system32\drivers\mbam.sys 2013-04-02 08:30 . 2013-04-02 08:30 65536 ----a-r- e:\dokumente und einstellungen\PRINKTO\Anwendungsdaten\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "e:\programme\Ask.com\GenericAskToolbar.dll" [2013-04-01 1521800] "{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "e:\programme\Yahoo!\Companion\Installs\cpn0\yt.dll" [2013-04-01 1500440] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}] [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1] [HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}] [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="e:\windows\System32\NvCpl.dll" [2009-05-08 13594624] "nwiz"="nwiz.exe" [2009-05-08 1650688] "RTHDCPL"="RTHDCPL.EXE" [2009-03-12 17531392] "MSC"="e:\programme\Microsoft Security Client\msseces.exe" [2013-01-27 947152] "Adobe ARM"="e:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352] "ISUSPM Startup"="e:\progra~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184] "ISUSScheduler"="e:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "NeroFilterCheck"="e:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "ApnUpdater"="e:\programme\Ask.com\Updater\Updater.exe" [2013-04-01 1646216] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="e:\windows\System32\CTFMON.EXE" [2008-04-14 15360] . e:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\ Adobe Gamma Loader.exe.lnk - e:\programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe [2013-4-2 113664] Printkey2000.lnk - e:\programme\PrintKey2000\Printkey2000.exe [2013-3-14 794112] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "e:\\WINDOWS\\system32\\lmabcoms.exe"= "e:\\Dokumente und Einstellungen\\PRINKTO\\Anwendungsdaten\\OTi\\GO! Suite\\FunctModules\\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\\GO!Net.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "137:TCP"= 137:TCP:TCP_137 "58687:TCP"= 58687:TCP:NET_TCP_LISTEN "58686:UDP"= 58686:UDP:NET_UDP_LISTEN . R3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [2008-08-05 1684736] R3 MBAMSwissArmy;MBAMSwissArmy;e:\windows\system32\drivers\mbamswissarmy.sys [2013-06-13 40776] R3 RtsUIR;Realtek IR Driver;e:\windows\system32\DRIVERS\Rts516xIR.sys [x] S1 MpKsl7803822a;MpKsl7803822a;e:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{984A5A8D-A22E-4F14-9CFF-10883CD98447}\MpKsl7803822a.sys [2013-06-17 29904] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;e:\windows\system32\Drivers\RtsUStor.sys [2009-05-15 165888] S3 RT80x86;Ralink 802.11n Wireless Driver;e:\windows\system32\DRIVERS\RT2860.sys [2008-12-22 761472] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - MPKSL7803822A . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2009-03-08 02:32 128512 ----a-w- e:\windows\system32\advpack.dll . Inhalt des "geplante Tasks" Ordners . 2013-06-17 e:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - e:\programme\Microsoft Security Client\MpCmdRun.exe [2013-01-27 10:11] . 2013-06-17 e:\windows\Tasks\MpIdleTask.job - e:\programme\Microsoft Security Client\MpCmdRun.exe [2013-01-27 10:11] . 2013-06-17 e:\windows\Tasks\Scheduled Update for Ask Toolbar.job - e:\programme\Ask.com\UpdateTask.exe [2013-04-01 10:59] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.my.yahoo.com/ uSearchAssistant = IE: Nach Microsoft &Excel exportieren - e:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 LSP: %SYSTEMROOT%\system32\nvLsp.dll TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - e:\dokumente und einstellungen\PRINKTO\Anwendungsdaten\Mozilla\Firefox\Profiles\6axwjhbp.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - Google . - - - - Entfernte verwaiste Registrierungseinträge - - - - . HKCU-Run-ctfmon32.exe - e:\dokume~1\ALLUSE~1\ANWEND~1\rundll32.exe SafeBoot-18393550.sys SafeBoot-95315263.sys AddRemove-Adobe Photoshop Elements 1.0 - e:\windows\ISUN0407.EXE AddRemove-Adobe SVG Viewer - e:\windows\IsUn0407.exe AddRemove-iPhoto Plus 4 - e:\windows\unin0407.exe AddRemove-OKI Vorlagenmanager - e:\windows\IsUn0407.exe AddRemove-PrintKey2000 - e:\windows\unin0407.exe AddRemove-_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91} - e:\programme\Corel\CorelDRAW Graphics Suite 13\Programs\MSILauncher {7C5123A9-30A8-4C44-89CA-A8C87A1FCC91} . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-06-17 15:38 Windows 5.1.2600 Service Pack 3 NTFS . Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: 0 . ************************************************************************** . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@e:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="e:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Zeit der Fertigstellung: 2013-06-17 15:39:47 ComboFix-quarantined-files.txt 2013-06-17 13:39 . Vor Suchlauf: 6 Verzeichnis(se), 124.357.914.624 Bytes frei Nach Suchlauf: 7 Verzeichnis(se), 124.319.641.600 Bytes frei . WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn . - - End Of File - - FB230E59A17113D7074107B7DC693BD4 72B8CE41AF0DE751C946802B3ED844B4 |
17.06.2013, 14:54 | #13 |
/// Malware-holic | GVU auch im abgesicherrten Modus XP HOME 32 Hi malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
17.06.2013, 15:39 | #14 |
| GVU auch im abgesicherrten Modus XP HOME 32 so nu is fertig mit scan Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.17.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 PRINKTO :: SHALIMAR [Administrator] 17.06.2013 16:01:31 mbam-log-2013-06-17 (16-01-31).txt Art des Suchlaufs: Vollständiger Suchlauf (E:\|K:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 286006 Laufzeit: 34 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 E:\_OTL\MovedFiles.zip (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
17.06.2013, 17:41 | #15 |
/// Malware-holic | GVU auch im abgesicherrten Modus XP HOME 32 hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu GVU auch im abgesicherrten Modus XP HOME 32 |
avira searchfree toolbar, besitzer, datei, gvu trojaner, home, infizierte, infizierten, kabel, laptop, modus, netzwerkverbindung, otl.txt, otlpe, poste, scan, scann, schnittstelle, stelle, troja, trojaner, usb, wireless, xp home, zugriff |