| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TrojanDropper:Win32/Sirefef.B -oder doch nichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.10.2013, 20:57
| #1 |
| |  TrojanDropper:Win32/Sirefef.B -oder doch nicht Hallo leute habe mega probleme wo soll ich anfangen ... ich kann nix mehr löschen oder installieren ... auch das platt machen der platte geht nicht .. habe die platte ( einne ssd ) mit zu meinem schwager mitgenommen und konnte daher einen vieren scan machen und wei? daher das der virus TrojanDropper:Win32/Sirefef.B drauf ist ... egal was ich versuche ich bekomme sie nicht platt log files kann ich nicht erstellen da ich ja nix installieren kann bzw auch nix löschen kann was soll ich nur machen.... das system schmiert auch ab inpache data error !! wenn ich sie extern anschließe und daten lösche sind sie wieder da ich schreibe gerade von dem os .... bin sicher gleich wieder weg !!! was kann ich noch versuchen um meine platte zu retten die daten sind mir egal aber nicht platte an sich !! Ach habe natürlich auch versucht es über das vieren program zu löschen und auch die karantene habe ich versucht so wie ein tool von microsoft ...geht alles nicht ... das tool kackt nach 2 sec ab wie alles was hir aufn rechner install ... danke für eure hilfe |
|
19.10.2013, 07:09
| #2 |
| /// the machine /// TB-Ausbilder    | TrojanDropper:Win32/Sirefef.B -oder doch nicht hi,
__________________wie Du kannst sie nicht platt machen? Auch wenn du sie extern beim Kollegen dran hast? Unmöglich. Bau die Platte wieder ein: Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
__________________ |
|
19.10.2013, 08:23
| #3 |
| | TrojanDropper:Win32/Sirefef.B -oder doch nicht he hi danke für deine Antwort. ja habe ich auch gedacht das kann doch nicht sein ... es handelt sich um eine windows 8.1 preview version werde das später mal mit dem tool versuchen ... alerdings habe ich keine win cd ... selbst mit der xp klapt es nicht formatieren klapt erst nach mehfachen versuchen ... dann begint die xp mit instal... doch alle cfg und xmxl datein kann er dann nicht instal ... ich über sprang die datein ... install dann natürlich fehlerhaft .... und das formatieren hat auch nicht geklapt es fast so als ob ich eine wächter karte drin hätte ...
__________________ich kann die log datein nicht kopieren noch ausschneiden daher poste ich sie hoffe es ist ok Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013 Ran by jenny at 2013-10-19 09:05:53 Running from D:\ Boot Mode: Safe Mode (minimal) ========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) AMD Accelerated Video Transcoding (Version: 13.20.100.30926) AMD Catalyst Control Center (x32 Version: 2013.0926.1629.27759) AMD Catalyst Install Manager (Version: 8.0.915.0) Badoo Desktop (x32 Version: 1.6.58.1220) Battlefield 3™ (x32 Version: 1.6.0.0) Battlefield 4™ Beta (x32 Version: 1.0.0.0) Battlelog Web Plugins (x32 Version: 2.3.0) BioShock Infinite (x32) BitTorrent (HKCU Version: 7.8.1.29813) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0926.1629.27759) Catalyst Control Center InstallProxy (x32 Version: 2013.0926.1629.27759) Catalyst Control Center Localization All (x32 Version: 2013.0926.1629.27759) Catzilla 1.0 (Version: 1.0) CCC Help Chinese Standard (x32 Version: 2013.0926.1628.27759) CCC Help Chinese Traditional (x32 Version: 2013.0926.1628.27759) CCC Help Czech (x32 Version: 2013.0926.1628.27759) CCC Help Danish (x32 Version: 2013.0926.1628.27759) CCC Help Dutch (x32 Version: 2013.0926.1628.27759) CCC Help English (x32 Version: 2013.0926.1628.27759) CCC Help Finnish (x32 Version: 2013.0926.1628.27759) CCC Help French (x32 Version: 2013.0926.1628.27759) CCC Help German (x32 Version: 2013.0926.1628.27759) CCC Help Greek (x32 Version: 2013.0926.1628.27759) CCC Help Hungarian (x32 Version: 2013.0926.1628.27759) CCC Help Italian (x32 Version: 2013.0926.1628.27759) CCC Help Japanese (x32 Version: 2013.0926.1628.27759) CCC Help Korean (x32 Version: 2013.0926.1628.27759) CCC Help Norwegian (x32 Version: 2013.0926.1628.27759) CCC Help Polish (x32 Version: 2013.0926.1628.27759) CCC Help Portuguese (x32 Version: 2013.0926.1628.27759) CCC Help Russian (x32 Version: 2013.0926.1628.27759) CCC Help Spanish (x32 Version: 2013.0926.1628.27759) CCC Help Swedish (x32 Version: 2013.0926.1628.27759) CCC Help Thai (x32 Version: 2013.0926.1628.27759) CCC Help Turkish (x32 Version: 2013.0926.1628.27759) ccc-utility64 (Version: 2013.0926.1629.27759) CCleaner (Version: 4.05) Classic Shell (Version: 3.6.8) CPUID CPU-Z 1.65.1 Crysis®3 (x32 Version: 1.1.0.0) ESN Sonar (x32 Version: 0.70.4) Fraps (x32) Glary Utilities 3.7 (x32 Version: 3.7.0.127) Grid 2 Update v1.0.83.1050 Incl DLC (x32 Version: 1) HiSuite (x32 Version: 32.610.20.00.06) ICQ 8.1 (build 6337) (HKCU Version: 8.1.6337.0) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727) Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0) Mozilla Maintenance Service (x32 Version: 24.0) MSI Afterburner 3.0.0 Beta 14 (x32 Version: 3.0.0 Beta 14) NoTilesPlease Version 1.0.4.3 (x32 Version: 1.0.4.3) OpenOffice 4.0.0 (x32 Version: 4.00.9702) Origin (x32 Version: 9.3.7.2735) PCSX2 - Playstation 2 Emulator (x32) Plus-HD-1.6 (x32 Version: 1.28.153.1) PunkBuster Services (x32 Version: 0.993) Razer Game Booster (x32 Version: 4.0.68.0) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873) RivaTuner Statistics Server 5.3.0 (x32 Version: 5.3.0) ROCCAT Kone[+] Mouse Driver (x32) Skype Click to Call (x32 Version: 6.12.13601) Skype™ 6.7 (x32 Version: 6.7.102) SSD Tweaker version 3.0.3 (x32 Version: 3.0.3) TeamSpeak 3 Client (Version: 3.0.11) TeamViewer 8 (x32 Version: 8.0.20935) Torntv 2 (x32 Version: 1.27.153.8) VLC media player 2.0.8 (Version: 2.0.8) Winamp (x32 Version: 5.65 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) WinRAR 4.20 (64-Bit) (Version: 4.20.0) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2013-06-16 05:17 - 2013-06-16 05:17 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {02BCC484-4850-4772-8A11-90C272C42E3B} - System32\Tasks\Plus-HD-1.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe [2013-09-24] (Plus HD) Task: {0394935B-5DBE-4826-9827-334B3886A3AD} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {073FDA5A-800B-4E98-8425-B9B3D615313D} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {08FE8991-7AC6-4095-9B19-95D1C29513DC} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-06-16] (Microsoft Corporation) Task: {533B55E2-5676-4162-8943-E1F0B1A1EC54} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {56DC594C-711A-430B-945F-B1CBC3353F06} - System32\Tasks\Torntv 2-codedownloader => C:\Program Files (x86)\Torntv 2\Torntv 2-codedownloader.exe [2013-09-22] (installdaddy) Task: {58135C79-42C7-448D-8BE1-A4E7C1068EF8} - System32\Tasks\Microsoft\Windows\AppReadiness\TriggerTask Task: {5F68AB05-5C8E-476F-B1A3-3BBA0D860FB8} - System32\Tasks\GlaryInitialize 3 => C:\Program Files (x86)\Glary Utilities 3\Initialize.exe [2013-07-22] (Glarysoft Ltd) Task: {72FFFA2E-C2DB-4E38-B85D-7E4B8FE18649} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {8B700344-4A5E-47F6-8AE4-FD2A75744BF5} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {9247F383-4777-41C6-844C-3B6CF51DE8FA} - System32\Tasks\Torntv 2-updater => C:\Program Files (x86)\Torntv 2\Torntv 2-updater.exe [2013-09-22] (installdaddy) Task: {92EDDC6D-C273-44B0-B342-4666C1982BFC} - System32\Tasks\Plus-HD-1.6-codedownloader => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe [2013-09-24] (Plus HD) Task: {A62FFEF0-C7AF-484E-A74C-CB946446506D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd) Task: {A9715841-AB9B-4B3A-9692-87890E56B895} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {AE420812-EF96-402E-AF6D-0C8D79949860} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {C2C5A71F-A5EC-4D1A-B92A-7FB2A626F00E} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {CEF44B6E-FED4-45C4-A76F-0203384B3F3B} - System32\Tasks\Torntv 2-enabler => C:\Program Files (x86)\Torntv 2\Torntv 2-enabler.exe [2013-09-22] (installdaddy) Task: {DBD64352-5438-4F36-A1F0-DF89020F8123} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2013-02-26] (Beepa P/L) Task: {F28968FE-579E-4128-9D20-69FA4CC8E719} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\system32\AppxDeploymentClient.dll [2013-06-16] (Microsoft Corporation) Task: {F2B43BC6-1FCC-421C-9DD2-2F6217F7CA0F} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {F750183B-FC93-4D03-B7B9-D60550478E37} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {F84DD44C-3C24-418E-AE2A-B29124A05F14} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GlaryInitialize 3.job => C:\Program Files (x86)\Glary Utilities 3\Initialize.exe Task: C:\WINDOWS\Tasks\Plus-HD-1.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe Task: C:\WINDOWS\Tasks\Plus-HD-1.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe Task: C:\WINDOWS\Tasks\Torntv 2-codedownloader.job => C:\Program Files (x86)\Torntv 2\Torntv 2-codedownloader.exe Task: C:\WINDOWS\Tasks\Torntv 2-enabler.job => C:\Program Files (x86)\Torntv 2\Torntv 2-enabler.exe Task: C:\WINDOWS\Tasks\Torntv 2-updater.job => C:\Program Files (x86)\Torntv 2\Torntv 2-updater.exe ==================== Loaded Modules (whitelisted) ============= 2013-07-15 02:08 - 2013-07-15 02:08 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\bcb97267f7a1fa3f3cbb7a6e70523162\Windows.Foundation.ni.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\jenny\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "UseAlternateShell"="1" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/13/2013 03:58:58 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (10/10/2013 08:44:29 PM) (Source: Application Hang) (User: ) Description: Programm bf4.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a00 Startzeit: 01cec5e88861be76 Endzeit: 4294967295 Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 4 Beta\bf4.exe Berichts-ID: fbf55f0a-31db-11e3-9b9b-485b397d3c90 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/10/2013 08:43:19 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PnkBstrB.exe, Version: 0.0.0.0, Zeitstempel: 0x523b56cf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000037c67728 ID des fehlerhaften Prozesses: 0x9cc Startzeit der fehlerhaften Anwendung: 0xPnkBstrB.exe0 Pfad der fehlerhaften Anwendung: PnkBstrB.exe1 Pfad des fehlerhaften Moduls: PnkBstrB.exe2 Berichtskennung: PnkBstrB.exe3 Vollständiger Name des fehlerhaften Pakets: PnkBstrB.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PnkBstrB.exe5 Error: (10/09/2013 08:24:51 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PnkBstrB.exe, Version: 0.0.0.0, Zeitstempel: 0x523b56cf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000037c67728 ID des fehlerhaften Prozesses: 0xe68 Startzeit der fehlerhaften Anwendung: 0xPnkBstrB.exe0 Pfad der fehlerhaften Anwendung: PnkBstrB.exe1 Pfad des fehlerhaften Moduls: PnkBstrB.exe2 Berichtskennung: PnkBstrB.exe3 Vollständiger Name des fehlerhaften Pakets: PnkBstrB.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PnkBstrB.exe5 Error: (10/08/2013 06:10:56 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (10/08/2013 06:10:39 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (10/08/2013 05:37:00 PM) (Source: Application Hang) (User: ) Description: Programm bf4.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: dd0 Startzeit: 01cec435e3c6ce7d Endzeit: 4294967295 Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 4 Beta\bf4.exe Berichts-ID: 77f9bed5-302f-11e3-9b9a-485b397d3c90 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/08/2013 04:52:02 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PnkBstrB.exe, Version: 0.0.0.0, Zeitstempel: 0x523b56cf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000002ac47728 ID des fehlerhaften Prozesses: 0x1478 Startzeit der fehlerhaften Anwendung: 0xPnkBstrB.exe0 Pfad der fehlerhaften Anwendung: PnkBstrB.exe1 Pfad des fehlerhaften Moduls: PnkBstrB.exe2 Berichtskennung: PnkBstrB.exe3 Vollständiger Name des fehlerhaften Pakets: PnkBstrB.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PnkBstrB.exe5 Error: (10/08/2013 04:38:41 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: PnkBstrB.exe, Version: 0.0.0.0, Zeitstempel: 0x523b56cf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000002ac47728 ID des fehlerhaften Prozesses: 0x1798 Startzeit der fehlerhaften Anwendung: 0xPnkBstrB.exe0 Pfad der fehlerhaften Anwendung: PnkBstrB.exe1 Pfad des fehlerhaften Moduls: PnkBstrB.exe2 Berichtskennung: PnkBstrB.exe3 Vollständiger Name des fehlerhaften Pakets: PnkBstrB.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PnkBstrB.exe5 Error: (10/08/2013 03:32:39 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". System errors: ============= Error: (10/19/2013 09:06:00 AM) (Source: DCOM) (User: ZYKLON) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/19/2013 09:05:54 AM) (Source: DCOM) (User: ZYKLON) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/19/2013 09:05:32 AM) (Source: DCOM) (User: ZYKLON) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/19/2013 09:05:14 AM) (Source: DCOM) (User: ZYKLON) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/19/2013 09:05:09 AM) (Source: DCOM) (User: ZYKLON) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/19/2013 09:05:02 AM) (Source: DCOM) (User: ZYKLON) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/19/2013 09:00:02 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Media Player Network Sharing Service" ist von folgendem Dienst abhängig: WSearch. Dieser Dienst ist möglicherweise nicht installiert. Error: (10/19/2013 08:59:30 AM) (Source: DCOM) (User: ZYKLON) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/19/2013 08:59:25 AM) (Source: DCOM) (User: ZYKLON) Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/19/2013 08:59:17 AM) (Source: DCOM) (User: ZYKLON) Description: 1068netprofmUnavailable{A47979D2-C419-11D9-A5B4-001185AD2B89} Microsoft Office Sessions: ========================= Error: (10/13/2013 03:58:58 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\Glary Utilities 3\Native\wxp_x86\RegBootDefrag.exe Error: (10/10/2013 08:44:29 PM) (Source: Application Hang)(User: ) Description: bf4.exe1.0.0.0a0001cec5e88861be764294967295C:\Program Files (x86)\Origin Games\Battlefield 4 Beta\bf4.exefbf55f0a-31db-11e3-9b9b-485b397d3c90 Error: (10/10/2013 08:43:19 PM) (Source: Application Error)(User: ) Description: PnkBstrB.exe0.0.0.0523b56cfunknown0.0.0.000000000c00000050000000037c677289cc01cec5e896b0ad7bC:\WINDOWS\SysWOW64\PnkBstrB.exeunknownd45ef5be-31db-11e3-9b9b-485b397d3c90 Error: (10/09/2013 08:24:51 PM) (Source: Application Error)(User: ) Description: PnkBstrB.exe0.0.0.0523b56cfunknown0.0.0.000000000c00000050000000037c67728e6801cec51cd84b4c3dC:\WINDOWS\SysWOW64\PnkBstrB.exeunknown15fa7eda-3110-11e3-9b9b-485b397d3c90 Error: (10/08/2013 06:10:56 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. Error: (10/08/2013 06:10:39 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. Error: (10/08/2013 05:37:00 PM) (Source: Application Hang)(User: ) Description: bf4.exe1.0.0.0dd001cec435e3c6ce7d4294967295C:\Program Files (x86)\Origin Games\Battlefield 4 Beta\bf4.exe77f9bed5-302f-11e3-9b9a-485b397d3c90 Error: (10/08/2013 04:52:02 PM) (Source: Application Error)(User: ) Description: PnkBstrB.exe0.0.0.0523b56cfunknown0.0.0.000000000c0000005000000002ac47728147801cec435f2703866C:\WINDOWS\SysWOW64\PnkBstrB.exeunknown302362b5-3029-11e3-9b9a-485b397d3c90 Error: (10/08/2013 04:38:41 PM) (Source: Application Error)(User: ) Description: PnkBstrB.exe0.0.0.0523b56cfunknown0.0.0.000000000c0000005000000002ac47728179801cec4341585d2e6C:\WINDOWS\SysWOW64\PnkBstrB.exeunknown53344229-3027-11e3-9b9a-485b397d3c90 Error: (10/08/2013 03:32:39 AM) (Source: SideBySide)(User: ) Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\Glary Utilities 3\Native\wxp_x86\RegBootDefrag.exe ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 4095.05 MB Available physical RAM: 3426.91 MB Total Pagefile: 8095.05 MB Available Pagefile: 7486.46 MB Total Virtual: 131072 MB Available Virtual: 131071.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:59.53 GB) (Free:28.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Removable) (Total:14.92 GB) (Free:14.75 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: AFD8575C) Partition 1: (Active) - (Size=60 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=15 GB) - (Type=0C) nun das 2 FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by jenny (administrator) on ZYKLON on 19-10-2013 09:05:24
Running from D:\
Windows 8.1 Pro Preview (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) =================
(Quadsoft) C:\Program Files (x86)\NoTilesPlease\ntpload.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\helppane.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,"C:\Program Files (x86)\NoTilesPlease\ntpload.exe",
HKCU\...\Run: [icq] - C:\Users\jenny\AppData\Roaming\ICQM\icq.exe [28698984 2013-08-18] (ICQ)
HKCU\...\Run: [Badoo Desktop] - C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
MountPoints2: {a164f136-1499-11e3-9b61-485b397d3c90} - "E:\autorun.exe"
HKLM-x32\...\Run: [SSD Tweaker] - C:\Program Files (x86)\SSD Tweaker\SSD Tweaker.exe [838144 2013-06-14] (Elpamsoft.com)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [RoccatKone+] - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-26] (Advanced Micro Devices, Inc.)
AppInit_DLLs-x32: [ ] ()
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x07C65592117FCE01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: Torntv 2 - {11111111-1111-1111-1111-110311551178} - C:\Program Files (x86)\Torntv 2\Torntv 2-bho.dll (installdaddy)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\jenny\AppData\Roaming\Mozilla\Firefox\Profiles\ohy51w2b.default
FF user.js: detected! => C:\Users\jenny\AppData\Roaming\Mozilla\Firefox\Profiles\ohy51w2b.default\user.js
FF SearchEngineOrder.1: Ask Search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\jenny\AppData\Roaming\Mozilla\Firefox\Profiles\ohy51w2b.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\jenny\AppData\Roaming\Mozilla\Firefox\Profiles\ohy51w2b.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com
FF Extension: Flagfox - C:\Users\jenny\AppData\Roaming\Mozilla\Firefox\Profiles\ohy51w2b.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: No Name - C:\Users\jenny\AppData\Roaming\Mozilla\Firefox\Profiles\ohy51w2b.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: No Name - C:\Users\jenny\AppData\Roaming\Mozilla\Firefox\Profiles\ohy51w2b.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
==================== Services (Whitelisted) =================
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [546304 2013-06-16] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1249280 2013-06-16] (Microsoft Corporation)
S2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
S2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2013-07-11] ()
S2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [197632 2013-05-02] ()
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114176 2013-06-16] (Microsoft Corporation)
S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [431104 2013-06-16] (Microsoft Corporation)
S3 NcbService; C:\Windows\System32\ncbservice.dll [150016 2013-06-16] (Microsoft Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-01] ()
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [129024 2013-06-16] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-06-16] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [516096 2013-06-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [345336 2013-06-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-06-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-06-16] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1292288 2013-06-15] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [788240 2013-06-16] (PMC-Sierra)
S1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [77312 2013-06-16] (Microsoft Corporation)
R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16640 2013-04-24] (<Glarysoft Ltd>)
R0 BootDefragDriver; C:\Windows\SysWow64\drivers\BootDefragDriver.sys [16640 2013-04-24] (<Glarysoft Ltd>)
S1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [31136 2013-09-29] (REALiX(tm))
R0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [650736 2013-06-06] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [37640 2013-06-16] (Microsoft Corporation)
R0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81672 2013-06-16] (LSI Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-06-16] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [88064 2013-06-16] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [934152 2013-06-16] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [138752 2013-06-16] (Microsoft Corporation)
R0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56584 2013-06-16] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [27912 2013-06-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [126216 2013-06-16] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [236544 2013-06-16] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2013-06-16] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
========================== Drivers MD5 =======================
C:\Windows\System32\drivers\1394ohci.sys C8D5817CB166EF5D711DA4532FE60C62
C:\Windows\System32\drivers\3ware.sys 5E9733DF3E49390A27FD7301A1B69514
C:\Windows\System32\drivers\ACPI.sys 8E9BC38D32EE9CC2E01FC5C3BDE57AB4
C:\Windows\System32\Drivers\acpiex.sys ED364377AC247E4590AF7635272F5223
C:\Windows\System32\drivers\acpipagr.sys 56A8C8EA8CAEB3DE413272F13EFD8ACD
C:\Windows\System32\drivers\acpipmi.sys 50182B4EF99FACE0B5ADE21E7B5303C7
C:\Windows\System32\drivers\acpitime.sys B6FA798944F45D64BBBA5010490BD85B
C:\Windows\System32\drivers\ADP80XX.SYS 08BCF86A13887B37022F48D1DDD7BBA6
C:\Windows\system32\drivers\afd.sys 14CDFA692B6147CBB4A496C536754791
C:\Windows\System32\drivers\agp440.sys B72EB453FE72B4F1B4DF2F6AD26A7AEE
C:\Windows\System32\DRIVERS\ahcache.sys AC43213279F368B02B8B50CB7825E1EC
C:\Windows\System32\drivers\amdk8.sys 4AC2BF152526F56C5566AFC5CE353A18
C:\Windows\System32\drivers\amdkmafd.sys F2FF8C1B41B3784EDBD5C6D5397F403C
C:\Windows\system32\DRIVERS\atikmdag.sys 8BAD58F4A9B1696D7FA3573FDC75B74F
C:\Windows\system32\DRIVERS\atikmpag.sys C482496A93D68023532F3671805278CD
C:\Windows\System32\drivers\amdppm.sys 313A39D788EBC68F354F1CADAD72FB83
C:\Windows\System32\drivers\amdsata.sys 60CA69B56818F60605A05A77B3CE918B
C:\Windows\System32\drivers\amdsbs.sys 17592D6F173B04C3FFE4F06DBD4D3FD6
C:\Windows\System32\drivers\amdxata.sys C950BD3A649C0DB5F64DC20FCB65B82F
C:\Windows\system32\drivers\appid.sys 3D7BADAF205247882A688CA790BA04F8
C:\Windows\System32\drivers\arcsas.sys DD43486C2B72B5B6F3B2B30FA436E648
C:\Windows\System32\drivers\atapi.sys 09CAD69EA320052C14F270DD2C33672E
C:\Windows\system32\drivers\AtihdWB6.sys AEB8BC801F11E436EBD8D347F866F7A1
C:\Windows\System32\drivers\bxvbda.sys 547287C1D3E864A0754B44902F13D9AD
C:\Windows\System32\drivers\BasicDisplay.sys FAC3B3CD73A5F5C5E3C2FB2F9AE1D8D1
C:\Windows\System32\drivers\BasicRender.sys A57A7E39B995E1B567CA54819D361F70
C:\Windows\System32\Drivers\Beep.sys 6FF677A2279F481E93D693E14721DD4C
C:\Windows\System32\drivers\BootDefragDriver.sys A3DB7272B70485B1D470EB34F3B3576D
C:\Windows\SysWow64\drivers\BootDefragDriver.sys A3DB7272B70485B1D470EB34F3B3576D
C:\Windows\System32\DRIVERS\bowser.sys 5E913407F5D47F8A6EFB212B0068B0C6
C:\Windows\System32\drivers\BthAvrcpTg.sys 5B7074A53E8C672AC25D33351791EC04
C:\Windows\System32\drivers\bthhfenum.sys 17BAC9A0A0426884756E71B7535FB052
C:\Windows\System32\drivers\BthHFHid.sys D7A1BA88369671DCC79491F2AD8CBC76
C:\Windows\System32\drivers\bthmodem.sys 4DE1964FA416C7A307375E225E6EC480
C:\Windows\System32\DRIVERS\cdfs.sys 8A7558811823FF432385CC1228A20ECB
C:\Windows\System32\drivers\cdrom.sys B10BFE7F254E57FE9D37BEE4CA525475
C:\Windows\System32\drivers\circlass.sys 489848699954FF8F1BAD88FF598DBAB2
C:\Windows\System32\drivers\CLFS.sys 648866C7E3053ED055C0D42A9CF4F798
C:\Windows\System32\drivers\CmBatt.sys 54519A1D912F3C23C5140A7215F602FC
C:\Windows\System32\Drivers\cng.sys 891B5794233F16A7A8F0D0EF60A07234
C:\Windows\System32\drivers\CompositeBus.sys A543E65AFD623E70FEE1982082F4263E
C:\Windows\System32\drivers\condrv.sys 392BA755FC1F5CD09AB6CFA359495990
C:\Windows\System32\drivers\csc.sys 37DC8F17E9369856431610C4F6B18713
C:\Windows\System32\drivers\dam.sys 5E6F8A31FBDD1C77B5F7D874A9039DC8
C:\Windows\System32\Drivers\dfsc.sys 8B138B1BB0D08DAB0C5D06F6E375143E
C:\Windows\System32\drivers\disk.sys 483FE296E5EA7B1FEFA06B849D9B14C6
C:\Windows\System32\drivers\dmvsc.sys 39FDA75560CB482C12C393F19CAFB247
C:\Windows\system32\drivers\drmkaud.sys 1EF980A714486FB04E2EC1E9E71089C3
C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS 1ED08A6264C5C92099D6D1DAE5E8F530
C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS 1ED08A6264C5C92099D6D1DAE5E8F530
C:\Windows\System32\drivers\dxgkrnl.sys 86B213002C4CA3C533866E654B7BFC15
C:\Windows\System32\drivers\evbda.sys 8AAE68B2F914E1BD4BF2DB5C7CAD94B4
C:\Windows\System32\drivers\EhStorClass.sys EB6EC9372763F8DF998C5CE8C3CE99CF
C:\Windows\System32\drivers\EhStorTcgDrv.sys 389B7C123EE66AAA4237A26A19EC91DE
C:\Windows\System32\drivers\errdev.sys 3B3551C7B576C3DCF19A23C16C841868
C:\Windows\System32\Drivers\exfat.sys 8D3E304241E477BE7D64A9C68777C406
C:\Windows\System32\Drivers\fastfat.sys 3D11AD9D2E49CA3D2C9379D557F63478
C:\Windows\System32\drivers\fdc.sys B9B2BC418B4D438732C2B435758727DC
C:\Windows\System32\drivers\fileinfo.sys 2834348509C2B4D684530E1B6D55DF9E
C:\Windows\System32\drivers\filetrace.sys 1E1102BEDEA9022454B6CDB636DC0950
C:\Windows\System32\drivers\flpydisk.sys EA78BBA112D40DA691FCCBA7F3A5F0E7
C:\Windows\System32\drivers\fltmgr.sys 482A7C9F4C191DF44F705A16811DC9B9
C:\Windows\System32\drivers\FsDepends.sys 84318B26770925D080606BA23F06FBAB
C:\Windows\System32\Drivers\Fs_Rec.sys 085EF917B1ADC563D670D7FD369CEFD4
C:\Windows\System32\DRIVERS\fvevol.sys 63CC9D976BF7D6DCA4C0D66A87F4CA31
C:\Windows\System32\drivers\fxppm.sys E8F0F9F9278AE83AE7290E8D139E2B82
C:\Windows\System32\drivers\gagp30kx.sys C72A82F475DACC66B7C20B5138E3A3B8
C:\Windows\System32\drivers\vmgencounter.sys AECBCC1093B42DEFD46DB57592D23D41
C:\Windows\System32\Drivers\msgpioclx.sys 71AD1FE737DA40820F44983FF3936502
C:\Windows\system32\drivers\HdAudio.sys 5A96B0F58509CDDAD4C678C30CD40398
C:\Windows\System32\drivers\HDAudBus.sys 02B883148A47B549DBCDB15CDC0C5F06
C:\Windows\System32\drivers\HidBatt.sys BE8F75F1D2C8EE558E2DC4DAD6053509
C:\Windows\System32\drivers\hidbth.sys F601337F3A170AE908F1891050835613
C:\Windows\System32\drivers\hidi2c.sys 41073ACD5D08258C166AFFD94599A438
C:\Windows\System32\drivers\hidir.sys 789A11CB60A50E9A06EAA6FAD13A3397
C:\Windows\System32\drivers\hidusb.sys 5BD65F6865F3F125E4B920A151F2DBFD
C:\Windows\System32\drivers\HpSAMD.sys 204DD944BC04AF1E65BA8E1E4C89064E
C:\Windows\System32\drivers\HTTP.sys 1659B082E485690158521D8BDBE217EA
C:\WINDOWS\system32\drivers\HWiNFO64A.SYS C4C1F6BF857854AE08A7B4373AFF36B6
C:\Windows\System32\drivers\hwpolicy.sys A5D4268719A6D73F4DCAB36FFF8294B7
C:\Windows\System32\drivers\hyperkbd.sys E6DFF1337326B90E41DD8EB931C52998
C:\Windows\system32\DRIVERS\HyperVideo.sys 8B80A3B93A31F033688E34BD26876AA3
C:\Windows\System32\drivers\i8042prt.sys C5683F37B8D77E58C385F4424AB53DDA
C:\Windows\System32\drivers\iaStorAV.sys 81664CB58E9DB3E6CF24A46384E7BF12
C:\Windows\System32\drivers\iaStorV.sys A052B18135149D95D7E2897BDBA072DB
C:\Windows\system32\drivers\RTKVHD64.sys CCEDD47ABD068C58C8513DEB785093BB
C:\Windows\System32\drivers\intelide.sys 67B6525A46BD0EC32ECC6148D702954C
C:\Windows\System32\drivers\intelpep.sys AD9BCCD4DC72974623B15965235FF4DE
C:\Windows\System32\drivers\intelppm.sys C0E7309A30511D600CE84C1D053D19FF
C:\Windows\System32\DRIVERS\ipfltdrv.sys 3ACE5DCA1648969E7247F4DA14DB3749
C:\Windows\System32\drivers\IPMIDrv.sys 0A26D7083BF502A0011B64A770675004
C:\Windows\System32\drivers\ipnat.sys A45092ABDBC0B76DBBD430236BC60DA5
C:\Windows\System32\drivers\irenum.sys 7A9CAF3F1A4961A7B77E58F81900BDCB
C:\Windows\System32\drivers\isapnp.sys 1DD8065B5CC61E0DA4EF9C719B94B126
C:\Windows\System32\drivers\msiscsi.sys F072AD7B6100162DAD6CDEF2121F548A
C:\Windows\System32\drivers\kbdclass.sys C45147D40D702D99DB20640B59C47F2C
C:\Windows\System32\drivers\kbdhid.sys B8382A1F520B75D8456482B0CBEA38F0
C:\Windows\system32\DRIVERS\kdnic.sys 58A515DA793D041956A6F14FD807F6DA
C:\Windows\System32\Drivers\ksecdd.sys 52BF62E7BFD4516FAD95C35EC9A01B49
C:\Windows\System32\Drivers\ksecpkg.sys 9886ADDD3C14D66A0C3F8C7BA7F3C4BD
C:\Windows\system32\drivers\ksthunk.sys A4FF87CA6FBE918C8B1DB0B822411090
C:\Windows\system32\DRIVERS\lltdio.sys D057815983766EA815CBD755E983F7F5
C:\Windows\System32\drivers\lsi_sas.sys D760053492857E34CFBBE0F3CF77171B
C:\Windows\System32\drivers\lsi_sas2.sys E53E1C4F84C72371658A0E63C8489D02
C:\Windows\System32\drivers\lsi_sas3.sys FD3923AAF98BC339B418B7CE25C05B0C
C:\Windows\System32\drivers\lsi_sss.sys 88832B324F64CC0A784A531CAD9C7D99
C:\Windows\system32\drivers\luafv.sys CB8EA2EEE75B1E6F088DFCCBD8DD4BF9
C:\Windows\System32\drivers\megasas.sys F54C1B9F97AE7950302FB19FE7821223
C:\Windows\System32\drivers\megasr.sys 351A36A44B56CCB60E51BBACC13AA0BD
C:\Windows\System32\drivers\modem.sys 072FA45EDF71A8BCD62ED2D7BA6D4486
C:\Windows\System32\drivers\monitor.sys 3D83A18A03F369D05AD241CB0C158804
C:\Windows\System32\drivers\mouclass.sys 7A058076D290F6B11E966D9F3A6F5050
C:\Windows\System32\drivers\mouhid.sys E817D4FE150DAD83134C4A36D1331557
C:\Windows\System32\drivers\mountmgr.sys 5E4EE7B237E715F45A6A59B3BC9796EB
C:\Windows\System32\drivers\mpsdrv.sys 45088E6982B123C2BDC8F5D7D0A98D9D
C:\Windows\system32\drivers\mrxdav.sys 4F9F7BCCFF1CFEA1E08BAB811FE122FF
C:\Windows\System32\DRIVERS\mrxsmb.sys 6892450714B110D2BCDB86A5DED74A1B
C:\Windows\System32\DRIVERS\mrxsmb20.sys 2C0E550B5FC2BDDB08EF9E578D4103BD
C:\Windows\system32\DRIVERS\bridge.sys 9D498C63A3CE9173CCB2D856A516DEAA
C:\Windows\System32\Drivers\Msfs.sys C2B7352B8903B80048CD8078686833E2
C:\Windows\System32\drivers\msgpiowin32.sys 185A49CE03A051FBEF89E7F5518D1CE4
C:\Windows\System32\drivers\mshidkmdf.sys F46F59F1A0DF6F21B98411946342FB01
C:\Windows\System32\drivers\mshidumdf.sys BD7658E677BD2ED0C093503721B6F797
C:\Windows\System32\drivers\msisadrv.sys D6EB40F88B694F16EDF709A503B0B273
C:\Windows\system32\drivers\MSKSSRV.sys C569DA668E3C631449DBBFEBB5F8834B
C:\Windows\system32\DRIVERS\mslldp.sys 0B1A18A872A403E1D018FA46F6CCB998
C:\Windows\system32\drivers\MSPCLOCK.sys 4E2A3EC0FD2CAA099E6265AE5F5D8FC4
C:\Windows\system32\drivers\MSPQM.sys 1E7A81D0EA8949B8018A121EEB9CC2CA
C:\Windows\System32\Drivers\MsRPC.sys 20D224621A73F3C9008BD9FE62E0DADE
C:\Windows\System32\drivers\mssmbios.sys F81A7F496C45B0DED6E528B35F4A23E4
C:\Windows\system32\drivers\MSTEE.sys C600E788712EA065ABE4D61D04B4030E
C:\Windows\System32\drivers\MTConfig.sys EA9B2F3183327BF7DBF87DF9EE3F555B
C:\Windows\system32\DRIVERS\ASACPI.sys 640617B6E682A150C36BE39D78547F6C
C:\Windows\System32\Drivers\mup.sys 4BE952B7E402BE567AAB571195286A8F
C:\Windows\System32\drivers\mvumis.sys 668E7AA69AD85FDB31266C6CA1CF8DAA
C:\Windows\system32\DRIVERS\nwifi.sys 216DAFE7C5D36E581801F11DA15E3071
C:\Windows\System32\drivers\ndis.sys 510E588C03CC104BEF9C284120D07E7D
C:\Windows\system32\DRIVERS\ndiscap.sys 0F380CA6889FDF38A08C7C937F3FE460
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 032D38A137562D7DDFB0EDEB24A3CBA3
C:\Windows\system32\DRIVERS\ndistapi.sys 76EA8AB4A841F3A6CE0EE9A30E152746
C:\Windows\system32\DRIVERS\ndisuio.sys 1EB78346F1A53377C46D9133CEE19AD6
C:\Windows\System32\drivers\NdisVirtualBus.sys BA820CFAC15E8EF380837B2B85C77940
C:\Windows\system32\DRIVERS\ndiswan.sys F6154644BE059158E352A690CDCD3CF4
C:\Windows\system32\DRIVERS\ndiswan.sys F6154644BE059158E352A690CDCD3CF4
C:\Windows\System32\Drivers\NDProxy.sys FFD5CFC00A007F33B4A0F38F65A8C6B1
C:\Windows\System32\drivers\Ndu.sys 25AEDB0949FA548E2FB3486790F3A459
C:\Windows\System32\DRIVERS\netbios.sys 3EB0E86264A1803D87DF4004C383403F
C:\Windows\System32\DRIVERS\netbt.sys 2684164D49E715A253987F3C8A7BB8FA
C:\Windows\system32\DRIVERS\netvsc63.sys 7B97E5FBDE4BF88902AD108878620BD4
C:\Windows\System32\Drivers\Npfs.sys 739E42D5C9F889D42728DC7EB6369190
C:\Windows\System32\drivers\npsvctrig.sys 4DB9171E9793DEA282F9FEBF4CB6F0C7
C:\Windows\System32\drivers\nsiproxy.sys 8253448BE26096CD413E0F05CDE08DDF
C:\Windows\System32\Drivers\Ntfs.sys B7F528FB975695EFB2E9516F3A87E2BB
C:\Windows\System32\Drivers\Null.sys 5EA693A92E4BBD87EE5672334D2145A4
C:\Windows\System32\drivers\nvraid.sys 91385FCF5EAAC2EB3F24590A45701D14
C:\Windows\System32\drivers\nvstor.sys 83457C95157FFE9755470DF60E7E6637
C:\Windows\System32\drivers\nv_agp.sys 10C8B94FEF347D2ABC650B59245465F9
C:\Windows\System32\drivers\parport.sys 348172DE26295E919E48325356367784
C:\Windows\System32\drivers\partmgr.sys 4A7C08BD6F017BEB48CE453AFB6EC621
C:\Windows\System32\drivers\pci.sys F14BDF81663ED1CA1E39C19149C69264
C:\Windows\System32\drivers\pciide.sys 83B4AF46DED611EA601C47A746124706
C:\Windows\System32\drivers\pcmcia.sys B3463103232FFB2FCA653D90401D927C
C:\Windows\System32\drivers\pcw.sys 9096D25F0A80FD6B73A144A28814B067
C:\Windows\System32\drivers\pdc.sys 958CD411BD2C90DE1E7F05CE07597CCD
C:\Windows\System32\drivers\peauth.sys 501CEC352CEB8A7B46B7F6A325CA4AC3
C:\Windows\System32\drivers\processr.sys D8CD91AF8D08C84306FE8B352FD526CA
C:\Windows\system32\DRIVERS\pacer.sys 861D6A056E7E898398902D6CF310886A
C:\Windows\system32\drivers\qwavedrv.sys 49481354312047A7CD978F7B9927D7EE
C:\Windows\System32\DRIVERS\rasacd.sys D02F54EB5C14622F1623848E168EDFE0
C:\Windows\system32\DRIVERS\raspppoe.sys DFBC2651841E20E517FD5EF0DF43C520
C:\Windows\System32\DRIVERS\rdbss.sys 4C24EE03D9152EBB9CF3629D142AA5FC
C:\Windows\System32\drivers\rdpbus.sys CE3ED542D0970012FFA26F89E06BE4FF
C:\Windows\System32\drivers\rdpdr.sys DE261B66E0F01AB2713B722D80212B3C
C:\Windows\System32\drivers\rdpvideominiport.sys A3182C4FF102B2EC59D7DD027C4CCC17
C:\Windows\System32\drivers\rdyboost.sys F6831DD624E11991C0537CFDBD4A47A4
C:\Windows\System32\Drivers\ReFS.sys 48C23CF11607EC08735FB177574269BF
C:\Windows\system32\DRIVERS\rspndr.sys 4F9C8A2FAA7FA8708A5E3BB79D3CD777
C:\Windows\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\Windows\System32\drivers\vms3cap.sys 886B4D95A6F08571EEE1480141016943
C:\Windows\System32\drivers\sbp2port.sys 15570F84063937CA8BE2C932B38B0C9E
C:\Windows\System32\DRIVERS\scfilter.sys 7779582D4A43F2DEF21272EE8B24A0CC
C:\Windows\System32\drivers\sdbus.sys 632BE5B05F072065227FDB8170C4AFCC
C:\Windows\System32\drivers\sdstor.sys 4E7D90C811D59C7A400D26E3A087E44E
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys AD6B89B4D3A0C6DCF3EDF47E7B59758D
C:\Windows\System32\drivers\SerCx2.sys A88BD01E1B2463EE39C6C13EB724BC09
C:\Windows\System32\drivers\serenum.sys 5F8FBD09F68D6B67095873C7578C7082
C:\Windows\System32\drivers\serial.sys EE157F359727A814845336498D612A91
C:\Windows\System32\drivers\sermouse.sys 5D44BD3EB3987A88FE3B35E447E51871
C:\Windows\System32\drivers\sfloppy.sys 0433259F1C7D50CE9C99ACF6D5574127
C:\Windows\System32\drivers\SiSRaid2.sys 4C8A42EB76E9CDC4976D8B504E157B8C
C:\Windows\System32\drivers\sisraid4.sys 8D35F08B262824E6975D1AF3CD6CD762
C:\Windows\System32\drivers\spaceport.sys 9588560DD22BEBAAD72BEA0B6D25C9D1
C:\Windows\System32\drivers\SpbCx.sys 17440197B7EC047356AB2F2BD2FFD6EF
C:\Windows\System32\DRIVERS\srv2.sys 860161CBD6E0C09EF3FA42AD678C20B9
C:\Windows\System32\DRIVERS\srvnet.sys B030836F4400674703EBED85414073AA
C:\Windows\System32\drivers\stexstor.sys 59B6854BAD57BC4604DE62FB930D3DF8
C:\Windows\System32\drivers\storahci.sys A0E9E65643E34046DB005925FDAD968B
C:\Windows\System32\DRIVERS\vmstorfl.sys 7A7906681D4B2CBAB06FD0E2DD2CA232
C:\Windows\System32\drivers\stornvme.sys FE523B7798BB559D433EC73DC3C08037
C:\Windows\System32\drivers\storvsc.sys 3833C9B32268C3BB9565046F84D49ABD
C:\Windows\System32\drivers\storvsp.sys 04056E9E76D14CC6A818A1CBB1CF217C
C:\Windows\System32\drivers\swenum.sys 893D6636473461B83BFC65CF6D70C906
C:\Windows\System32\drivers\tcpip.sys 3583E8BDABEA1CD81727E1CCCAE55FBA
C:\Windows\system32\DRIVERS\tcpip.sys 3583E8BDABEA1CD81727E1CCCAE55FBA
C:\Windows\System32\drivers\tcpipreg.sys D53E0362CB029677CC17E7063ED23B28
C:\Windows\system32\DRIVERS\tdx.sys 6F1FBE838430034D60080439091C7C8B
C:\Windows\System32\drivers\terminpt.sys 7DA14CDF599216A155E17A6621B2F197
C:\Windows\system32\drivers\tpm.sys 218256C18D67B2A6D1DD3F3ED10323CB
C:\Windows\System32\drivers\tsusbflt.sys 0B3799DFAE05073CED0554DFBDDEEAA7
C:\Windows\System32\drivers\TsUsbGD.sys 12A659D0FE26D3BDE58C047F14DA8DF5
C:\Windows\system32\DRIVERS\tunnel.sys 1BF08CF3A8911070AA39DC13B5E9A1E9
C:\Windows\System32\drivers\uagp35.sys 06230AC9192E4CAF8D64836B037165E4
C:\Windows\System32\drivers\uaspstor.sys 5ECCA592CEB38FADFB64D2B2D38EC9AB
C:\Windows\System32\drivers\ucx01000.sys 12FA276D9C1BFB794E7F9AEE5C694A72
C:\Windows\System32\DRIVERS\udfs.sys 1CBE60946F36D07329968959532DBF17
C:\Windows\System32\drivers\UEFI.sys 0B30FC2AB184A8242B9E6C618F582F30
C:\Windows\System32\drivers\uliagpkx.sys 7AECA2AF36D7A24183C35A2EF689EF99
C:\Windows\System32\drivers\umbus.sys 858AE2CC9F631A7A81301ABE2C600D96
C:\Windows\System32\drivers\umpass.sys 3FD362AA0510A9CF054D8A80C076F54C
C:\Windows\System32\drivers\usbccgp.sys BC6FEE865E84A98ADADB933D8BEAAA95
C:\Windows\System32\drivers\usbcir.sys 2DC630261AF254E36A84F59FC410EEE7
C:\Windows\System32\drivers\usbehci.sys 7CEBEF9AA881C2BEA46317D07ACA86FB
C:\Windows\System32\drivers\usbhub.sys EDF8C870AEA15DCF4B64C6232E8494D3
C:\Windows\System32\drivers\UsbHub3.sys 961B533ADBF9A53313BC3BC35E98B927
C:\Windows\System32\drivers\usbohci.sys 396F53AAAB9885A6740BAB60D964ACE7
C:\Windows\System32\drivers\usbprint.sys 1A46778F79EA56F092748AAD60AD1267
C:\Windows\System32\drivers\USBSTOR.SYS 291ADDEABF1AF00C506DBDE9EBD56B78
C:\Windows\System32\drivers\usbuhci.sys 2392381BA426FC95C41C303D7C6D61F4
C:\Windows\System32\drivers\USBXHCI.SYS 6C32EFD76AFB3D08089221F725008299
C:\Windows\System32\drivers\vdrvroot.sys 6E23937B059B9D4584D97DC27CD9C315
C:\Windows\System32\drivers\VerifierExt.sys AAA29EBF0B44EA790E8998F9E6FC72AD
C:\Windows\System32\drivers\vhdmp.sys 2927C29C1A0100E2C19A46005CC89766
C:\Windows\System32\drivers\viaide.sys F19AB35E723349E3043AB4D82359A624
C:\Windows\System32\drivers\Vid.sys 5629D2FEE9CAE6470FEDD7C0E8713EF5
C:\Windows\System32\drivers\vmbus.sys 87FC5FD85C3AF98A3119F56D5769396A
C:\Windows\System32\drivers\VMBusHID.sys 85F68A42015F7FC81F790654D4346DB9
C:\Windows\System32\drivers\vmbusr.sys BCB924676F9E2E3A7BB321CECD34F36E
C:\Windows\System32\drivers\volmgr.sys 66A6DF146CF0C258D15EF6D5583CD2AD
C:\Windows\System32\drivers\volmgrx.sys A21C8789396050C749BDC5EEC44DE392
C:\Windows\System32\drivers\volsnap.sys 9365B092503F8B0B6C724D1A8E4433D4
C:\Windows\System32\drivers\vpci.sys C2948579E72CCC3780D2B98DBB122F24
C:\Windows\System32\drivers\vpcivsp.sys A3A33288E4F9BCD369CCCDD39BA4DA15
C:\Windows\System32\drivers\vsmraid.sys 08A41EE2072555DB68921B553D36B823
C:\Windows\System32\drivers\vstxraid.sys 47F30B37730C7B08C328665BA52D693E
C:\Windows\System32\drivers\vwifibus.sys 6021BAA4B1D5033F1B6C8A198E1D9945
C:\Windows\System32\drivers\wacompen.sys 898FBD6F4BFA68C73ACA12AED937E0E6
C:\Windows\System32\drivers\WdBoot.sys 45BDEB64C527B2E3F3898A33A5053FE0
C:\Windows\System32\drivers\Wdf01000.sys CC247F0A83F620E0686EB551C32E7129
C:\Windows\System32\drivers\WdFilter.sys B167D079D82A69D41562AA2F17709F04
C:\Windows\System32\Drivers\WdNisDrv.sys 33821801F13D05D4FCF7F09631E99E17
C:\Windows\System32\DRIVERS\wfplwfs.sys 799E321E3FDB8931E882260D6B369B7C
C:\Windows\System32\drivers\wimmount.sys 14771C34E70C6E1A1A4DC3EF6F8F03BC
C:\Windows\system32\DRIVERS\WinUsb.sys 8090BF472C4D4BDFBA7EA9625C149135
C:\Windows\System32\drivers\wmiacpi.sys 19C2C35ED1BD8C6191B64F59EDD1E7EB
C:\Windows\System32\DRIVERS\wpcfltr.sys 48B47542262CFAE511F32630CB72FE2E
C:\Windows\System32\drivers\WpdUpFltr.sys 3ED868A35F605B5626349D889B8D1C0C
C:\Windows\system32\drivers\ws2ifsl.sys C0BC975DA8D775CEF8334E0DD3580DEF
C:\Windows\System32\drivers\WudfPf.sys 1CE69DA065D3AFC640B447C5A3A22FE5
C:\Windows\System32\drivers\WUDFRd.sys 6527BEE2C31DB4C7EC5C293F16CB2191
C:\Windows\system32\DRIVERS\WUDFRd.sys 6527BEE2C31DB4C7EC5C293F16CB2191
C:\Windows\system32\DRIVERS\WUDFRd.sys 6527BEE2C31DB4C7EC5C293F16CB2191
C:\Windows\system32\DRIVERS\WUDFRd.sys 6527BEE2C31DB4C7EC5C293F16CB2191
C:\Windows\System32\drivers\xusb22.sys 536FE573D5D896AD149D9FAD865D2BAE
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-19 09:05 - 2013-10-19 09:05 - 00000000 ____D C:\FRST
2013-10-12 09:51 - 2013-10-12 09:52 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-10-12 09:50 - 2013-10-12 09:51 - 00000000 ____D C:\Users\jenny\AppData\Local\Origin
2013-10-12 09:40 - 2013-10-12 09:50 - 00000000 ____D C:\Program Files (x86)\Origin
2013-10-12 09:40 - 2013-10-12 09:40 - 00000995 _____ C:\Users\Public\Desktop\Origin.lnk
2013-10-12 09:39 - 2013-10-12 09:39 - 16952576 _____ (Electronic Arts, Inc.) C:\Users\jenny\Downloads\OriginThinSetup.exe
2013-10-12 09:37 - 2013-10-12 20:45 - 00003762 _____ C:\WINDOWS\PFRO.log
2013-10-08 18:42 - 2013-10-08 18:42 - 00000000 ____D C:\ProgramData\ATI
2013-10-08 18:41 - 2013-10-08 18:41 - 00349464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-08 18:13 - 2013-10-08 18:13 - 00055445 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310081813453699.log
2013-10-08 18:13 - 2013-10-08 18:13 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-08 18:12 - 2013-10-08 18:12 - 00000000 ____D C:\WINDOWS\LastGood
2013-10-08 18:11 - 2013-10-19 08:58 - 00000515 _____ C:\WINDOWS\setupact.log
2013-10-08 18:11 - 2013-10-08 18:11 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-10-08 18:06 - 2013-10-08 18:08 - 247606848 _____ (AMD Inc.) C:\Users\jenny\Downloads\Amd_catalyst_13.11_betav1.exe
2013-10-07 20:32 - 2013-10-07 20:33 - 00000000 ____D C:\Users\jenny\Documents\Battlefield 4 Beta
2013-10-04 12:34 - 2013-10-04 12:34 - 00000000 ____D C:\Users\jenny\Intel
2013-10-04 12:33 - 2013-10-04 12:33 - 17455600 _____ (Intel Corporation) C:\Users\jenny\Downloads\SetupRST.exe
2013-10-01 16:57 - 2013-10-01 16:58 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-10-01 16:54 - 2013-10-13 02:37 - 01062283 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-01 16:46 - 2013-10-01 16:46 - 00055445 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310011646392523.log
2013-10-01 16:20 - 2013-10-01 16:23 - 00000000 ____D C:\Users\jenny\Documents\Battlefield 4
2013-10-01 16:19 - 2013-10-01 17:45 - 00000000 ____D C:\Users\jenny\AppData\Local\ESN Sonar
2013-09-29 20:48 - 2013-09-29 21:12 - 00000000 ____D C:\Users\jenny\AppData\Local\ALLBenchmark
2013-09-29 20:48 - 2013-09-29 20:48 - 00000872 _____ C:\Users\Public\Desktop\Catzilla.lnk
2013-09-29 20:48 - 2013-09-29 20:48 - 00000000 ____D C:\Program Files\ALLBenchmark
2013-09-28 14:04 - 2013-07-22 09:34 - 00024864 _____ C:\WINDOWS\system32\RegBootDefrag.exe
2013-09-26 23:59 - 2013-09-26 23:59 - 00000000 ____D C:\ProgramData\RELOADED
2013-09-26 23:50 - 2013-09-26 23:50 - 00000948 _____ C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk
2013-09-26 23:21 - 2013-09-26 23:21 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2013-09-26 23:21 - 2013-09-26 23:21 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2013-09-26 23:21 - 2013-09-26 23:21 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2013-09-26 23:21 - 2013-09-26 23:21 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2013-09-26 23:21 - 2013-09-26 23:21 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2013-09-26 23:20 - 2013-09-26 23:20 - 07751408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2013-09-26 23:20 - 2013-09-26 23:20 - 07139552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2013-09-26 23:18 - 2013-09-26 23:18 - 12760576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2013-09-26 23:04 - 2013-09-26 23:04 - 28469248 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2013-09-26 23:04 - 2013-09-26 23:04 - 00229888 _____ C:\WINDOWS\system32\clinfo.exe
2013-09-26 23:04 - 2013-09-26 23:04 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2013-09-26 23:04 - 2013-09-26 23:04 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2013-09-26 23:04 - 2013-09-26 23:04 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2013-09-26 23:04 - 2013-09-26 23:04 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2013-09-26 23:01 - 2013-09-26 23:01 - 24008192 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2013-09-26 22:59 - 2013-09-26 22:59 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-09-26 22:59 - 2013-09-26 22:59 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-09-26 22:54 - 2013-09-26 22:54 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.20.16.dll
2013-09-26 22:51 - 2013-09-26 22:51 - 25828864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2013-09-26 22:45 - 2013-09-26 22:45 - 00781312 _____ C:\WINDOWS\system32\amdmiracast.dll
2013-09-26 22:45 - 2013-09-26 22:45 - 00538400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2013-09-26 22:45 - 2013-09-26 22:45 - 00538400 _____ C:\WINDOWS\system32\atiapfxx.blb
2013-09-26 22:45 - 2013-09-26 22:45 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2013-09-26 22:45 - 2013-09-26 22:45 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2013-09-26 22:44 - 2013-09-26 22:44 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2013-09-26 22:44 - 2013-09-26 22:44 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2013-09-26 22:44 - 2013-09-26 22:44 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2013-09-26 22:44 - 2013-09-26 22:44 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2013-09-26 22:41 - 2013-09-26 22:41 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2013-09-26 22:32 - 2013-09-26 22:32 - 21724160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2013-09-26 22:23 - 2013-09-26 22:23 - 00580608 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2013-09-26 22:23 - 2013-09-26 22:23 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2013-09-26 22:23 - 2013-09-26 22:23 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2013-09-26 22:22 - 2013-09-26 22:22 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2013-09-26 22:20 - 2013-09-26 22:20 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2013-09-26 22:07 - 2013-09-26 22:07 - 03399312 _____ C:\WINDOWS\system32\atiumd6a.cap
2013-09-26 21:58 - 2013-09-26 21:58 - 03433360 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2013-09-26 21:50 - 2013-09-26 21:50 - 01133568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00819712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2013-09-26 21:49 - 2013-09-26 21:49 - 00619008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2013-09-26 21:49 - 2013-09-26 21:49 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2013-09-26 21:46 - 2013-09-26 21:46 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2013-09-26 21:42 - 2013-09-26 21:42 - 00009728 _____ C:\WINDOWS\system32\amdhdl64.dll
2013-09-26 21:42 - 2013-09-26 21:42 - 00009216 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2013-09-26 17:15 - 2013-09-26 17:15 - 00051200 _____ C:\WINDOWS\system32\kdbsdk64.dll
2013-09-26 17:10 - 2013-09-26 17:10 - 00038912 _____ C:\WINDOWS\SysWOW64\kdbsdk32.dll
2013-09-26 12:22 - 2008-05-07 15:49 - 00052539 _____ C:\Users\jenny\Desktop\Afu236.exe
2013-09-26 12:21 - 2013-09-26 12:21 - 00000000 ____D C:\Users\jenny\AppData\Roaming\InstallShield
2013-09-26 12:20 - 2013-09-26 12:21 - 00001769 _____ C:\WINDOWS\Language_trs.ini
2013-09-26 12:19 - 2013-09-26 12:19 - 00023909 _____ C:\Users\jenny\Downloads\AFU_DOS_236.zip
2013-09-26 11:58 - 2013-09-26 12:00 - 00000000 ____D C:\Users\jenny\Desktop\Neuer Ordner (2)
2013-09-25 17:15 - 2013-09-25 17:15 - 00002001 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-09-25 17:15 - 2013-09-25 17:15 - 00000000 ____D C:\Users\jenny\Documents\PCSX2
2013-09-25 17:15 - 2013-09-25 17:15 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.0.0
2013-09-25 13:22 - 2013-09-02 10:05 - 05823008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2013-09-25 13:22 - 2013-09-02 10:05 - 01414128 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2013-09-25 13:22 - 2013-09-02 10:05 - 00246896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2013-09-25 13:22 - 2013-08-16 14:40 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-09-25 13:22 - 2013-08-16 07:50 - 03419136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-09-24 15:56 - 2013-10-13 04:01 - 00001840 _____ C:\WINDOWS\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-09-24 15:56 - 2013-10-13 03:56 - 00001208 _____ C:\WINDOWS\Tasks\Plus-HD-1.6-codedownloader.job
2013-09-24 15:56 - 2013-10-12 09:35 - 00000000 ____D C:\Program Files (x86)\BrowseFox
2013-09-24 15:56 - 2013-09-24 15:56 - 00004212 _____ C:\WINDOWS\System32\Tasks\Plus-HD-1.6-codedownloader
2013-09-24 15:56 - 2013-09-24 15:56 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-09-24 11:09 - 2013-09-24 11:09 - 00001182 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-24 11:09 - 2013-09-24 11:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-09-23 00:29 - 2013-09-29 20:51 - 00031136 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2013-09-22 23:35 - 2013-09-22 23:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-09-22 23:35 - 2013-09-22 23:35 - 00000000 ____D C:\Program Files\Realtek
2013-09-22 23:35 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2013-09-22 23:35 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2013-09-22 23:35 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2013-09-22 23:35 - 2013-03-29 17:10 - 00449481 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2013-09-22 23:35 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2013-09-22 23:35 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2013-09-22 23:35 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2013-09-22 23:35 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2013-09-22 23:35 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2013-09-22 23:35 - 2013-03-25 17:32 - 03180264 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2013-09-22 23:35 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2013-09-22 23:35 - 2013-03-20 13:17 - 09123608 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2013-09-22 23:35 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2013-09-22 23:35 - 2013-03-20 13:16 - 01900312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2013-09-22 23:35 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2013-09-22 23:35 - 2013-03-15 19:34 - 04957976 _____ (A-volute) C:\WINDOWS\system32\RTKSMlfx.dll
2013-09-22 23:35 - 2013-03-15 19:33 - 00887640 _____ (A-Volute) C:\WINDOWS\system32\RTKSMSettingsIPC.dll
2013-09-22 23:35 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2013-09-22 23:35 - 2013-03-08 12:51 - 00904752 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2013-09-22 23:35 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2013-09-22 23:35 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2013-09-22 23:35 - 2013-02-27 05:37 - 00823072 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2013-09-22 23:35 - 2013-02-27 05:37 - 00633632 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\sltech64.dll
2013-09-22 23:35 - 2013-02-27 05:37 - 00517408 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2013-09-22 23:35 - 2013-02-27 05:37 - 00213792 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2013-09-22 23:35 - 2013-02-21 17:26 - 00858032 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2013-09-22 23:35 - 2013-02-21 17:26 - 00148912 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2013-09-22 23:35 - 2013-02-21 17:25 - 00569256 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2013-09-22 23:35 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2013-09-22 23:35 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2013-09-22 23:35 - 2013-01-17 19:32 - 00719640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2013-09-22 23:35 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2013-09-22 23:35 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2013-09-22 23:35 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2013-09-22 23:35 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2013-09-22 23:35 - 2012-09-10 20:06 - 00612728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2013-09-22 23:35 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2013-09-22 23:35 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2013-09-22 23:35 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2013-09-22 23:35 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2013-09-22 23:35 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2013-09-22 23:35 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2013-09-22 23:35 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2013-09-22 23:35 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2013-09-22 23:35 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2013-09-22 23:35 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2013-09-22 23:35 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2013-09-22 23:35 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2013-09-22 23:35 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2013-09-22 23:35 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2013-09-22 23:35 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2013-09-22 23:35 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2013-09-22 23:35 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2013-09-22 23:35 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2013-09-22 23:35 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2013-09-22 23:35 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2013-09-22 23:35 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2013-09-22 23:35 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2013-09-22 23:35 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2013-09-22 23:35 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2013-09-22 23:35 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2013-09-22 23:35 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2013-09-22 23:35 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2013-09-22 23:35 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2013-09-22 23:35 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2013-09-22 23:35 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2013-09-22 23:35 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2013-09-22 23:35 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2013-09-22 23:32 - 2013-09-22 23:32 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-09-22 23:29 - 2013-01-16 16:02 - 02079816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2013-09-22 23:24 - 2013-09-22 23:28 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\jenny\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-09-22 23:18 - 2013-09-22 23:18 - 00000000 ____D C:\Users\jenny\AppData\Local\Google
2013-09-22 23:11 - 2013-09-22 23:11 - 00021712 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2013-09-22 23:11 - 2013-09-22 23:11 - 00000811 _____ C:\Users\jenny\Desktop\Find Drivers with DriverAgent.lnk
2013-09-22 23:11 - 2013-09-22 23:11 - 00000000 ____D C:\Users\jenny\AppData\Local\eSupport.com
2013-09-22 23:05 - 2013-09-22 23:09 - 359890320 _____ (Futuremark Corporation) C:\Users\jenny\Downloads\3DMark_Vantage_v112_installer-[Guru3D.com].exe
2013-09-22 17:36 - 2013-09-22 17:36 - 00003166 _____ C:\WINDOWS\System32\Tasks\{C0F419FB-EB09-4071-90D5-15B2951037C6}
2013-09-22 17:36 - 2013-09-22 17:36 - 00003166 _____ C:\WINDOWS\System32\Tasks\{95FA869B-FA5F-4D53-8719-5DE18121655C}
2013-09-22 17:22 - 2013-10-13 02:17 - 00001190 _____ C:\WINDOWS\Tasks\Torntv 2-updater.job
2013-09-22 17:22 - 2013-10-13 02:17 - 00001184 _____ C:\WINDOWS\Tasks\Torntv 2-codedownloader.job
2013-09-22 17:22 - 2013-10-13 02:17 - 00001094 _____ C:\WINDOWS\Tasks\Torntv 2-enabler.job
2013-09-22 17:22 - 2013-09-29 00:54 - 00000000 ____D C:\Program Files (x86)\TornTV.com
2013-09-22 17:22 - 2013-09-22 17:24 - 00000000 ____D C:\Users\jenny\Documents\Windows XP Professional SP3 April 2013 + SATA Drivers 【ThumperDC】
2013-09-22 17:22 - 2013-09-22 17:22 - 00004194 _____ C:\WINDOWS\System32\Tasks\Torntv 2-updater
2013-09-22 17:22 - 2013-09-22 17:22 - 00004188 _____ C:\WINDOWS\System32\Tasks\Torntv 2-codedownloader
2013-09-22 17:22 - 2013-09-22 17:22 - 00004098 _____ C:\WINDOWS\System32\Tasks\Torntv 2-enabler
2013-09-22 17:22 - 2013-09-22 17:22 - 00000864 _____ C:\Users\jenny\Desktop\TornTV.lnk
2013-09-22 17:22 - 2013-09-22 17:22 - 00000000 ____D C:\Users\jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
2013-09-22 17:22 - 2013-09-22 17:22 - 00000000 ____D C:\ProgramData\APN
2013-09-22 17:22 - 2013-09-22 17:22 - 00000000 ____D C:\Program Files (x86)\Torntv 2
2013-09-22 15:26 - 2013-09-22 15:26 - 00000000 ____D C:\Program Files (x86)\EaseUS
2013-09-22 13:03 - 2013-09-22 16:18 - 00001890 _____ C:\WINDOWS\diagwrn.xml
2013-09-22 13:03 - 2013-09-22 16:18 - 00001890 _____ C:\WINDOWS\diagerr.xml
2013-09-22 12:09 - 2013-09-22 12:09 - 00000000 ____D C:\Users\jenny\AppData\Roaming\KeePass
2013-09-22 12:08 - 2013-09-29 00:53 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2013-09-22 12:08 - 2013-09-22 12:08 - 00000000 ____D C:\Users\jenny\AppData\Local\KeePass
2013-09-22 11:43 - 2013-09-22 11:43 - 00000000 ____D C:\Users\jenny\Documents\Razer
2013-09-20 22:51 - 2013-09-22 12:54 - 00000000 ____D C:\Users\jenny\AppData\Roaming\Winamp
2013-09-20 22:51 - 2013-09-20 22:51 - 00000995 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-09-20 22:51 - 2013-09-20 22:51 - 00000000 ____D C:\Users\jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-09-20 22:51 - 2013-09-20 22:51 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-09-20 22:51 - 2013-09-20 22:51 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-09-19 21:12 - 2013-09-19 21:12 - 00001351 _____ C:\Users\Public\Desktop\Razer Game Booster.lnk
2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Users\jenny\AppData\Local\Razer
2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\ProgramData\Razer
2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\Razer
2013-09-19 12:29 - 2013-09-19 12:29 - 00002772 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-09-19 12:29 - 2013-09-19 12:29 - 00000000 ____D C:\Program Files\CCleaner
==================== One Month Modified Files and Folders =======
2013-10-19 09:05 - 2013-10-19 09:05 - 00000000 ____D C:\FRST
2013-10-19 09:02 - 2013-07-12 17:56 - 00737374 _____ C:\WINDOWS\system32\perfh007.dat
2013-10-19 09:02 - 2013-07-12 17:56 - 00149022 _____ C:\WINDOWS\system32\perfc007.dat
2013-10-19 09:02 - 2013-07-12 16:58 - 01712516 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-19 08:58 - 2013-10-08 18:11 - 00000515 _____ C:\WINDOWS\setupact.log
2013-10-19 08:58 - 2013-07-12 17:00 - 00000000 ____D C:\Users\jenny
2013-10-13 04:01 - 2013-09-24 15:56 - 00001840 _____ C:\WINDOWS\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-10-13 04:00 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-13 03:58 - 2013-07-12 17:06 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3235200704-2252475554-2607181729-1001
2013-10-13 03:58 - 2013-07-12 17:02 - 00000000 __RDO C:\Users\jenny\SkyDrive
2013-10-13 03:56 - 2013-09-24 15:56 - 00001208 _____ C:\WINDOWS\Tasks\Plus-HD-1.6-codedownloader.job
2013-10-13 03:28 - 2013-07-19 23:32 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-13 02:37 - 2013-10-01 16:54 - 01062283 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-13 02:18 - 2013-07-24 18:04 - 00000346 _____ C:\WINDOWS\Tasks\GlaryInitialize 3.job
2013-10-13 02:17 - 2013-09-22 17:22 - 00001190 _____ C:\WINDOWS\Tasks\Torntv 2-updater.job
2013-10-13 02:17 - 2013-09-22 17:22 - 00001184 _____ C:\WINDOWS\Tasks\Torntv 2-codedownloader.job
2013-10-13 02:17 - 2013-09-22 17:22 - 00001094 _____ C:\WINDOWS\Tasks\Torntv 2-enabler.job
2013-10-13 02:17 - 2013-07-12 18:10 - 00003134 _____ C:\WINDOWS\System32\Tasks\FRAPS
2013-10-13 02:17 - 2011-11-02 10:16 - 00000000 ____D C:\Fraps
2013-10-12 20:45 - 2013-10-12 09:37 - 00003762 _____ C:\WINDOWS\PFRO.log
2013-10-12 20:45 - 2013-06-16 06:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-12 09:52 - 2013-10-12 09:51 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-10-12 09:51 - 2013-10-12 09:50 - 00000000 ____D C:\Users\jenny\AppData\Local\Origin
2013-10-12 09:51 - 2013-08-14 20:30 - 00000000 ____D C:\ProgramData\Origin
2013-10-12 09:50 - 2013-10-12 09:40 - 00000000 ____D C:\Program Files (x86)\Origin
2013-10-12 09:40 - 2013-10-12 09:40 - 00000995 _____ C:\Users\Public\Desktop\Origin.lnk
2013-10-12 09:39 - 2013-10-12 09:39 - 16952576 _____ (Electronic Arts, Inc.) C:\Users\jenny\Downloads\OriginThinSetup.exe
2013-10-12 09:37 - 2013-06-16 05:17 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2013-10-12 09:35 - 2013-09-24 15:56 - 00000000 ____D C:\Program Files (x86)\BrowseFox
2013-10-12 09:35 - 2013-08-26 22:49 - 00000000 ____D C:\Users\jenny\AppData\Roaming\TS3Client
2013-10-12 09:32 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-10-10 20:45 - 2013-08-26 03:46 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-10-10 20:45 - 2013-08-26 03:46 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-10-10 16:36 - 2013-09-16 17:38 - 00000000 ____D C:\Users\jenny\AppData\Roaming\vlc
2013-10-08 22:19 - 2013-09-17 17:50 - 00000000 ____D C:\Users\jenny\AppData\Roaming\Skype
2013-10-08 22:05 - 2013-07-19 23:32 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-08 18:42 - 2013-10-08 18:42 - 00000000 ____D C:\ProgramData\ATI
2013-10-08 18:41 - 2013-10-08 18:41 - 00349464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-08 18:13 - 2013-10-08 18:13 - 00055445 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310081813453699.log
2013-10-08 18:13 - 2013-10-08 18:13 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-08 18:13 - 2013-07-12 17:29 - 00000000 ____D C:\ProgramData\AMD
2013-10-08 18:13 - 2013-07-12 17:28 - 00000000 ____D C:\Program Files\ATI Technologies
2013-10-08 18:12 - 2013-10-08 18:12 - 00000000 ____D C:\WINDOWS\LastGood
2013-10-08 18:11 - 2013-10-08 18:11 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-10-08 18:08 - 2013-10-08 18:06 - 247606848 _____ (AMD Inc.) C:\Users\jenny\Downloads\Amd_catalyst_13.11_betav1.exe
2013-10-08 18:08 - 2011-11-01 23:06 - 00000000 ____D C:\AMD
2013-10-08 16:50 - 2013-07-24 17:59 - 00057856 ___SH C:\Users\jenny\Desktop\Thumbs.db
2013-10-07 20:33 - 2013-10-07 20:32 - 00000000 ____D C:\Users\jenny\Documents\Battlefield 4 Beta
2013-10-04 12:34 - 2013-10-04 12:34 - 00000000 ____D C:\Users\jenny\Intel
2013-10-04 12:33 - 2013-10-04 12:33 - 17455600 _____ (Intel Corporation) C:\Users\jenny\Downloads\SetupRST.exe
2013-10-03 19:15 - 2013-07-24 18:16 - 00007593 _____ C:\Users\jenny\AppData\Local\Resmon.ResmonCfg
2013-10-03 00:49 - 2013-08-26 11:50 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2013-10-01 17:45 - 2013-10-01 16:19 - 00000000 ____D C:\Users\jenny\AppData\Local\ESN Sonar
2013-10-01 16:58 - 2013-10-01 16:57 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-10-01 16:57 - 2013-07-25 14:33 - 00095232 ___SH C:\Users\jenny\Downloads\Thumbs.db
2013-10-01 16:50 - 2013-07-19 22:33 - 00000000 ____D C:\Users\jenny\AppData\Roaming\BitTorrent
2013-10-01 16:46 - 2013-10-01 16:46 - 00055445 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310011646392523.log
2013-10-01 16:45 - 2013-07-12 17:28 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-01 16:23 - 2013-10-01 16:20 - 00000000 ____D C:\Users\jenny\Documents\Battlefield 4
2013-10-01 16:18 - 2013-08-26 03:46 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-10-01 15:44 - 2013-08-14 20:30 - 00000000 ____D C:\Users\jenny\AppData\Roaming\Origin
2013-09-30 21:03 - 2013-08-26 11:49 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-09-29 21:12 - 2013-09-29 20:48 - 00000000 ____D C:\Users\jenny\AppData\Local\ALLBenchmark
2013-09-29 20:51 - 2013-09-23 00:29 - 00031136 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2013-09-29 20:48 - 2013-09-29 20:48 - 00000872 _____ C:\Users\Public\Desktop\Catzilla.lnk
2013-09-29 20:48 - 2013-09-29 20:48 - 00000000 ____D C:\Program Files\ALLBenchmark
2013-09-29 00:54 - 2013-09-22 17:22 - 00000000 ____D C:\Program Files (x86)\TornTV.com
2013-09-29 00:54 - 2013-08-20 17:04 - 00000000 ____D C:\Users\jenny\Documents\Rockstar Games
2013-09-29 00:53 - 2013-09-22 12:08 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2013-09-29 00:53 - 2013-08-20 15:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-28 14:04 - 2013-06-16 05:17 - 53477376 _____ C:\WINDOWS\system32\config\SOFTWARE.gu.bak
2013-09-28 14:04 - 2013-06-16 05:17 - 11272192 _____ C:\WINDOWS\system32\config\SYSTEM.gu.bak
2013-09-28 14:04 - 2013-06-16 05:17 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT.gu.bak
2013-09-28 14:04 - 2013-06-16 05:17 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.gu.bak
2013-09-28 14:04 - 2013-06-16 05:17 - 00262144 _____ C:\WINDOWS\system32\config\SAM.gu.bak
2013-09-28 14:03 - 2013-07-24 18:04 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3
2013-09-26 23:59 - 2013-09-26 23:59 - 00000000 ____D C:\ProgramData\RELOADED
2013-09-26 23:50 - 2013-09-26 23:50 - 00000948 _____ C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk
2013-09-26 23:21 - 2013-09-26 23:21 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2013-09-26 23:21 - 2013-09-26 23:21 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2013-09-26 23:21 - 2013-09-26 23:21 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2013-09-26 23:21 - 2013-09-26 23:21 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2013-09-26 23:21 - 2013-09-26 23:21 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2013-09-26 23:21 - 2013-06-22 06:19 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2013-09-26 23:21 - 2013-06-06 20:11 - 01311360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2013-09-26 23:21 - 2013-06-06 20:11 - 01094000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2013-09-26 23:21 - 2013-06-06 20:11 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2013-09-26 23:21 - 2013-06-06 20:11 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2013-09-26 23:21 - 2013-06-06 20:10 - 09571960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2013-09-26 23:20 - 2013-09-26 23:20 - 07751408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2013-09-26 23:20 - 2013-09-26 23:20 - 07139552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2013-09-26 23:20 - 2013-06-22 06:18 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2013-09-26 23:20 - 2013-06-22 06:18 - 06512312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2013-09-26 23:20 - 2013-06-06 20:10 - 08228328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2013-09-26 23:18 - 2013-09-26 23:18 - 12760576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2013-09-26 23:04 - 2013-09-26 23:04 - 28469248 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2013-09-26 23:04 - 2013-09-26 23:04 - 00229888 _____ C:\WINDOWS\system32\clinfo.exe
2013-09-26 23:04 - 2013-09-26 23:04 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2013-09-26 23:04 - 2013-09-26 23:04 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2013-09-26 23:04 - 2013-09-26 23:04 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2013-09-26 23:04 - 2013-09-26 23:04 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2013-09-26 23:01 - 2013-09-26 23:01 - 24008192 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2013-09-26 22:59 - 2013-09-26 22:59 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-09-26 22:59 - 2013-09-26 22:59 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-09-26 22:54 - 2013-09-26 22:54 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.20.16.dll
2013-09-26 22:51 - 2013-09-26 22:51 - 25828864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2013-09-26 22:45 - 2013-09-26 22:45 - 00781312 _____ C:\WINDOWS\system32\amdmiracast.dll
2013-09-26 22:45 - 2013-09-26 22:45 - 00538400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2013-09-26 22:45 - 2013-09-26 22:45 - 00538400 _____ C:\WINDOWS\system32\atiapfxx.blb
2013-09-26 22:45 - 2013-09-26 22:45 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2013-09-26 22:45 - 2013-09-26 22:45 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2013-09-26 22:44 - 2013-09-26 22:44 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2013-09-26 22:44 - 2013-09-26 22:44 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2013-09-26 22:44 - 2013-09-26 22:44 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2013-09-26 22:44 - 2013-09-26 22:44 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2013-09-26 22:41 - 2013-09-26 22:41 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2013-09-26 22:32 - 2013-09-26 22:32 - 21724160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2013-09-26 22:23 - 2013-09-26 22:23 - 00580608 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2013-09-26 22:23 - 2013-09-26 22:23 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2013-09-26 22:23 - 2013-09-26 22:23 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2013-09-26 22:22 - 2013-09-26 22:22 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2013-09-26 22:20 - 2013-09-26 22:20 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2013-09-26 22:07 - 2013-09-26 22:07 - 03399312 _____ C:\WINDOWS\system32\atiumd6a.cap
2013-09-26 21:58 - 2013-09-26 21:58 - 03433360 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2013-09-26 21:50 - 2013-09-26 21:50 - 01133568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00819712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2013-09-26 21:50 - 2013-09-26 21:50 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2013-09-26 21:49 - 2013-09-26 21:49 - 00619008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2013-09-26 21:49 - 2013-09-26 21:49 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2013-09-26 21:46 - 2013-09-26 21:46 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2013-09-26 21:42 - 2013-09-26 21:42 - 00009728 _____ C:\WINDOWS\system32\amdhdl64.dll
2013-09-26 21:42 - 2013-09-26 21:42 - 00009216 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2013-09-26 17:15 - 2013-09-26 17:15 - 00051200 _____ C:\WINDOWS\system32\kdbsdk64.dll
2013-09-26 17:10 - 2013-09-26 17:10 - 00038912 _____ C:\WINDOWS\SysWOW64\kdbsdk32.dll
2013-09-26 12:21 - 2013-09-26 12:21 - 00000000 ____D C:\Users\jenny\AppData\Roaming\InstallShield
2013-09-26 12:21 - 2013-09-26 12:20 - 00001769 _____ C:\WINDOWS\Language_trs.ini
2013-09-26 12:21 - 2013-07-17 17:40 - 00000000 ____D C:\Program Files (x86)\Intel
2013-09-26 12:19 - 2013-09-26 12:19 - 00023909 _____ C:\Users\jenny\Downloads\AFU_DOS_236.zip
2013-09-26 12:00 - 2013-09-26 11:58 - 00000000 ____D C:\Users\jenny\Desktop\Neuer Ordner (2)
2013-09-26 11:18 - 2013-08-02 16:12 - 00000000 ____D C:\Users\jenny\AppData\Roaming\DiskDefrag
2013-09-25 17:15 - 2013-09-25 17:15 - 00002001 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-09-25 17:15 - 2013-09-25 17:15 - 00000000 ____D C:\Users\jenny\Documents\PCSX2
2013-09-25 17:15 - 2013-09-25 17:15 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.0.0
2013-09-25 17:15 - 2013-08-16 21:36 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2013-09-25 13:22 - 2013-06-16 07:37 - 00000000 ____D C:\WINDOWS\WinStore
2013-09-25 05:15 - 2013-09-17 17:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-24 15:56 - 2013-09-24 15:56 - 00004212 _____ C:\WINDOWS\System32\Tasks\Plus-HD-1.6-codedownloader
2013-09-24 15:56 - 2013-09-24 15:56 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-09-24 11:09 - 2013-09-24 11:09 - 00001182 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-24 11:09 - 2013-09-24 11:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-09-23 02:32 - 2011-11-01 22:56 - 00008192 __RSH C:\BOOTSECT.BAK
2013-09-22 23:35 - 2013-09-22 23:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-09-22 23:35 - 2013-09-22 23:35 - 00000000 ____D C:\Program Files\Realtek
2013-09-22 23:32 - 2013-09-22 23:32 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-09-22 23:28 - 2013-09-22 23:24 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\jenny\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-09-22 23:18 - 2013-09-22 23:18 - 00000000 ____D C:\Users\jenny\AppData\Local\Google
2013-09-22 23:11 - 2013-09-22 23:11 - 00021712 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2013-09-22 23:11 - 2013-09-22 23:11 - 00000811 _____ C:\Users\jenny\Desktop\Find Drivers with DriverAgent.lnk
2013-09-22 23:11 - 2013-09-22 23:11 - 00000000 ____D C:\Users\jenny\AppData\Local\eSupport.com
2013-09-22 23:09 - 2013-09-22 23:05 - 359890320 _____ (Futuremark Corporation) C:\Users\jenny\Downloads\3DMark_Vantage_v112_installer-[Guru3D.com].exe
2013-09-22 17:36 - 2013-09-22 17:36 - 00003166 _____ C:\WINDOWS\System32\Tasks\{C0F419FB-EB09-4071-90D5-15B2951037C6}
2013-09-22 17:36 - 2013-09-22 17:36 - 00003166 _____ C:\WINDOWS\System32\Tasks\{95FA869B-FA5F-4D53-8719-5DE18121655C}
2013-09-22 17:24 - 2013-09-22 17:22 - 00000000 ____D C:\Users\jenny\Documents\Windows XP Professional SP3 April 2013 + SATA Drivers 【ThumperDC】
2013-09-22 17:22 - 2013-09-22 17:22 - 00004194 _____ C:\WINDOWS\System32\Tasks\Torntv 2-updater
2013-09-22 17:22 - 2013-09-22 17:22 - 00004188 _____ C:\WINDOWS\System32\Tasks\Torntv 2-codedownloader
2013-09-22 17:22 - 2013-09-22 17:22 - 00004098 _____ C:\WINDOWS\System32\Tasks\Torntv 2-enabler
2013-09-22 17:22 - 2013-09-22 17:22 - 00000864 _____ C:\Users\jenny\Desktop\TornTV.lnk
2013-09-22 17:22 - 2013-09-22 17:22 - 00000000 ____D C:\Users\jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
2013-09-22 17:22 - 2013-09-22 17:22 - 00000000 ____D C:\ProgramData\APN
2013-09-22 17:22 - 2013-09-22 17:22 - 00000000 ____D C:\Program Files (x86)\Torntv 2
2013-09-22 16:18 - 2013-09-22 13:03 - 00001890 _____ C:\WINDOWS\diagwrn.xml
2013-09-22 16:18 - 2013-09-22 13:03 - 00001890 _____ C:\WINDOWS\diagerr.xml
2013-09-22 15:26 - 2013-09-22 15:26 - 00000000 ____D C:\Program Files (x86)\EaseUS
2013-09-22 12:54 - 2013-09-20 22:51 - 00000000 ____D C:\Users\jenny\AppData\Roaming\Winamp
2013-09-22 12:09 - 2013-09-22 12:09 - 00000000 ____D C:\Users\jenny\AppData\Roaming\KeePass
2013-09-22 12:08 - 2013-09-22 12:08 - 00000000 ____D C:\Users\jenny\AppData\Local\KeePass
2013-09-22 11:43 - 2013-09-22 11:43 - 00000000 ____D C:\Users\jenny\Documents\Razer
2013-09-20 22:51 - 2013-09-20 22:51 - 00000995 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-09-20 22:51 - 2013-09-20 22:51 - 00000000 ____D C:\Users\jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-09-20 22:51 - 2013-09-20 22:51 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-09-20 22:51 - 2013-09-20 22:51 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-09-19 21:12 - 2013-09-19 21:12 - 00001351 _____ C:\Users\Public\Desktop\Razer Game Booster.lnk
2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Users\jenny\AppData\Local\Razer
2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\ProgramData\Razer
2013-09-19 21:12 - 2013-09-19 21:12 - 00000000 ____D C:\Program Files (x86)\Razer
2013-09-19 12:29 - 2013-09-19 12:29 - 00002772 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-09-19 12:29 - 2013-09-19 12:29 - 00000000 ____D C:\Program Files\CCleaner
Files to move or delete:
====================
ZeroAccess:
C:\Users\jenny\AppData\Local\Google\Desktop\Install
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2013-06-16 00:48] - [2013-06-16 00:48] - 0558080 ____A (Microsoft Corporation) DEB887EA2EBEDF01644A200B4BDB181B
C:\Windows\System32\wininit.exe
[2013-06-16 00:52] - [2013-06-16 00:52] - 0145408 ____A (Microsoft Corporation) CACA6578AF9C48C29D7BF6AEFAF00599
C:\Windows\explorer.exe
[2013-06-16 00:01] - [2013-06-16 04:25] - 2254384 ____A (Microsoft Corporation) 2CF1204E913AEA5A492D89C153F3345E
C:\Windows\SysWOW64\explorer.exe
[2013-06-15 23:33] - [2013-06-16 03:33] - 2009104 ____A (Microsoft Corporation) 253252BBC9E61728986CB54261F8AECD
C:\Windows\System32\svchost.exe
[2013-06-16 00:48] - [2013-06-16 04:30] - 0037768 ____A (Microsoft Corporation) F7191317F1CD10F35DC74E24C1B71E06
C:\Windows\SysWOW64\svchost.exe
[2013-06-16 00:07] - [2013-06-16 03:38] - 0031552 ____A (Microsoft Corporation) D9F8FA4911FBF85919BA17FFE5B34430
C:\Windows\System32\services.exe
[2013-06-16 05:17] - [2013-06-16 05:17] - 0403408 ____A (Microsoft Corporation) 258527780FC8FFCF0A29F7455073C529
C:\Windows\System32\User32.dll
[2013-06-16 00:50] - [2013-06-16 04:25] - 1513264 ____A (Microsoft Corporation) 42F67E93E2C853A915E73F3A4645E3C9
C:\Windows\SysWOW64\User32.dll
[2013-06-16 00:10] - [2013-06-16 00:10] - 1359360 ____A (Microsoft Corporation) FCDCDEFD5A8BA26FDCD950607162339C
C:\Windows\System32\userinit.exe
[2013-06-16 00:56] - [2013-06-16 00:56] - 0025088 ____A (Microsoft Corporation) 166CB1E28BED6196B5030E91AD932998
C:\Windows\SysWOW64\userinit.exe
[2013-06-16 00:13] - [2013-06-16 00:13] - 0021504 ____A (Microsoft Corporation) 7AFC7764F71DBB1BC5A60EE67FE94C70
C:\Windows\System32\Drivers\volsnap.sys
[2013-06-16 02:36] - [2013-06-16 04:26] - 0312072 ___AC (Microsoft Corporation) 9365B092503F8B0B6C724D1A8E4433D4
nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
integrityservices Enable
default {default}
resumeobject {cd6939b3-eb55-11e2-a40d-de49138b81c9}
displayorder {default}
{1657d9c0-23d5-11e3-8bce-95b0fc5e07e9}
{current}
toolsdisplayorder {memdiag}
timeout 30
Windows-Startladeprogramm
-------------------------
Bezeichner {1657d9c0-23d5-11e3-8bce-95b0fc5e07e9}
device unknown
path \Windows\System32\xOsLoad.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
nointegritychecks Yes
osdevice unknown
systemroot \Windows
kernel xNtKrnl.exe
resumeobject {1657d9bf-23d5-11e3-8bce-95b0fc5e07e9}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {default}
device unknown
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
osdevice unknown
systemroot \Windows
resumeobject {1657d9c1-23d5-11e3-8bce-95b0fc5e07e9}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {35ac3b25-eb56-11e2-a40d-de49138b81c9}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{35ac3b26-eb56-11e2-a40d-de49138b81c9}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{35ac3b26-eb56-11e2-a40d-de49138b81c9}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {5bef6b50-e3f0-11e2-beee-485b397d3c90}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{5bef6b51-e3f0-11e2-beee-485b397d3c90}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{5bef6b51-e3f0-11e2-beee-485b397d3c90}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 8.1 Preview
locale en-US
inherit {bootloadersettings}
recoverysequence {35ac3b25-eb56-11e2-a40d-de49138b81c9}
integrityservices Enable
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {cd6939b3-eb55-11e2-a40d-de49138b81c9}
nx OptIn
bootmenupolicy Standard
Windows-Startladeprogramm
-------------------------
Bezeichner {fbc2bfcc-04cb-11e1-b298-8739248e3ab9}
device ramdisk=[C:]\Recovery\fbc2bfcc-04cb-11e1-b298-8739248e3ab9\Winre.wim,{fbc2bfcd-04cb-11e1-b298-8739248e3ab9}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\fbc2bfcc-04cb-11e1-b298-8739248e3ab9\Winre.wim,{fbc2bfcd-04cb-11e1-b298-8739248e3ab9}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {1657d9bf-23d5-11e3-8bce-95b0fc5e07e9}
device unknown
path \Windows\System32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice unknown
filepath \hiberfil.sys
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {1657d9c1-23d5-11e3-8bce-95b0fc5e07e9}
device unknown
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice unknown
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {5bef6b4e-e3f0-11e2-beee-485b397d3c90}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {5bef6b50-e3f0-11e2-beee-485b397d3c90}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {cd6939b3-eb55-11e2-a40d-de49138b81c9}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {35ac3b25-eb56-11e2-a40d-de49138b81c9}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {fbc2bfca-04cb-11e1-b298-8739248e3ab9}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {fbc2bfcc-04cb-11e1-b298-8739248e3ab9}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {35ac3b26-eb56-11e2-a40d-de49138b81c9}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Ger„teoptionen
--------------
Bezeichner {5bef6b51-e3f0-11e2-beee-485b397d3c90}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Ger„teoptionen
--------------
Bezeichner {5bef6b52-e3f0-11e2-beee-485b397d3c90}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Ger„teoptionen
--------------
Bezeichner {fbc2bfcd-04cb-11e1-b298-8739248e3ab9}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\fbc2bfcc-04cb-11e1-b298-8739248e3ab9\boot.sdi
LastRegBack: 2013-10-05 06:02
==================== End Of Log ============================
--- --- --- --- --- --- ich hoffe du kommst damit klar ..danke noch ma für deine hilfe |
|
19.10.2013, 14:54
| #4 | |
| /// the machine /// TB-Ausbilder | TrojanDropper:Win32/Sirefef.B -oder doch nicht So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu TrojanDropper:Win32/Sirefef.B -oder doch nicht |
| data, daten, dropper, error, erstellen, files, gen, installieren, konnte, leute, log, löschen, platt, platte, probleme, retten, scan, schließe, schmiert, system, troja, versuche, vieren, virus, win |
Linear-Darstellung
