GVU Trojaner Vers. 2.12 eingefangen, bisherige Maßnahmen erfolglos

Lokipitch · 10.07.2013, 17:26

Hallo liebes Team,

Ich bin auf der Suche nach PC-Problemen immer wieder über dieses Forum gestolpert und habe mich nun entschlossen mich doch hier zu registrieren, um von den kompetenten Ratschlägen zu profitieren. Für den Anfang kann ich nicht mit viel aufwarten, da das Problem sich auf dem Rechner meiner Freundin befindet und ich daher keine Möglichkeit hatte OTL.exe oder andere der hilfreichen Softwares runterzuladen. (Oder ich weiß es nicht besser.)

Doch zu meinem Problem:

Meine Freundin hatte gestern plötzlich den Bildschirm mit der Sperrung und Zahlungsaufforderung. GVU Trojaner. Für mich nicht Neues. Sie hatte das Problem schon einmal, doch es gelang mir das Problem (vorläufig) durch eine Systemwiederherstellung zu beheben. Diese Version des Trojaners ist nämlich extrem hartnäckig, so dass ich den PC über das erweiterte Startmenü nur im Abgesicherten Modus mit Eingabeaufforderung starten konnte.

Ich weiß es ist ratsam danach eine Systemsicherung zu machen und den PC nocheinmal neu aufzusetzen, doch ich bin darin nicht bewandert und habe mich ehrlich gesagt nicht getraut so drastische Schritte vorzunehmen.

Dieses Mal wollte ich den Schritt mit der Systemwiederherstellung (Da es wieder exakt der gleiche Trojaner zu sein scheint) umgehen, um größere Datenverluste zu vermeiden und habe mir auf CHIP online die Kaspersky Rescue Disc 10 heruntergeladen und diese auf einen USB-Stick übertragen, um es nach Schrittfolge im Boot Menü den PC über den Stick zu booten.
Doch das hat nicht geklappt, stattdessen startete Windows normal und der Trojaner war natürlich immer noch da.

Ich habe diverse Foren und Hilfeseiten durchforstet, um die Rescue Disk doch irgendwie zum Laufen zu bringen, doch nichts hilfreiches gefunden.

Hier ein paar System-Infos, die ich noch zu dem betroffenen PC zusammenkriegen:

Marke: Packard Bell Easy, Note
Prozessor: Intel Core II
OS: Windows 7 (ich sagte Vista, aber das war falsch)
(Ich hab echt keine Ahnung, was helfen könnte.

)

Daher würde ich mich vertrauensvoll in eure Hände geben und entschuldige mich schon einmal, dass ich hier mit nicht viel aufwarte.
(Habe aber den Beitrag 'Für alle Hilfesuchenden' gelesen)
Möglicherweise brauche ich also erstmal Hilfe, um euch die nötigen Log-Dateien geben zu können. Bitte.

Daher bitte ich ausdrücklich um Hilfe, bestmöglich erstmal um den Trojaner runterzubekommen, um dann später den PC neu aufzusetzen. (Wobei ich mit Sicherheit auch Hilfe brauche.)

markusg · 10.07.2013, 17:33

Hi,
Logs brauchen wir auf jeden fall, evtl. von nem andern PC laden.
Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)

Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)

Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST 64-Bit

Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.

Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:

Über den Boot Manager:

Starte den Rechner neu.

Während dem Hochfahren drücke mehrmals die F8 Taste

Wähle nun Computer reparieren.

Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Mit Windows CD/DVD (auch bei Windows 8 möglich):

Lege die Windows CD in dein Laufwerk.

Starte den Rechner neu und starte von der CD.

Wähle die Spracheinstellungen und klicke "Weiter".

Klicke auf Computerreparaturoptionen !

Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Wähle in den Reparaturoptionen: Eingabeaufforderung

Gib nun bitte notepad ein und drücke Enter.

Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.

Schließe Notepad wieder

Gib nun bitte folgenden Befehl ein.
e:\frst.exe bzw. e:\frst64.exe
Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.

Akzeptiere den Disclaimer mit Ja und klicke Untersuchen

Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

Lokipitch · 10.07.2013, 17:36

Danke für die schnelle Antwort.
Okay nur nochmal für mein Verständnis:
Ich soll das Tool auf meinen Zweitrechner laden und wie übertrage ich es dann auf den befallenen PC?

(Verzeih, es werden viele dumme Fragen folgen.XD)

Okay, danke ich werde das erstmal machen und melde mich dann nochmal zurück.

markusg · 10.07.2013, 17:50

Hi,
na was steht denn in der Anleitung, ich sag mal nur USB Stick.
:-)
bitte genau lesen.

Lokipitch · 10.07.2013, 17:58

Okay, ich bin nun erstmal soweit, dass ich die beiden Dateien FRst und FRST64 als .exe-Dateien heruntergeladen habe und auf einen USB-Stick übertragen habe.
(Richtig so?)

Hab dann den befallenen PC gestartet und bin über F2 ins Bootmenü.

"Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option." (-zitat)

Das leuchtet mir nicht ganz ein, eil ich nicht weiß wo ich das finde/ wie ich das mache.

(Wahrscheinlich bin ich im Boot-Menü ganz falsch. orz)

markusg · 10.07.2013, 18:04

da steht:
• Wähle nun Computer reparieren.
das musst du anklicken. ich sagte ja, Anleitung bitte komplett lesen

Lokipitch · 10.07.2013, 18:28

Okay, erstmal reinfummeln.
Scan ist erfolgreich gelaufen.

Hier die Datei:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-07-2013 01
Ran by SYSTEM on 10-07-2013 19:24:41
Running from G:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11725928 2010-12-22] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860040 2010-12-10] (Acer Incorporated)
HKLM\...\Run: [IgfxTray] - C:\Windows\system32\igfxtray.exe [167960 2010-12-30] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [391704 2010-12-30] (Intel Corporation)
HKLM\...\Run: [Persistence] - C:\Windows\system32\igfxpers.exe [418328 2010-12-30] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [lxeamon.exe] - "C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [770728 2011-01-23] ()
HKLM\...\Run: [EzPrint] - "C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe" [148280 2011-01-23] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - "C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe" -h -k [295232 2010-11-11] (NTI Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] - "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1025616 2010-12-08] (Dritek System Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-11] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()
HKU\Malik\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-08-15] ()
HKU\Malik\...\Run: [Akamai NetSession Interface] - "C:\Users\Malik\AppData\Local\Akamai\netsession_win.exe" [4489472 2013-06-04] (Akamai Technologies, Inc.)
HKU\Malik\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent [x]
HKU\Malik\...\Run: [EADM] - "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [3456080 2013-06-03] (Electronic Arts)
HKU\Malik\...\Run: [ctfmon32.exe] - C:\PROGRA~3\rundll32.exe C:\PROGRA~3\qjefl.dat,XFG00 [149504 2013-07-09] () <===== ATTENTION
HKU\Malik\...\Winlogon: [Shell] explorer.exe,C:\Users\Malik\AppData\Roaming\skype.dat [53248 2011-11-16] () <==== ATTENTION 
Startup: C:\Users\Malik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Malik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
ShortcutTarget: regmonstd.lnk -> C:\PROGRA~3\qjefl.dat ()

==================== Services (Whitelisted) =================

S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868224 2010-12-10] (Acer Incorporated)
S3 GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [246520 2010-04-03] (WildTangent, Inc.)
S2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
S2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2010-11-11] (NTI Corporation)
S2 QuickTimeUpdater; C:\Users\Malik\AppData\LocalLow\QuickTime\IE\QuickTimeUpdater.exe [18432 2011-07-12] ()
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [244904 2010-10-27] ()
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)

==================== Drivers (Whitelisted) ====================

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va005; \??\C:\Users\Malik\AppData\Local\Temp\005FE8B.tmp [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-10 19:23 - 2013-07-10 19:23 - 00000000 ____D C:\FRST
2013-07-09 05:39 - 2013-07-10 08:19 - 95023320 ___AT C:\ProgramData\lfejq.pad
2013-07-09 05:39 - 2013-07-10 08:19 - 00000004 ____A C:\Users\Malik\AppData\Roaming\skype.ini
2013-07-09 05:39 - 2013-07-10 08:17 - 00000000 ____A C:\ProgramData\g252qs.txt
2013-07-09 05:39 - 2013-07-09 05:39 - 00149504 ____A C:\ProgramData\qjefl.dat
2013-07-09 05:39 - 2013-07-09 05:39 - 00044544 ____A (Microsoft Corporation) C:\ProgramData\rundll32.exe
2013-07-09 05:39 - 2013-07-09 05:39 - 00002656 ____A C:\ProgramData\lfejq.js
2013-07-09 05:39 - 2013-07-09 05:39 - 00001017 ____A C:\ProgramData\sdaksda.txt
2013-07-09 05:39 - 2013-07-09 05:39 - 00000151 ____A C:\ProgramData\lfejq.reg
2013-07-09 05:39 - 2013-07-09 05:39 - 00000056 ____A C:\ProgramData\lfejq.bat
2013-07-03 11:09 - 2013-07-03 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 06:57 - 2013-06-30 06:57 - 22937227 ____A C:\Users\Malik\Downloads\vlc-2.0.7-win32(1).exe
2013-06-30 06:56 - 2013-06-30 06:58 - 00001082 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-06-30 06:54 - 2013-06-30 06:55 - 22937227 ____A C:\Users\Malik\Downloads\vlc-2.0.7-win32.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-18 07:02 - 2013-06-18 07:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-18 07:02 - 2013-06-18 07:02 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-18 07:02 - 2013-06-18 07:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-18 07:02 - 2013-06-18 07:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-18 07:02 - 2013-06-18 07:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-18 07:02 - 2013-06-18 07:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-18 07:02 - 2013-06-18 07:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-18 07:02 - 2013-06-18 07:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-18 07:02 - 2013-06-18 07:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-18 07:02 - 2013-06-18 07:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-18 07:01 - 2013-06-18 07:01 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-18 06:59 - 2013-06-18 07:07 - 00010795 ____A C:\Windows\IE10_main.log
2013-06-16 04:01 - 2013-07-10 09:11 - 00001624 ____A C:\Windows\setupact.log
2013-06-16 04:01 - 2013-06-16 04:01 - 00000546 ____A C:\Windows\PFRO.log
2013-06-16 04:01 - 2013-06-16 04:01 - 00000000 ____A C:\Windows\setuperr.log
2013-06-16 02:42 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-16 02:41 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-16 02:41 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-16 02:41 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-16 02:41 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-16 02:41 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-16 02:41 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-16 02:41 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-16 02:41 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-16 02:41 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-16 02:41 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-16 02:41 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-16 02:41 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-10 04:24 - 2013-06-10 04:24 - 00000000 ____D C:\Users\Malik\AppData\Roaming\.mono
2013-06-10 04:24 - 2013-06-10 04:24 - 00000000 ____D C:\ProgramData\.mono
2013-06-10 04:20 - 2013-06-10 04:20 - 00000000 ____D C:\Users\Malik\AppData\Roaming\Pokémon Trading Card Game Online

==================== One Month Modified Files and Folders =======

2013-07-10 19:23 - 2013-07-10 19:23 - 00000000 ____D C:\FRST
2013-07-10 09:11 - 2013-06-16 04:01 - 00001624 ____A C:\Windows\setupact.log
2013-07-10 09:11 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-10 08:19 - 2013-07-09 05:39 - 95023320 ___AT C:\ProgramData\lfejq.pad
2013-07-10 08:19 - 2013-07-09 05:39 - 00000004 ____A C:\Users\Malik\AppData\Roaming\skype.ini
2013-07-10 08:19 - 2013-04-15 18:03 - 01284399 ____A C:\Windows\WindowsUpdate.log
2013-07-10 08:19 - 2011-08-15 03:49 - 00000000 ____D C:\Users\Malik\AppData\Local\PMB Files
2013-07-10 08:19 - 2009-07-13 20:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-10 08:19 - 2009-07-13 20:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-10 08:17 - 2013-07-09 05:39 - 00000000 ____A C:\ProgramData\g252qs.txt
2013-07-10 08:17 - 2012-07-16 07:29 - 00043217 ____A C:\ProgramData\lxeascan.log
2013-07-10 08:17 - 2011-04-13 12:54 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-07-10 07:49 - 2013-06-02 23:44 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-09 14:43 - 2011-11-10 05:42 - 00000000 ____D C:\Users\Malik\AppData\Local\Akamai
2013-07-09 14:43 - 2011-08-15 03:49 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-09 14:43 - 2011-08-11 03:39 - 00000000 ____D C:\users\Malik
2013-07-09 14:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-07-09 14:22 - 2013-05-15 07:28 - 00000000 ____D C:\Users\Malik\Desktop\RPG´s
2013-07-09 05:39 - 2013-07-09 05:39 - 00149504 ____A C:\ProgramData\qjefl.dat
2013-07-09 05:39 - 2013-07-09 05:39 - 00044544 ____A (Microsoft Corporation) C:\ProgramData\rundll32.exe
2013-07-09 05:39 - 2013-07-09 05:39 - 00002656 ____A C:\ProgramData\lfejq.js
2013-07-09 05:39 - 2013-07-09 05:39 - 00001017 ____A C:\ProgramData\sdaksda.txt
2013-07-09 05:39 - 2013-07-09 05:39 - 00000151 ____A C:\ProgramData\lfejq.reg
2013-07-09 05:39 - 2013-07-09 05:39 - 00000056 ____A C:\ProgramData\lfejq.bat
2013-07-09 05:05 - 2012-02-22 11:23 - 00000000 ____D C:\Users\Malik\AppData\Roaming\Skype
2013-07-08 01:01 - 2012-05-06 21:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-04 06:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-03 13:21 - 2011-09-25 16:09 - 00000000 ____D C:\Users\Malik\AppData\Local\CrashDumps
2013-07-03 11:09 - 2013-07-03 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 17:22 - 2012-06-12 04:52 - 00000132 ____A C:\Users\Malik\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-06-30 06:58 - 2013-06-30 06:56 - 00001082 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-06-30 06:58 - 2012-11-06 23:21 - 00000000 ____D C:\Users\Malik\AppData\Roaming\vlc
2013-06-30 06:57 - 2013-06-30 06:57 - 22937227 ____A C:\Users\Malik\Downloads\vlc-2.0.7-win32(1).exe
2013-06-30 06:55 - 2013-06-30 06:54 - 22937227 ____A C:\Users\Malik\Downloads\vlc-2.0.7-win32.exe
2013-06-30 06:53 - 2012-08-26 16:05 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-30 06:53 - 2011-08-19 17:59 - 00000000 ____D C:\Users\Malik\AppData\Local\Adobe
2013-06-30 06:53 - 2011-08-11 11:55 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-30 06:41 - 2009-07-13 21:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-21 10:55 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-06-18 10:54 - 2007-07-11 17:49 - 00000000 ____D C:\Windows\Panther
2013-06-18 10:53 - 2009-07-13 20:45 - 04889528 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-18 10:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-18 10:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-18 10:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-18 10:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-06-18 10:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-18 07:07 - 2013-06-18 06:59 - 00010795 ____A C:\Windows\IE10_main.log
2013-06-18 07:02 - 2013-06-18 07:02 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-18 07:02 - 2013-06-18 07:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-18 07:02 - 2013-06-18 07:02 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-18 07:02 - 2013-06-18 07:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-18 07:02 - 2013-06-18 07:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-18 07:02 - 2013-06-18 07:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-18 07:02 - 2013-06-18 07:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-18 07:02 - 2013-06-18 07:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-18 07:02 - 2013-06-18 07:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-18 07:02 - 2013-06-18 07:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-18 07:02 - 2013-06-18 07:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-18 07:02 - 2013-06-18 07:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-18 07:02 - 2013-06-18 07:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-18 07:01 - 2013-06-18 07:01 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-18 07:01 - 2013-06-18 07:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-18 06:56 - 2013-02-01 05:30 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-17 06:27 - 2012-02-22 11:23 - 00000000 ____D C:\ProgramData\Skype
2013-06-16 12:28 - 2012-02-22 11:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-16 12:28 - 2010-12-03 03:22 - 00000000 ____D C:\ProgramData\BackupManager
2013-06-16 12:28 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Offline Web Pages
2013-06-16 12:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-16 12:28 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-16 04:01 - 2013-06-16 04:01 - 00000546 ____A C:\Windows\PFRO.log
2013-06-16 04:01 - 2013-06-16 04:01 - 00000000 ____A C:\Windows\setuperr.log
2013-06-10 04:24 - 2013-06-10 04:24 - 00000000 ____D C:\Users\Malik\AppData\Roaming\.mono
2013-06-10 04:24 - 2013-06-10 04:24 - 00000000 ____D C:\ProgramData\.mono
2013-06-10 04:20 - 2013-06-10 04:20 - 00000000 ____D C:\Users\Malik\AppData\Roaming\Pokémon Trading Card Game Online

Files to move or delete:
====================
C:\ProgramData\rundll32.exe
C:\Users\Malik\AppData\Roaming\skype.dat
C:\Users\Malik\AppData\Roaming\skype.ini
C:\ProgramData\lfejq.bat
C:\ProgramData\lfejq.pad
C:\ProgramData\lfejq.reg
C:\ProgramData\qjefl.dat

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-06-15 10:01:58
Restore point made on: 2013-06-18 06:55:42
Restore point made on: 2013-06-27 12:32:32
Restore point made on: 2013-06-30 06:18:12
Restore point made on: 2013-07-09 14:23:34

==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 3947.86 MB
Available physical RAM: 3234.51 MB
Total Pagefile: 3946.01 MB
Available Pagefile: 3223.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:450.16 GB) (Free:290.15 GB) NTFS (Disk=0 Partition=3)
Drive e: (PQSERVICE) (Fixed) (Total:15.5 GB) (Free:1.35 GB) NTFS (Disk=0 Partition=1)
Drive g: () (Removable) (Total:27.49 GB) (Free:27.48 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9B2F9272)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: DBAE3FA1)
Partition 1: (Not Active) - (Size=28 GB) - (Type=0C)


LastRegBack: 2013-07-02 11:20

==================== End Of Log ============================

--- --- ---

markusg · 10.07.2013, 18:31

Hi,
1.
Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Startup: C:\Users\Malik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
ShortcutTarget: regmonstd.lnk -> C:\PROGRA~3\qjefl.dat ()
HKU\Malik\...\Winlogon: [Shell] explorer.exe,C:\Users\Malik\AppData\Roaming\skype.dat [53248 2011-11-16] () <==== ATTENTION 
HKU\Malik\...\Run: [ctfmon32.exe] - C:\PROGRA~3\rundll32.exe C:\PROGRA~3\qjefl.dat,XFG00 [149504 2013-07-09] () <===== ATTENTION
C:\ProgramData\rundll32.exe
C:\Users\Malik\AppData\Roaming\skype.dat
C:\Users\Malik\AppData\Roaming\skype.ini
C:\ProgramData\lfejq.bat
C:\ProgramData\lfejq.pad
C:\ProgramData\lfejq.reg
C:\ProgramData\qjefl.dat

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

2.
nach dem Neustart:

Navigiere bitte zu:
C:\FRST\Quarantine
Rechtsklick, mit Winrar oder einem anderen Archvierer packen und im Uploadchannel hochladen.
Trojaner-Board Upload Channel

Lokipitch · 10.07.2013, 18:50

Fixlog erstellt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-07-2013 01
Ran by SYSTEM at 2013-07-10 19:48:05 Run:1
Running from G:\
Boot Mode: Recovery
==============================================

C:\Users\Malik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk => Moved successfully.
C:\PROGRA~3\qjefl.dat => Moved successfully.
HKU\Malik\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\Malik\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon32.exe => Value deleted successfully.
C:\ProgramData\rundll32.exe => Moved successfully.
C:\Users\Malik\AppData\Roaming\skype.dat => Moved successfully.
C:\Users\Malik\AppData\Roaming\skype.ini => Moved successfully.
C:\ProgramData\lfejq.bat => Moved successfully.
C:\ProgramData\lfejq.pad => Moved successfully.
C:\ProgramData\lfejq.reg => Moved successfully.
"C:\ProgramData\qjefl.dat" => File/Directory not found.

==== End of Fixlog ====

Jetzt muss ich das infizierte System neustarten und die letzten Schritte befolgen richtig?

markusg · 10.07.2013, 18:51

Ja,

Lokipitch · 10.07.2013, 18:57

Wie navigiere ich dorthin? (C:\FRST\Quaratine)
Worüber muss ich das machen? Über die erweiterten Optionen, Computer reparieren usw, wie zuvor klappt das nicht.
v_v
(es tut mir so leid. XD)

markusg · 10.07.2013, 19:02

ne, du sollst den Computer ganz normal starten, und dann Arbeitsplatz bzw Computer öffnen und dann da hin navigieren.

Lokipitch · 10.07.2013, 19:10

Hab ich gemacht.
Wurde auch hichgeladen.

markusg · 10.07.2013, 19:17

Sehr gut.
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lokipitch · 10.07.2013, 19:35

Erledigt.
Bitte sehr. : )

Code:

ATTFilter

20:31:04.0943 1132  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:31:05.0146 1132  ============================================================
20:31:05.0146 1132  Current date / time: 2013/07/10 20:31:05.0146
20:31:05.0146 1132  SystemInfo:
20:31:05.0146 1132  
20:31:05.0146 1132  OS Version: 6.1.7601 ServicePack: 1.0
20:31:05.0146 1132  Product type: Workstation
20:31:05.0146 1132  ComputerName: MALIK-PC
20:31:05.0146 1132  UserName: Malik
20:31:05.0146 1132  Windows directory: C:\Windows
20:31:05.0146 1132  System windows directory: C:\Windows
20:31:05.0146 1132  Running under WOW64
20:31:05.0146 1132  Processor architecture: Intel x64
20:31:05.0146 1132  Number of processors: 4
20:31:05.0146 1132  Page size: 0x1000
20:31:05.0146 1132  Boot type: Normal boot
20:31:05.0146 1132  ============================================================
20:31:06.0191 1132  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:31:06.0191 1132  ============================================================
20:31:06.0191 1132  \Device\Harddisk0\DR0:
20:31:06.0191 1132  MBR partitions:
20:31:06.0191 1132  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F00800, BlocksNum 0x32000
20:31:06.0191 1132  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1F32800, BlocksNum 0x38453000
20:31:06.0191 1132  ============================================================
20:31:06.0222 1132  C: <-> \Device\Harddisk0\DR0\Partition2
20:31:06.0222 1132  ============================================================
20:31:06.0222 1132  Initialize success
20:31:06.0222 1132  ============================================================
20:31:09.0155 2552  ============================================================
20:31:09.0155 2552  Scan started
20:31:09.0155 2552  Mode: Manual; 
20:31:09.0155 2552  ============================================================
20:31:14.0584 2552  ================ Scan system memory ========================
20:31:14.0584 2552  System memory - ok
20:31:14.0584 2552  ================ Scan services =============================
20:31:14.0958 2552  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:31:14.0958 2552  1394ohci - ok
20:31:15.0005 2552  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:31:15.0005 2552  ACPI - ok
20:31:15.0067 2552  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:31:15.0067 2552  AcpiPmi - ok
20:31:15.0145 2552  [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
20:31:15.0145 2552  AdobeActiveFileMonitor8.0 - ok
20:31:15.0223 2552  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:31:15.0223 2552  adp94xx - ok
20:31:15.0286 2552  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:31:15.0286 2552  adpahci - ok
20:31:15.0379 2552  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:31:15.0379 2552  adpu320 - ok
20:31:15.0426 2552  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:31:15.0426 2552  AeLookupSvc - ok
20:31:15.0504 2552  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
20:31:15.0504 2552  AFD - ok
20:31:15.0551 2552  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:31:15.0567 2552  agp440 - ok
20:31:15.0816 2552  [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
20:31:15.0816 2552  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803
20:31:15.0832 2552  Akamai ( HiddenFile.Multi.Generic ) - warning
20:31:15.0832 2552  Akamai - detected HiddenFile.Multi.Generic (1)
20:31:15.0879 2552  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
20:31:15.0879 2552  ALG - ok
20:31:15.0957 2552  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:31:15.0957 2552  aliide - ok
20:31:15.0972 2552  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:31:15.0972 2552  amdide - ok
20:31:16.0019 2552  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:31:16.0019 2552  AmdK8 - ok
20:31:16.0035 2552  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:31:16.0035 2552  AmdPPM - ok
20:31:16.0097 2552  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:31:16.0097 2552  amdsata - ok
20:31:16.0128 2552  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:31:16.0128 2552  amdsbs - ok
20:31:16.0144 2552  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:31:16.0144 2552  amdxata - ok
20:31:16.0206 2552  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
20:31:16.0206 2552  AppID - ok
20:31:16.0253 2552  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:31:16.0253 2552  AppIDSvc - ok
20:31:16.0362 2552  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
20:31:16.0378 2552  Appinfo - ok
20:31:16.0456 2552  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:31:16.0456 2552  arc - ok
20:31:16.0487 2552  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:31:16.0487 2552  arcsas - ok
20:31:16.0534 2552  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:31:16.0565 2552  AsyncMac - ok
20:31:16.0659 2552  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
20:31:16.0659 2552  atapi - ok
20:31:17.0080 2552  [ C8679A07267F030704168E45E27C3D43 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:31:17.0173 2552  athr - ok
20:31:17.0314 2552  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:31:17.0329 2552  AudioEndpointBuilder - ok
20:31:17.0361 2552  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:31:17.0361 2552  AudioSrv - ok
20:31:17.0423 2552  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:31:17.0439 2552  AxInstSV - ok
20:31:17.0501 2552  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:31:17.0501 2552  b06bdrv - ok
20:31:17.0579 2552  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:31:17.0579 2552  b57nd60a - ok
20:31:17.0735 2552  [ 2618E15514736FB469B105CE729B6D9D ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys
20:31:17.0735 2552  b57xdbd - ok
20:31:17.0766 2552  [ BABA4F0E2978B69B4E0B260EF7150DD6 ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys
20:31:17.0766 2552  b57xdmp - ok
20:31:18.0031 2552  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:31:18.0031 2552  BDESVC - ok
20:31:18.0141 2552  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:31:18.0141 2552  Beep - ok
20:31:18.0219 2552  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
20:31:18.0219 2552  BFE - ok
20:31:18.0281 2552  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
20:31:18.0312 2552  BITS - ok
20:31:18.0375 2552  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:31:18.0375 2552  blbdrive - ok
20:31:18.0406 2552  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:31:18.0421 2552  bowser - ok
20:31:18.0484 2552  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:31:18.0484 2552  BrFiltLo - ok
20:31:18.0499 2552  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:31:18.0499 2552  BrFiltUp - ok
20:31:18.0546 2552  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
20:31:18.0546 2552  Browser - ok
20:31:18.0609 2552  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:31:18.0624 2552  Brserid - ok
20:31:18.0655 2552  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:31:18.0655 2552  BrSerWdm - ok
20:31:18.0687 2552  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:31:18.0687 2552  BrUsbMdm - ok
20:31:18.0702 2552  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:31:18.0702 2552  BrUsbSer - ok
20:31:18.0843 2552  [ 65349B60F2F5325759525199E26DA1A6 ] bScsiMSa        C:\Windows\system32\DRIVERS\bScsiMSa.sys
20:31:18.0843 2552  bScsiMSa - ok
20:31:18.0952 2552  [ E6CC56662F6C6B787A1FBEA4CD247AE0 ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
20:31:18.0952 2552  bScsiSDa - ok
20:31:19.0030 2552  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:31:19.0030 2552  BTHMODEM - ok
20:31:19.0123 2552  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
20:31:19.0123 2552  bthserv - ok
20:31:19.0155 2552  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:31:19.0155 2552  cdfs - ok
20:31:19.0279 2552  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
20:31:19.0279 2552  cdrom - ok
20:31:19.0373 2552  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:31:19.0373 2552  CertPropSvc - ok
20:31:19.0420 2552  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:31:19.0420 2552  circlass - ok
20:31:19.0467 2552  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
20:31:19.0467 2552  CLFS - ok
20:31:19.0545 2552  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:19.0545 2552  clr_optimization_v2.0.50727_32 - ok
20:31:19.0607 2552  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:31:19.0607 2552  clr_optimization_v2.0.50727_64 - ok
20:31:19.0716 2552  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:31:20.0169 2552  clr_optimization_v4.0.30319_32 - ok
20:31:20.0590 2552  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:31:20.0590 2552  clr_optimization_v4.0.30319_64 - ok
20:31:20.0652 2552  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:31:20.0652 2552  CmBatt - ok
20:31:20.0699 2552  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:31:20.0699 2552  cmdide - ok
20:31:20.0839 2552  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
20:31:20.0855 2552  CNG - ok
20:31:20.0980 2552  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:31:20.0980 2552  Compbatt - ok
20:31:21.0089 2552  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:31:21.0089 2552  CompositeBus - ok
20:31:21.0136 2552  COMSysApp - ok
20:31:21.0198 2552  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:31:21.0198 2552  crcdisk - ok
20:31:21.0370 2552  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:31:21.0370 2552  CryptSvc - ok
20:31:21.0541 2552  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:31:21.0666 2552  DcomLaunch - ok
20:31:21.0807 2552  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
20:31:21.0822 2552  defragsvc - ok
20:31:21.0885 2552  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:31:21.0885 2552  DfsC - ok
20:31:21.0994 2552  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:31:21.0994 2552  Dhcp - ok
20:31:22.0025 2552  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
20:31:22.0025 2552  discache - ok
20:31:22.0306 2552  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:31:22.0321 2552  Disk - ok
20:31:22.0415 2552  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:31:22.0415 2552  Dnscache - ok
20:31:22.0524 2552  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:31:22.0540 2552  dot3svc - ok
20:31:22.0633 2552  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
20:31:22.0633 2552  DPS - ok
20:31:22.0727 2552  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:31:22.0727 2552  drmkaud - ok
20:31:23.0070 2552  [ 470F7F19188AB45463F8B612D6DDE7C8 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:31:23.0086 2552  DsiWMIService - ok
20:31:23.0367 2552  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:31:23.0382 2552  DXGKrnl - ok
20:31:23.0398 2552  EagleX64 - ok
20:31:23.0569 2552  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
20:31:23.0585 2552  EapHost - ok
20:31:24.0022 2552  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:31:24.0115 2552  ebdrv - ok
20:31:24.0209 2552  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
20:31:24.0225 2552  EFS - ok
20:31:24.0318 2552  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:31:24.0349 2552  ehRecvr - ok
20:31:24.0381 2552  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
20:31:24.0381 2552  ehSched - ok
20:31:24.0552 2552  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:31:24.0552 2552  elxstor - ok
20:31:24.0693 2552  [ F2E893846021CEE30AC7612B5BE66330 ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
20:31:24.0708 2552  ePowerSvc - ok
20:31:24.0786 2552  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:31:24.0786 2552  ErrDev - ok
20:31:24.0849 2552  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
20:31:24.0849 2552  EventSystem - ok
20:31:24.0880 2552  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
20:31:24.0880 2552  exfat - ok
20:31:24.0895 2552  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:31:24.0895 2552  fastfat - ok
20:31:24.0958 2552  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
20:31:24.0973 2552  Fax - ok
20:31:25.0036 2552  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:31:25.0051 2552  fdc - ok
20:31:25.0098 2552  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:31:25.0098 2552  fdPHost - ok
20:31:25.0114 2552  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:31:25.0114 2552  FDResPub - ok
20:31:25.0145 2552  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:31:25.0145 2552  FileInfo - ok
20:31:25.0192 2552  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:31:25.0192 2552  Filetrace - ok
20:31:25.0270 2552  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:31:25.0285 2552  FLEXnet Licensing Service - ok
20:31:25.0317 2552  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:31:25.0317 2552  flpydisk - ok
20:31:25.0379 2552  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:31:25.0379 2552  FltMgr - ok
20:31:25.0473 2552  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
20:31:25.0504 2552  FontCache - ok
20:31:25.0551 2552  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:31:25.0551 2552  FontCache3.0.0.0 - ok
20:31:25.0582 2552  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:31:25.0582 2552  FsDepends - ok
20:31:25.0629 2552  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:31:25.0629 2552  Fs_Rec - ok
20:31:25.0691 2552  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:31:25.0691 2552  fvevol - ok
20:31:25.0738 2552  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:31:25.0738 2552  gagp30kx - ok
20:31:25.0847 2552  [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
20:31:25.0878 2552  GameConsoleService - ok
20:31:25.0925 2552  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
20:31:25.0941 2552  gpsvc - ok
20:31:26.0019 2552  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
20:31:26.0019 2552  GREGService - ok
20:31:26.0065 2552  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:31:26.0081 2552  hcw85cir - ok
20:31:26.0128 2552  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:31:26.0143 2552  HdAudAddService - ok
20:31:26.0237 2552  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:31:26.0237 2552  HDAudBus - ok
20:31:26.0268 2552  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:31:26.0284 2552  HidBatt - ok
20:31:26.0299 2552  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:31:26.0299 2552  HidBth - ok
20:31:26.0346 2552  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:31:26.0346 2552  HidIr - ok
20:31:26.0409 2552  [ 4965189C05ACAAC13FE47686E28EDCCE ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
20:31:26.0409 2552  hidkmdf - ok
20:31:26.0440 2552  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
20:31:26.0440 2552  hidserv - ok
20:31:26.0502 2552  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:31:26.0502 2552  HidUsb - ok
20:31:26.0533 2552  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:31:26.0533 2552  hkmsvc - ok
20:31:26.0565 2552  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:31:26.0565 2552  HomeGroupListener - ok
20:31:26.0611 2552  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:31:26.0611 2552  HomeGroupProvider - ok
20:31:26.0705 2552  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:31:26.0721 2552  HpSAMD - ok
20:31:27.0033 2552  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:31:27.0079 2552  HTTP - ok
20:31:27.0126 2552  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:31:27.0126 2552  hwpolicy - ok
20:31:27.0220 2552  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:31:27.0220 2552  i8042prt - ok
20:31:27.0391 2552  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:31:27.0407 2552  iaStor - ok
20:31:27.0610 2552  [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:31:27.0625 2552  IAStorDataMgrSvc - ok
20:31:27.0844 2552  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:31:27.0859 2552  iaStorV - ok
20:31:28.0171 2552  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:31:28.0281 2552  idsvc - ok
20:31:31.0447 2552  [ 553228E67639F52C9BD86362C0C64F85 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:31:31.0775 2552  igfx - ok
20:31:31.0822 2552  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:31:31.0822 2552  iirsp - ok
20:31:31.0869 2552  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:31:31.0884 2552  IKEEXT - ok
20:31:32.0321 2552  [ DD1FC331286A33F396945115AE4E5E8A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:31:32.0337 2552  IntcAzAudAddService - ok
20:31:32.0415 2552  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:31:32.0415 2552  IntcDAud - ok
20:31:32.0461 2552  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
20:31:32.0461 2552  intelide - ok
20:31:32.0649 2552  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:31:32.0649 2552  intelppm - ok
20:31:32.0711 2552  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:31:32.0867 2552  IPBusEnum - ok
20:31:32.0945 2552  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:31:32.0945 2552  IpFilterDriver - ok
20:31:33.0241 2552  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:31:33.0273 2552  iphlpsvc - ok
20:31:33.0335 2552  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:31:33.0351 2552  IPMIDRV - ok
20:31:33.0397 2552  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:31:33.0397 2552  IPNAT - ok
20:31:33.0460 2552  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:31:33.0460 2552  IRENUM - ok
20:31:33.0538 2552  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:31:33.0553 2552  isapnp - ok
20:31:33.0694 2552  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:31:33.0694 2552  iScsiPrt - ok
20:31:33.0865 2552  [ 81458A917F8CC7A5171759218D64FA3A ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
20:31:33.0865 2552  k57nd60a - ok
20:31:33.0943 2552  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:31:33.0943 2552  kbdclass - ok
20:31:34.0131 2552  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:31:34.0131 2552  kbdhid - ok
20:31:34.0162 2552  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
20:31:34.0162 2552  KeyIso - ok
20:31:34.0193 2552  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:31:34.0193 2552  KSecDD - ok
20:31:34.0224 2552  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:31:34.0224 2552  KSecPkg - ok
20:31:34.0255 2552  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:31:34.0255 2552  ksthunk - ok
20:31:34.0287 2552  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:31:34.0302 2552  KtmRm - ok
20:31:34.0349 2552  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:31:34.0349 2552  LanmanServer - ok
20:31:34.0411 2552  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:31:34.0411 2552  LanmanWorkstation - ok
20:31:34.0474 2552  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:31:34.0474 2552  lltdio - ok
20:31:34.0505 2552  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:31:34.0505 2552  lltdsvc - ok
20:31:34.0536 2552  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:31:34.0552 2552  lmhosts - ok
20:31:34.0645 2552  [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:31:34.0645 2552  LMS - ok
20:31:34.0692 2552  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:31:34.0692 2552  LSI_FC - ok
20:31:34.0708 2552  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:31:34.0708 2552  LSI_SAS - ok
20:31:34.0723 2552  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:31:34.0723 2552  LSI_SAS2 - ok
20:31:34.0739 2552  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:31:34.0770 2552  LSI_SCSI - ok
20:31:34.0833 2552  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:31:34.0833 2552  luafv - ok
20:31:34.0957 2552  [ 3D1516114F5B1548864D043177F992A6 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
20:31:34.0957 2552  lxeaCATSCustConnectService - ok
20:31:35.0020 2552  lxea_device - ok
20:31:35.0082 2552  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:31:35.0082 2552  MBAMProtector - ok
20:31:35.0145 2552  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:31:35.0160 2552  MBAMScheduler - ok
20:31:35.0223 2552  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:31:35.0223 2552  MBAMService - ok
20:31:35.0269 2552  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:31:35.0269 2552  Mcx2Svc - ok
20:31:35.0285 2552  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:31:35.0285 2552  megasas - ok
20:31:35.0316 2552  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:31:35.0316 2552  MegaSR - ok
20:31:35.0379 2552  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
20:31:35.0379 2552  MEIx64 - ok
20:31:35.0425 2552  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
20:31:35.0425 2552  MMCSS - ok
20:31:35.0457 2552  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
20:31:35.0457 2552  Modem - ok
20:31:35.0488 2552  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:31:35.0488 2552  monitor - ok
20:31:35.0503 2552  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:31:35.0519 2552  mouclass - ok
20:31:35.0535 2552  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:31:35.0550 2552  mouhid - ok
20:31:35.0581 2552  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:31:35.0597 2552  mountmgr - ok
20:31:35.0691 2552  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:31:35.0691 2552  MozillaMaintenance - ok
20:31:35.0722 2552  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:31:35.0722 2552  mpio - ok
20:31:35.0753 2552  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:31:35.0753 2552  mpsdrv - ok
20:31:35.0800 2552  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:31:35.0815 2552  MpsSvc - ok
20:31:35.0862 2552  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:31:35.0878 2552  MRxDAV - ok
20:31:35.0893 2552  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:31:35.0909 2552  mrxsmb - ok
20:31:35.0925 2552  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:31:35.0925 2552  mrxsmb10 - ok
20:31:35.0956 2552  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:31:35.0956 2552  mrxsmb20 - ok
20:31:35.0971 2552  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:31:35.0971 2552  msahci - ok
20:31:36.0018 2552  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:31:36.0018 2552  msdsm - ok
20:31:36.0065 2552  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:31:36.0065 2552  MSDTC - ok
20:31:36.0112 2552  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:31:36.0112 2552  Msfs - ok
20:31:36.0127 2552  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:31:36.0127 2552  mshidkmdf - ok
20:31:36.0143 2552  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:31:36.0143 2552  msisadrv - ok
20:31:36.0174 2552  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:31:36.0174 2552  MSiSCSI - ok
20:31:36.0190 2552  msiserver - ok
20:31:36.0237 2552  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:31:36.0237 2552  MSKSSRV - ok
20:31:36.0268 2552  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:31:36.0268 2552  MSPCLOCK - ok
20:31:36.0299 2552  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:31:36.0299 2552  MSPQM - ok
20:31:36.0346 2552  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:31:36.0346 2552  MsRPC - ok
20:31:36.0393 2552  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:31:36.0393 2552  mssmbios - ok
20:31:36.0439 2552  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:31:36.0439 2552  MSTEE - ok
20:31:36.0471 2552  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:31:36.0486 2552  MTConfig - ok
20:31:36.0564 2552  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:31:36.0580 2552  Mup - ok
20:31:36.0627 2552  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
20:31:36.0642 2552  napagent - ok
20:31:36.0705 2552  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:31:36.0705 2552  NativeWifiP - ok
20:31:36.0783 2552  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:31:36.0985 2552  NDIS - ok
20:31:37.0048 2552  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:31:37.0048 2552  NdisCap - ok
20:31:37.0079 2552  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:31:37.0079 2552  NdisTapi - ok
20:31:37.0141 2552  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:31:37.0141 2552  Ndisuio - ok
20:31:37.0188 2552  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:31:37.0188 2552  NdisWan - ok
20:31:37.0219 2552  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:31:37.0219 2552  NDProxy - ok
20:31:37.0329 2552  [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:31:37.0563 2552  Nero BackItUp Scheduler 4.0 - ok
20:31:37.0625 2552  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:31:37.0625 2552  NetBIOS - ok
20:31:37.0656 2552  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:31:37.0656 2552  NetBT - ok
20:31:37.0672 2552  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
20:31:37.0687 2552  Netlogon - ok
20:31:37.0750 2552  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
20:31:37.0765 2552  Netman - ok
20:31:37.0781 2552  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
20:31:37.0797 2552  netprofm - ok
20:31:37.0828 2552  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:31:37.0843 2552  NetTcpPortSharing - ok
20:31:37.0890 2552  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:31:37.0890 2552  nfrd960 - ok
20:31:37.0953 2552  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:31:37.0968 2552  NlaSvc - ok
20:31:37.0999 2552  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:31:37.0999 2552  Npfs - ok
20:31:38.0031 2552  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
20:31:38.0031 2552  nsi - ok
20:31:38.0062 2552  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:31:38.0062 2552  nsiproxy - ok
20:31:38.0140 2552  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:31:38.0218 2552  Ntfs - ok
20:31:38.0280 2552  [ 8F59A2506AF43F96F5397B3C79938AE9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
20:31:38.0296 2552  NTI IScheduleSvc - ok
20:31:38.0327 2552  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
20:31:38.0327 2552  NTIDrvr - ok
20:31:38.0343 2552  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
20:31:38.0343 2552  Null - ok
20:31:38.0405 2552  [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
20:31:38.0405 2552  nusb3hub - ok
20:31:38.0421 2552  [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:31:38.0421 2552  nusb3xhc - ok
20:31:38.0483 2552  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:31:38.0483 2552  nvraid - ok
20:31:38.0499 2552  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:31:38.0514 2552  nvstor - ok
20:31:38.0561 2552  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:31:38.0561 2552  nv_agp - ok
20:31:38.0608 2552  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:31:38.0608 2552  ohci1394 - ok
20:31:38.0655 2552  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:31:38.0670 2552  p2pimsvc - ok
20:31:38.0701 2552  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:31:38.0717 2552  p2psvc - ok
20:31:38.0795 2552  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:31:38.0795 2552  Parport - ok
20:31:38.0826 2552  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:31:38.0826 2552  partmgr - ok
20:31:38.0873 2552  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:31:38.0873 2552  PcaSvc - ok
20:31:38.0920 2552  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
20:31:38.0920 2552  pci - ok
20:31:38.0951 2552  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
20:31:38.0951 2552  pciide - ok
20:31:39.0013 2552  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:31:39.0013 2552  pcmcia - ok
20:31:39.0029 2552  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:31:39.0029 2552  pcw - ok
20:31:39.0076 2552  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:31:39.0107 2552  PEAUTH - ok
20:31:39.0232 2552  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:31:39.0232 2552  PerfHost - ok
20:31:39.0325 2552  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
20:31:39.0388 2552  pla - ok
20:31:39.0481 2552  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:31:39.0481 2552  PlugPlay - ok
20:31:39.0513 2552  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:31:39.0528 2552  PNRPAutoReg - ok
20:31:39.0544 2552  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:31:39.0559 2552  PNRPsvc - ok
20:31:39.0606 2552  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:31:39.0622 2552  PolicyAgent - ok
20:31:39.0669 2552  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
20:31:39.0669 2552  Power - ok
20:31:39.0747 2552  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:31:39.0747 2552  PptpMiniport - ok
20:31:39.0778 2552  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:31:39.0778 2552  Processor - ok
20:31:39.0825 2552  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:31:39.0840 2552  ProfSvc - ok
20:31:39.0856 2552  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:31:39.0856 2552  ProtectedStorage - ok
20:31:39.0918 2552  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:31:39.0918 2552  Psched - ok
20:31:39.0965 2552  [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
20:31:39.0965 2552  PxHlpa64 - ok
20:31:40.0027 2552  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:31:40.0074 2552  ql2300 - ok
20:31:40.0105 2552  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:31:40.0105 2552  ql40xx - ok
20:31:40.0230 2552  [ A279D9B07CA837EF8139D3F4857328DB ] QuickTimeUpdater C:\Users\Malik\AppData\LocalLow\QuickTime\IE\QuickTimeUpdater.exe
20:31:40.0230 2552  QuickTimeUpdater - ok
20:31:40.0261 2552  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
20:31:40.0261 2552  QWAVE - ok
20:31:40.0308 2552  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:31:40.0308 2552  QWAVEdrv - ok
20:31:40.0324 2552  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:31:40.0324 2552  RasAcd - ok
20:31:40.0386 2552  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:31:40.0386 2552  RasAgileVpn - ok
20:31:40.0433 2552  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
20:31:40.0433 2552  RasAuto - ok
20:31:40.0480 2552  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:31:40.0480 2552  Rasl2tp - ok
20:31:40.0542 2552  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
20:31:40.0558 2552  RasMan - ok
20:31:40.0620 2552  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:31:40.0620 2552  RasPppoe - ok
20:31:40.0667 2552  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:31:40.0667 2552  RasSstp - ok
20:31:40.0698 2552  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:31:40.0714 2552  rdbss - ok
20:31:40.0745 2552  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:31:40.0776 2552  rdpbus - ok
20:31:40.0823 2552  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:31:40.0823 2552  RDPCDD - ok
20:31:40.0839 2552  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:31:40.0839 2552  RDPENCDD - ok
20:31:40.0885 2552  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:31:40.0885 2552  RDPREFMP - ok
20:31:40.0932 2552  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:31:40.0932 2552  RDPWD - ok
20:31:40.0995 2552  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:31:41.0010 2552  rdyboost - ok
20:31:41.0057 2552  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:31:41.0057 2552  RemoteAccess - ok
20:31:41.0088 2552  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:31:41.0104 2552  RemoteRegistry - ok
20:31:41.0197 2552  [ CC6943E37FF6B0DAFF4B2580B0BB9721 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
20:31:41.0213 2552  RichVideo - ok
20:31:41.0260 2552  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:31:41.0275 2552  RpcEptMapper - ok
20:31:41.0307 2552  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
20:31:41.0307 2552  RpcLocator - ok
20:31:41.0338 2552  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
20:31:41.0353 2552  RpcSs - ok
20:31:41.0400 2552  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:31:41.0400 2552  rspndr - ok
20:31:41.0416 2552  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
20:31:41.0431 2552  SamSs - ok
20:31:41.0463 2552  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:31:41.0478 2552  sbp2port - ok
20:31:41.0509 2552  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:31:41.0525 2552  SCardSvr - ok
20:31:41.0541 2552  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:31:41.0556 2552  scfilter - ok
20:31:41.0603 2552  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
20:31:41.0650 2552  Schedule - ok
20:31:41.0697 2552  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:31:41.0697 2552  SCPolicySvc - ok
20:31:41.0759 2552  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
20:31:41.0759 2552  sdbus - ok
20:31:41.0790 2552  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:31:41.0790 2552  SDRSVC - ok
20:31:41.0821 2552  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:31:41.0821 2552  secdrv - ok
20:31:41.0868 2552  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
20:31:41.0868 2552  seclogon - ok
20:31:41.0915 2552  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
20:31:41.0931 2552  SENS - ok
20:31:41.0962 2552  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:31:41.0977 2552  SensrSvc - ok
20:31:42.0024 2552  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:31:42.0024 2552  Serenum - ok
20:31:42.0040 2552  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:31:42.0040 2552  Serial - ok
20:31:42.0087 2552  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:31:42.0087 2552  sermouse - ok
20:31:42.0149 2552  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:31:42.0149 2552  SessionEnv - ok
20:31:42.0196 2552  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:31:42.0196 2552  sffdisk - ok
20:31:42.0227 2552  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:31:42.0243 2552  sffp_mmc - ok
20:31:42.0274 2552  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:31:42.0289 2552  sffp_sd - ok
20:31:42.0336 2552  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:31:42.0336 2552  sfloppy - ok
20:31:42.0414 2552  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:31:42.0414 2552  SharedAccess - ok
20:31:42.0461 2552  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:31:42.0492 2552  ShellHWDetection - ok
20:31:42.0508 2552  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:31:42.0508 2552  SiSRaid2 - ok
20:31:42.0539 2552  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:31:42.0555 2552  SiSRaid4 - ok
20:31:42.0773 2552  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:31:42.0882 2552  Skype C2C Service - ok
20:31:43.0007 2552  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:31:43.0023 2552  SkypeUpdate - ok
20:31:43.0054 2552  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:31:43.0054 2552  Smb - ok
20:31:43.0116 2552  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:31:43.0132 2552  SNMPTRAP - ok
20:31:43.0163 2552  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:31:43.0163 2552  spldr - ok
20:31:43.0210 2552  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
20:31:43.0225 2552  Spooler - ok
20:31:43.0366 2552  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
20:31:43.0491 2552  sppsvc - ok
20:31:43.0537 2552  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:31:43.0537 2552  sppuinotify - ok
20:31:43.0584 2552  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:31:43.0600 2552  srv - ok
20:31:43.0631 2552  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:31:43.0647 2552  srv2 - ok
20:31:43.0709 2552  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:31:43.0709 2552  srvnet - ok
20:31:43.0771 2552  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:31:43.0771 2552  SSDPSRV - ok
20:31:43.0803 2552  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:31:43.0803 2552  SstpSvc - ok
20:31:43.0834 2552  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:31:43.0834 2552  stexstor - ok
20:31:43.0896 2552  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
20:31:43.0927 2552  stisvc - ok
20:31:44.0005 2552  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:31:44.0005 2552  swenum - ok
20:31:44.0146 2552  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:31:44.0161 2552  SwitchBoard - ok
20:31:44.0224 2552  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
20:31:44.0239 2552  swprv - ok
20:31:44.0349 2552  [ EF51B22706DB03F0857FADE127C804EC ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:31:44.0380 2552  SynTP - ok
20:31:44.0489 2552  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
20:31:44.0567 2552  SysMain - ok
20:31:44.0614 2552  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:31:44.0614 2552  TabletInputService - ok
20:31:45.0051 2552  [ 1CBBC0EB320BC9195A886FD0D183BEBC ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
20:31:45.0331 2552  TabletServiceWacom - ok
20:31:45.0378 2552  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:31:45.0378 2552  TapiSrv - ok
20:31:45.0425 2552  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
20:31:45.0441 2552  TBS - ok
20:31:45.0550 2552  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:31:45.0628 2552  Tcpip - ok
20:31:45.0706 2552  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:31:45.0721 2552  TCPIP6 - ok
20:31:45.0768 2552  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:31:45.0768 2552  tcpipreg - ok
20:31:45.0831 2552  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:31:45.0831 2552  TDPIPE - ok
20:31:45.0877 2552  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:31:45.0877 2552  TDTCP - ok
20:31:45.0924 2552  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:31:45.0924 2552  tdx - ok
20:31:45.0971 2552  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:31:45.0971 2552  TermDD - ok
20:31:46.0002 2552  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
20:31:46.0033 2552  TermService - ok
20:31:46.0096 2552  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
20:31:46.0111 2552  Themes - ok
20:31:46.0127 2552  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
20:31:46.0143 2552  THREADORDER - ok
20:31:46.0205 2552  [ C0F628F426FA7A6C2AAEFDAE5A00F20B ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
20:31:46.0221 2552  TouchServiceWacom - ok
20:31:46.0252 2552  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
20:31:46.0252 2552  TrkWks - ok
20:31:46.0314 2552  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:31:46.0314 2552  TrustedInstaller - ok
20:31:46.0361 2552  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:31:46.0361 2552  tssecsrv - ok
20:31:46.0423 2552  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:31:46.0423 2552  TsUsbFlt - ok
20:31:46.0486 2552  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:31:46.0486 2552  tunnel - ok
20:31:46.0517 2552  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:31:46.0533 2552  uagp35 - ok
20:31:46.0564 2552  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
20:31:46.0564 2552  UBHelper - ok
20:31:46.0595 2552  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:31:46.0611 2552  udfs - ok
20:31:46.0657 2552  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:31:46.0657 2552  UI0Detect - ok
20:31:46.0673 2552  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:31:46.0689 2552  uliagpkx - ok
20:31:46.0704 2552  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
20:31:46.0720 2552  umbus - ok
20:31:46.0735 2552  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:31:46.0751 2552  UmPass - ok
20:31:46.0954 2552  [ A678E5DDD974903DD71F503BDCACA218 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:31:47.0047 2552  UNS - ok
20:31:47.0094 2552  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
20:31:47.0110 2552  Updater Service - ok
20:31:47.0157 2552  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
20:31:47.0157 2552  upnphost - ok
20:31:47.0250 2552  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:31:47.0250 2552  usbaudio - ok
20:31:47.0281 2552  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:31:47.0281 2552  usbccgp - ok
20:31:47.0344 2552  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:31:47.0344 2552  usbcir - ok
20:31:47.0375 2552  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:31:47.0375 2552  usbehci - ok
20:31:47.0406 2552  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:31:47.0422 2552  usbhub - ok
20:31:47.0484 2552  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:31:47.0484 2552  usbohci - ok
20:31:47.0515 2552  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:31:47.0515 2552  usbprint - ok
20:31:47.0547 2552  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:31:47.0547 2552  usbscan - ok
20:31:47.0578 2552  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
20:31:47.0593 2552  USBSTOR - ok
20:31:47.0609 2552  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:31:47.0625 2552  usbuhci - ok
20:31:47.0671 2552  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:31:47.0671 2552  usbvideo - ok
20:31:47.0703 2552  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
20:31:47.0718 2552  UxSms - ok
20:31:47.0718 2552  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
20:31:47.0734 2552  VaultSvc - ok
20:31:47.0765 2552  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:31:47.0765 2552  vdrvroot - ok
20:31:47.0812 2552  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
20:31:47.0843 2552  vds - ok
20:31:47.0921 2552  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:31:47.0921 2552  vga - ok
20:31:47.0968 2552  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:31:47.0968 2552  VgaSave - ok
20:31:47.0999 2552  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:31:47.0999 2552  vhdmp - ok
20:31:48.0046 2552  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:31:48.0046 2552  viaide - ok
20:31:48.0077 2552  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:31:48.0077 2552  volmgr - ok
20:31:48.0124 2552  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:31:48.0124 2552  volmgrx - ok
20:31:48.0202 2552  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:31:48.0202 2552  volsnap - ok
20:31:48.0233 2552  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:31:48.0233 2552  vsmraid - ok
20:31:48.0311 2552  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
20:31:48.0373 2552  VSS - ok
20:31:48.0389 2552  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:31:48.0405 2552  vwifibus - ok
20:31:48.0436 2552  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:31:48.0436 2552  vwififlt - ok
20:31:48.0498 2552  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:31:48.0498 2552  vwifimp - ok
20:31:48.0545 2552  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
20:31:48.0561 2552  W32Time - ok
20:31:48.0607 2552  [ F713C4EE053219C9A22540A99380F2F2 ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
20:31:48.0607 2552  WacHidRouter - ok
20:31:48.0639 2552  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:31:48.0639 2552  WacomPen - ok
20:31:48.0670 2552  [ B59EC4DD1026F059CD95C1627562F3F3 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
20:31:48.0685 2552  wacomrouterfilter - ok
20:31:48.0732 2552  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:31:48.0732 2552  WANARP - ok
20:31:48.0763 2552  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:31:48.0763 2552  Wanarpv6 - ok
20:31:48.0904 2552  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
20:31:48.0966 2552  wbengine - ok
20:31:48.0997 2552  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:31:49.0013 2552  WbioSrvc - ok
20:31:49.0044 2552  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:31:49.0060 2552  wcncsvc - ok
20:31:49.0122 2552  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:31:49.0122 2552  WcsPlugInService - ok
20:31:49.0169 2552  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:31:49.0169 2552  Wd - ok
20:31:49.0200 2552  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:31:49.0231 2552  Wdf01000 - ok
20:31:49.0309 2552  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:31:49.0309 2552  WdiServiceHost - ok
20:31:49.0325 2552  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:31:49.0325 2552  WdiSystemHost - ok
20:31:49.0356 2552  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
20:31:49.0372 2552  WebClient - ok
20:31:49.0403 2552  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:31:49.0403 2552  Wecsvc - ok
20:31:49.0419 2552  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:31:49.0419 2552  wercplsupport - ok
20:31:49.0434 2552  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:31:49.0434 2552  WerSvc - ok
20:31:49.0450 2552  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:31:49.0450 2552  WfpLwf - ok
20:31:49.0465 2552  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:31:49.0465 2552  WIMMount - ok
20:31:49.0497 2552  WinDefend - ok
20:31:49.0497 2552  WinHttpAutoProxySvc - ok
20:31:49.0575 2552  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:31:49.0575 2552  Winmgmt - ok
20:31:49.0653 2552  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:31:49.0731 2552  WinRM - ok
20:31:49.0809 2552  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:31:49.0809 2552  WinUsb - ok
20:31:49.0871 2552  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:31:49.0902 2552  Wlansvc - ok
20:31:49.0949 2552  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:31:49.0949 2552  wlcrasvc - ok
20:31:50.0074 2552  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:31:50.0167 2552  wlidsvc - ok
20:31:50.0245 2552  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:31:50.0245 2552  WmiAcpi - ok
20:31:50.0277 2552  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:31:50.0277 2552  wmiApSrv - ok
20:31:50.0339 2552  WMPNetworkSvc - ok
20:31:50.0386 2552  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:31:50.0386 2552  WPCSvc - ok
20:31:50.0417 2552  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:31:50.0417 2552  WPDBusEnum - ok
20:31:50.0448 2552  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:31:50.0448 2552  ws2ifsl - ok
20:31:50.0464 2552  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
20:31:50.0479 2552  wscsvc - ok
20:31:50.0479 2552  WSearch - ok
20:31:50.0589 2552  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:31:50.0667 2552  wuauserv - ok
20:31:50.0698 2552  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:31:50.0698 2552  WudfPf - ok
20:31:50.0760 2552  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:31:50.0760 2552  WUDFRd - ok
20:31:50.0791 2552  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:31:50.0791 2552  wudfsvc - ok
20:31:50.0823 2552  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:31:50.0838 2552  WwanSvc - ok
20:31:50.0916 2552  X6va005 - ok
20:31:50.0963 2552  ================ Scan global ===============================
20:31:50.0994 2552  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:31:51.0025 2552  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:31:51.0057 2552  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:31:51.0103 2552  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:31:51.0150 2552  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:31:51.0166 2552  [Global] - ok
20:31:51.0166 2552  ================ Scan MBR ==================================
20:31:51.0181 2552  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:31:51.0790 2552  \Device\Harddisk0\DR0 - ok
20:31:51.0790 2552  ================ Scan VBR ==================================
20:31:51.0805 2552  [ B8AAFADFF5297C34226A6E4508A69F90 ] \Device\Harddisk0\DR0\Partition1
20:31:51.0805 2552  \Device\Harddisk0\DR0\Partition1 - ok
20:31:51.0821 2552  [ 61A60476E5A52DE5E1364021A4E77928 ] \Device\Harddisk0\DR0\Partition2
20:31:51.0821 2552  \Device\Harddisk0\DR0\Partition2 - ok
20:31:51.0821 2552  ============================================================
20:31:51.0821 2552  Scan finished
20:31:51.0821 2552  ============================================================
20:31:51.0837 4176  Detected object count: 1
20:31:51.0837 4176  Actual detected object count: 1
20:33:46.0101 4176  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
20:33:46.0101 4176  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

10.07.2013, 18:04	#6
markusg /// Malware-holic	GVU Trojaner Vers. 2.12 eingefangen, bisherige Maßnahmen erfolglos da steht: • Wähle nun Computer reparieren. das musst du anklicken. ich sagte ja, Anleitung bitte komplett lesen __________________ --> GVU Trojaner Vers. 2.12 eingefangen, bisherige Maßnahmen erfolglos

10.07.2013, 18:51	#10
markusg /// Malware-holic	GVU Trojaner Vers. 2.12 eingefangen, bisherige Maßnahmen erfolglos Ja, __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

GVU Trojaner Vers. 2.12 eingefangen, bisherige Maßnahmen erfolglos

Plagegeister aller Art und deren Bekämpfung: GVU Trojaner Vers. 2.12 eingefangen, bisherige Maßnahmen erfolglos