|
Plagegeister aller Art und deren Bekämpfung: weißer Bildschrim nach User Login unter Windows 7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.06.2013, 22:19 | #1 |
| weißer Bildschrim nach User Login unter Windows 7 Guten Abend zusammen, habe mir manch Themen angesehen aber wie Ihr selbst schreibt, sind Lösungen für die einzelnen Personen gedacht. Daher mein eigenes Thema. Ich bedanke mich vorab für Eure Hilfe und die von Euch eingesetzte Freizeit mir zu helfen. Problem nach dem Userlogin, wird der Desktop weiß, es gibt nichts zu sehen, klicken außer die kleine Leiste für die Sprachwahl.. CTRL STRG ENTF öffnet das Menü, der Klick auf den TAskmanager wird nicht ausgeführt. Ich habe OTLPE wie beschrieben geladen, gebrannt und ausgeführt. Anbei die Log Was nun? Code:
ATTFilter OTL logfile created on: 6/4/2013 1:23:05 AM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 109.88 Gb Total Space | 51.16 Gb Free Space | 46.56% Space Free | Partition Type: NTFS Drive E: | 983.73 Mb Total Space | 420.47 Mb Free Space | 42.74% Space Free | Partition Type: FAT Drive F: | 110.00 Gb Total Space | 100.96 Gb Free Space | 91.78% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV - [2012/05/08 12:59:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012/05/08 12:59:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/05/08 12:59:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/07/29 14:26:02 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2008/10/19 08:30:02 | 000,222,456 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2008/07/10 07:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008/07/10 07:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008/05/12 19:47:20 | 000,077,480 | ---- | M] () [Auto] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/16 04:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (VMC326) DRV - File not found [Kernel | On_Demand] -- -- (VMC302) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand] -- -- (IpInIp) DRV - [2012/05/08 12:59:34 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012/05/08 12:59:34 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/09/16 11:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2009/10/08 11:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008/11/18 11:26:40 | 000,103,552 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\gtstusbser.sys -- (gtstusbser) DRV - [2008/04/26 22:07:00 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2007/05/23 04:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2006/11/02 03:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/ IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C5 51 1F 09 92 7A CC 01 [binary data] IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\sven_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\sven_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\sven_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\sven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\sven_ON_C..\Run: [{19E4F906-0FCA-6C68-0686-DA2B181F56B4}] File not found O4 - HKU\sven_ON_C..\Run: [4E3E0230AEBB4E96] File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\sven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\sven_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\sven_ON_C Winlogon: Shell - (C:\Users\sven\AppData\Roaming\skype.dat) - C:\Users\sven\AppData\Roaming\skype.dat () O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011/11/08 07:07:50 | 000,000,000 | ---D | M] - F:\auto -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{a86f58c5-9d2d-11e1-97a9-001377e14b62}\Shell - "" = AutoRun O33 - MountPoints2\{a86f58c5-9d2d-11e1-97a9-001377e14b62}\Shell\AutoRun\command - "" = C:\Windows\explorer.exe -- [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{ca0f17c0-1df1-11de-9017-001377e14b62}\Shell - "" = AutoRun O33 - MountPoints2\{ca0f17c0-1df1-11de-9017-001377e14b62}\Shell\AutoRun\command - "" = G:\QsSetup.exe O33 - MountPoints2\{ca9abea3-1ef1-11de-9b00-001377e14b62}\Shell - "" = AutoRun O33 - MountPoints2\{ca9abea3-1ef1-11de-9b00-001377e14b62}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\QsSetup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 60 Days ========== [2013/04/11 14:36:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/04/11 14:36:28 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2013/04/11 14:36:26 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/04/11 14:36:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/04/11 14:36:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/04/11 14:36:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/04/11 14:36:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2013/04/11 14:36:24 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/04/11 14:36:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/04/11 14:36:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/04/10 08:14:32 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013/04/10 08:14:31 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013/04/10 08:14:31 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2013/04/10 08:14:28 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013/04/10 08:14:26 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/08/25 13:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll ========== Files - Modified Within 60 Days ========== [2013/06/03 15:12:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/06/03 15:12:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/06/03 15:12:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/06/03 15:12:36 | 000,000,004 | ---- | M] () -- C:\Users\sven\AppData\Roaming\skype.ini [2013/06/03 14:49:36 | 000,000,680 | ---- | M] () -- C:\Users\sven\AppData\Local\d3d9caps.dat [2013/06/03 14:47:41 | 3179,921,408 | -HS- | M] () -- C:\hiberfil.sys [2013/05/05 10:29:02 | 000,000,912 | ---- | M] () -- C:\Users\sven\Desktop\Dokument.rtf [2013/05/05 04:44:40 | 000,179,693 | ---- | M] () -- C:\Users\sven\Desktop\Einladung-Einladungskarten-Hochzeit-fhe%20(2).jpg [2013/05/01 20:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013/04/27 14:13:41 | 000,675,412 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013/04/27 14:13:41 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/04/27 14:13:41 | 000,146,368 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013/04/27 14:13:41 | 000,118,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/04/11 15:00:42 | 000,368,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013/05/07 04:04:01 | 000,000,004 | ---- | C] () -- C:\Users\sven\AppData\Roaming\skype.ini [2013/05/05 10:29:02 | 000,000,912 | ---- | C] () -- C:\Users\sven\Desktop\Dokument.rtf [2013/05/05 10:12:54 | 000,179,693 | ---- | C] () -- C:\Users\sven\Desktop\Einladung-Einladungskarten-Hochzeit-fhe%20(2).jpg [2012/03/14 23:29:18 | 000,000,680 | ---- | C] () -- C:\Users\sven\AppData\Local\d3d9caps.dat [2012/01/11 12:57:48 | 000,110,592 | ---- | C] () -- C:\Users\sven\AppData\Roaming\skype.dat [2011/12/31 10:37:40 | 000,007,680 | ---- | C] () -- C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/10/12 06:32:47 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2010/08/25 14:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010/08/25 14:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010/08/25 14:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010/08/25 13:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2010/08/25 13:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010/08/25 13:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2009/08/22 14:13:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/22 14:13:21 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/03/31 08:55:13 | 000,001,007 | ---- | C] () -- C:\Windows\Mobile Partner Manager.INI [2009/01/02 03:06:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/01/02 02:27:20 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2009/01/02 02:26:25 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2009/01/02 02:26:25 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2009/01/02 02:18:23 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe [2009/01/02 02:18:23 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe [2009/01/02 02:18:07 | 000,004,860 | ---- | C] () -- C:\Windows\HotFixList.ini [2009/01/02 01:59:29 | 000,675,412 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009/01/02 01:59:29 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009/01/02 01:59:29 | 000,146,368 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009/01/02 01:59:29 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009/01/02 01:51:14 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2009/01/02 01:51:04 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1540.dll [2009/01/02 01:51:03 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2008/02/09 12:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2007/02/26 03:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat [2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:47:37 | 000,368,568 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 06:33:01 | 000,633,886 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 06:33:01 | 000,118,772 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001/11/13 23:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2011/09/29 14:46:53 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\DVDVideoSoft [2011/09/29 14:46:28 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\DVDVideoSoftIEHelpers [2010/07/28 14:44:04 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\ICQ [2011/06/21 14:30:58 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\Qiyl [2012/12/29 13:05:12 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\RavensburgerTipToi [2011/06/21 14:25:19 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\Wyul [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente [2009/11/17 10:13:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites [2009/03/31 09:26:59 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ [2013/03/31 03:09:22 | 000,000,000 | ---D | M] -- C:\ProgramData\RavensburgerTipToi [2009/01/02 02:19:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü [2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen [2009/01/02 02:46:59 | 000,000,000 | ---D | M] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1} [2013/06/03 15:12:45 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/12/16 08:56:54 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{27DB8BB8-9817-4932-A2CA-332B0EECBCA5}.job ========== Purity Check ========== < End of report > |
03.06.2013, 22:20 | #2 |
/// Malware-holic | weißer Bildschrim nach User Login unter Windows 7 Hi,
__________________auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL O20 - HKU\sven_ON_C Winlogon: Shell - (C:\Users\sven\AppData\Roaming\skype.dat) - C:\Users\sven\AppData\Roaming\skype.dat () [2013/06/03 15:12:36 | 000,000,004 | ---- | M] () -- C:\Users\sven\AppData\Roaming\skype.ini :Files :Commands [EMPTYFLASH] [emptytemp] dieses speicherst du auf nem usb stick als fix.txt nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist. • Klicke nun bitte auf den Fix Button. es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick. wenn dies nicht funktioniert, bitte den fix manuell eintragen. dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen, log posten bitte. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die + E Taste.
__________________ |
03.06.2013, 22:27 | #3 |
| weißer Bildschrim nach User Login unter Windows 7 bei Versuch die fix aus zu wählen erhalte ich
__________________Access Violtion at adress 7CA=C936 in module "shell32dll". read of adress 00000006 und dann friert alles alles außer maus ein....rechtsklick beenden geht, erhalte dann die Meldung "this progra is not responding" |
03.06.2013, 22:27 | #4 |
/// Malware-holic | weißer Bildschrim nach User Login unter Windows 7 dann halt manuell eintragen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
03.06.2013, 22:32 | #5 |
| weißer Bildschrim nach User Login unter Windows 7 manche Anleitung sagt ich soll den haken bei all users entfernen, andere drin lassen. Hab ihn drin gelassen ich editiere hier (außer neues post deinerseits kommt dazu) sobald ich es per Hand geschafft hab. Der Fehler violation kommt erst bei der LW Auswahl EDIT ich bekam die Datei 06042013_023642.log der Rechner startete nicht neu Code:
ATTFilter ========== OTL ========== Registry value HKEY_USERS\sven_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\sven\AppData\Roaming\skype.dat deleted successfully. C:\Users\sven\AppData\Roaming\skype.dat moved successfully. C:\Users\sven\AppData\Roaming\skype.ini moved successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 400807 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: sven Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: sven %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 140278654 bytes Total Files Cleaned = 134.00 mb OTLPE by OldTimer - Version 3.1.48.0 log created on 06042013_023642 Geändert von charlien (03.06.2013 um 22:41 Uhr) |
03.06.2013, 22:41 | #6 |
/// Malware-holic | weißer Bildschrim nach User Login unter Windows 7 du musst ja kein laufwerk eauswählen, wenn du das script, nach otl start einträgst.
__________________ --> weißer Bildschrim nach User Login unter Windows 7 |
03.06.2013, 22:44 | #7 | |
| weißer Bildschrim nach User Login unter Windows 7 so log siehe oben, die Datei gezippt und hoch geladen, aber irgendwie sehe ich die hier im Thema nicht.. ? Zitat:
hab copy paste gemacht, dies funktionierte dann nach ein paar Versuchen. EDIT ich weiß nicht wie lange der PC den Fehler hat, die letzten geänderten Dateien scheinen von März zu sein, daher hab ich zur Sicherheit OTLPE nochmal mit 90 days eingestellt und gestartet Code:
ATTFilter OTL logfile created on: 6/4/2013 2:59:48 AM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 109.88 Gb Total Space | 51.31 Gb Free Space | 46.69% Space Free | Partition Type: NTFS Drive E: | 983.73 Mb Total Space | 419.89 Mb Free Space | 42.68% Space Free | Partition Type: FAT Drive F: | 110.00 Gb Total Space | 100.78 Gb Free Space | 91.61% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV - [2012/05/08 12:59:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012/05/08 12:59:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/05/08 12:59:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/07/29 14:26:02 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2008/10/19 08:30:02 | 000,222,456 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2008/07/10 07:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008/07/10 07:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008/05/12 19:47:20 | 000,077,480 | ---- | M] () [Auto] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/16 04:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (VMC326) DRV - File not found [Kernel | On_Demand] -- -- (VMC302) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand] -- -- (IpInIp) DRV - [2012/05/08 12:59:34 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012/05/08 12:59:34 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/09/16 11:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2009/10/08 11:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008/11/18 11:26:40 | 000,103,552 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\gtstusbser.sys -- (gtstusbser) DRV - [2008/04/26 22:07:00 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2007/05/23 04:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2006/11/02 03:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/ IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C5 51 1F 09 92 7A CC 01 [binary data] IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\sven_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\sven_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\sven_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\sven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\sven_ON_C..\Run: [{19E4F906-0FCA-6C68-0686-DA2B181F56B4}] File not found O4 - HKU\sven_ON_C..\Run: [4E3E0230AEBB4E96] File not found O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\sven_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011/11/08 07:07:50 | 000,000,000 | ---D | M] - F:\auto -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2013/06/04 02:36:42 | 000,000,000 | ---D | C] -- C:\_OTL [2013/04/11 14:36:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/04/11 14:36:28 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2013/04/11 14:36:26 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/04/11 14:36:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/04/11 14:36:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/04/11 14:36:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/04/11 14:36:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2013/04/11 14:36:24 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/04/11 14:36:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/04/11 14:36:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/04/10 08:14:32 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013/04/10 08:14:31 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013/04/10 08:14:31 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2013/04/10 08:14:28 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013/04/10 08:14:26 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013/03/21 15:39:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2010/08/25 13:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll ========== Files - Modified Within 90 Days ========== [2013/06/03 15:12:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/06/03 15:12:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/06/03 15:12:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/06/03 14:49:36 | 000,000,680 | ---- | M] () -- C:\Users\sven\AppData\Local\d3d9caps.dat [2013/06/03 14:47:41 | 3179,921,408 | -HS- | M] () -- C:\hiberfil.sys [2013/05/05 10:29:02 | 000,000,912 | ---- | M] () -- C:\Users\sven\Desktop\Dokument.rtf [2013/05/05 04:44:40 | 000,179,693 | ---- | M] () -- C:\Users\sven\Desktop\Einladung-Einladungskarten-Hochzeit-fhe%20(2).jpg [2013/05/01 20:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013/04/27 14:13:41 | 000,675,412 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013/04/27 14:13:41 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/04/27 14:13:41 | 000,146,368 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013/04/27 14:13:41 | 000,118,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/04/11 15:00:42 | 000,368,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/03/31 03:09:59 | 000,000,869 | ---- | M] () -- C:\Users\sven\Desktop\tiptoi.lnk [2013/03/17 11:45:01 | 000,007,680 | ---- | M] () -- C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/03/17 11:41:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013/03/11 09:25:50 | 003,603,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013/03/11 09:25:50 | 003,551,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013/03/08 23:45:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2013/03/07 23:53:50 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll ========== Files Created - No Company Name ========== [2013/05/05 10:29:02 | 000,000,912 | ---- | C] () -- C:\Users\sven\Desktop\Dokument.rtf [2013/05/05 10:12:54 | 000,179,693 | ---- | C] () -- C:\Users\sven\Desktop\Einladung-Einladungskarten-Hochzeit-fhe%20(2).jpg [2012/03/14 23:29:18 | 000,000,680 | ---- | C] () -- C:\Users\sven\AppData\Local\d3d9caps.dat [2011/12/31 10:37:40 | 000,007,680 | ---- | C] () -- C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/10/12 06:32:47 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2010/08/25 14:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010/08/25 14:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010/08/25 14:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010/08/25 13:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2010/08/25 13:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010/08/25 13:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2009/08/22 14:13:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/22 14:13:21 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/03/31 08:55:13 | 000,001,007 | ---- | C] () -- C:\Windows\Mobile Partner Manager.INI [2009/01/02 03:06:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/01/02 02:27:20 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2009/01/02 02:26:25 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2009/01/02 02:26:25 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2009/01/02 02:18:23 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe [2009/01/02 02:18:23 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe [2009/01/02 02:18:07 | 000,004,860 | ---- | C] () -- C:\Windows\HotFixList.ini [2009/01/02 01:59:29 | 000,675,412 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009/01/02 01:59:29 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009/01/02 01:59:29 | 000,146,368 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009/01/02 01:59:29 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009/01/02 01:51:14 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2009/01/02 01:51:04 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1540.dll [2009/01/02 01:51:03 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2008/02/09 12:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2007/02/26 03:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat [2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:47:37 | 000,368,568 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 06:33:01 | 000,633,886 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 06:33:01 | 000,118,772 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001/11/13 23:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2011/09/29 14:46:53 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\DVDVideoSoft [2011/09/29 14:46:28 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\DVDVideoSoftIEHelpers [2010/07/28 14:44:04 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\ICQ [2011/06/21 14:30:58 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\Qiyl [2012/12/29 13:05:12 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\RavensburgerTipToi [2011/06/21 14:25:19 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\Wyul [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente [2009/11/17 10:13:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites [2009/03/31 09:26:59 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ [2013/03/31 03:09:22 | 000,000,000 | ---D | M] -- C:\ProgramData\RavensburgerTipToi [2009/01/02 02:19:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming [2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü [2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates [2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen [2009/01/02 02:46:59 | 000,000,000 | ---D | M] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1} [2013/06/03 15:12:45 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/12/16 08:56:54 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{27DB8BB8-9817-4932-A2CA-332B0EECBCA5}.job ========== Purity Check ========== < End of report > Geändert von charlien (03.06.2013 um 23:02 Uhr) |
04.06.2013, 00:09 | #8 |
/// Malware-holic | weißer Bildschrim nach User Login unter Windows 7 wenn er wieder normal startet: Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
04.06.2013, 16:50 | #9 |
| weißer Bildschrim nach User Login unter Windows 7 Hallo Markus schön von dir zu lesen, dachte schon gestern Nacht, das ich was falsch gemacht hab und du deshalb nicht weiter machen konntest, wartete geduldig vor dem PC bis mir die Augen zufielen. Die Log ist zu groß für ein post, aber auch als Anhang splitte Sie nun Code:
ATTFilter 20:43:26.0158 2104 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 20:43:26.0174 2104 ============================================================ 20:43:26.0174 2104 Current date / time: 2013/06/04 20:43:26.0174 20:43:26.0174 2104 SystemInfo: 20:43:26.0174 2104 20:43:26.0174 2104 OS Version: 6.0.6002 ServicePack: 2.0 20:43:26.0174 2104 Product type: Workstation 20:43:26.0174 2104 ComputerName: SVEN-PC 20:43:26.0174 2104 UserName: sven 20:43:26.0174 2104 Windows directory: C:\Windows 20:43:26.0174 2104 System windows directory: C:\Windows 20:43:26.0174 2104 Processor architecture: Intel x86 20:43:26.0174 2104 Number of processors: 2 20:43:26.0174 2104 Page size: 0x1000 20:43:26.0174 2104 Boot type: Normal boot 20:43:26.0174 2104 ============================================================ 20:43:26.0782 2104 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:43:26.0798 2104 Drive \Device\Harddisk2\DR2 - Size: 0x3D800000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 20:43:26.0798 2104 ============================================================ 20:43:26.0798 2104 \Device\Harddisk0\DR0: 20:43:26.0798 2104 MBR partitions: 20:43:26.0798 2104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0xDBC3800 20:43:26.0798 2104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF5C4000, BlocksNum 0xDC01000 20:43:26.0798 2104 \Device\Harddisk2\DR2: 20:43:26.0798 2104 MBR partitions: 20:43:26.0798 2104 ============================================================ 20:43:26.0829 2104 C: <-> \Device\Harddisk0\DR0\Partition1 20:43:26.0938 2104 D: <-> \Device\Harddisk0\DR0\Partition2 20:43:26.0938 2104 ============================================================ 20:43:26.0938 2104 Initialize success 20:43:26.0938 2104 ============================================================ 20:43:44.0207 1760 ============================================================ 20:43:44.0207 1760 Scan started 20:43:44.0207 1760 Mode: Manual; SigCheck; TDLFS; 20:43:44.0207 1760 ============================================================ 20:43:44.0706 1760 ================ Scan system memory ======================== 20:43:44.0706 1760 System memory - ok 20:43:44.0706 1760 ================ Scan services ============================= 20:43:44.0894 1760 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 20:43:45.0003 1760 ACPI - ok 20:43:45.0065 1760 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 20:43:45.0112 1760 adp94xx - ok 20:43:45.0128 1760 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 20:43:45.0174 1760 adpahci - ok 20:43:45.0206 1760 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 20:43:45.0221 1760 adpu160m - ok 20:43:45.0268 1760 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 20:43:45.0284 1760 adpu320 - ok 20:43:45.0315 1760 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:43:45.0330 1760 AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning 20:43:45.0330 1760 AeLookupSvc - detected UnsignedFile.Multi.Generic (1) 20:43:45.0362 1760 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 20:43:45.0377 1760 AFD ( UnsignedFile.Multi.Generic ) - warning 20:43:45.0377 1760 AFD - detected UnsignedFile.Multi.Generic (1) 20:43:45.0408 1760 [ 5D97943C128ED756D1B0A08302C1B1F8 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys 20:43:45.0518 1760 AgereSoftModem ( UnsignedFile.Multi.Generic ) - warning 20:43:45.0518 1760 AgereSoftModem - detected UnsignedFile.Multi.Generic (1) 20:43:45.0564 1760 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 20:43:45.0580 1760 agp440 - ok 20:43:45.0627 1760 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 20:43:45.0658 1760 aic78xx - ok 20:43:45.0674 1760 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 20:43:45.0689 1760 ALG ( UnsignedFile.Multi.Generic ) - warning 20:43:45.0689 1760 ALG - detected UnsignedFile.Multi.Generic (1) 20:43:45.0705 1760 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 20:43:45.0736 1760 aliide - ok 20:43:45.0752 1760 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 20:43:45.0767 1760 amdagp - ok 20:43:45.0798 1760 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 20:43:45.0814 1760 amdide - ok 20:43:45.0830 1760 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 20:43:45.0845 1760 AmdK7 ( UnsignedFile.Multi.Generic ) - warning 20:43:45.0845 1760 AmdK7 - detected UnsignedFile.Multi.Generic (1) 20:43:45.0876 1760 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 20:43:45.0876 1760 AmdK8 ( UnsignedFile.Multi.Generic ) - warning 20:43:45.0876 1760 AmdK8 - detected UnsignedFile.Multi.Generic (1) 20:43:46.0001 1760 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 20:43:46.0032 1760 AntiVirSchedulerService - ok 20:43:46.0079 1760 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 20:43:46.0110 1760 AntiVirService - ok 20:43:46.0126 1760 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE 20:43:46.0157 1760 AntiVirWebService - ok 20:43:46.0204 1760 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 20:43:46.0204 1760 Appinfo ( UnsignedFile.Multi.Generic ) - warning 20:43:46.0204 1760 Appinfo - detected UnsignedFile.Multi.Generic (1) 20:43:46.0266 1760 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 20:43:46.0313 1760 arc - ok 20:43:46.0344 1760 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 20:43:46.0391 1760 arcsas - ok 20:43:46.0422 1760 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:43:46.0438 1760 AsyncMac ( UnsignedFile.Multi.Generic ) - warning 20:43:46.0438 1760 AsyncMac - detected UnsignedFile.Multi.Generic (1) 20:43:46.0454 1760 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys 20:43:46.0485 1760 atapi - ok 20:43:46.0532 1760 [ 600EFE56F37ADBD65A0FB076B50D1B8D ] athr C:\Windows\system32\DRIVERS\athr.sys 20:43:46.0594 1760 athr ( UnsignedFile.Multi.Generic ) - warning 20:43:46.0594 1760 athr - detected UnsignedFile.Multi.Generic (1) 20:43:46.0625 1760 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:43:46.0641 1760 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning 20:43:46.0641 1760 AudioEndpointBuilder - detected UnsignedFile.Multi.Generic (1) 20:43:46.0672 1760 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 20:43:46.0688 1760 Audiosrv ( UnsignedFile.Multi.Generic ) - warning 20:43:46.0688 1760 Audiosrv - detected UnsignedFile.Multi.Generic (1) 20:43:46.0719 1760 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 20:43:46.0750 1760 avgntflt - ok 20:43:46.0766 1760 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 20:43:46.0797 1760 avipbb - ok 20:43:46.0812 1760 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 20:43:46.0844 1760 avkmgr - ok 20:43:46.0875 1760 [ 08015D34F6FDD0B355805BAD978497C3 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys 20:43:46.0890 1760 bcm4sbxp ( UnsignedFile.Multi.Generic ) - warning 20:43:46.0890 1760 bcm4sbxp - detected UnsignedFile.Multi.Generic (1) 20:43:46.0968 1760 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 20:43:46.0984 1760 BcmSqlStartupSvc - ok 20:43:47.0015 1760 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 20:43:47.0031 1760 Beep ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0031 1760 Beep - detected UnsignedFile.Multi.Generic (1) 20:43:47.0078 1760 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 20:43:47.0093 1760 BFE ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0093 1760 BFE - detected UnsignedFile.Multi.Generic (1) 20:43:47.0140 1760 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll 20:43:47.0202 1760 BITS ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0202 1760 BITS - detected UnsignedFile.Multi.Generic (1) 20:43:47.0234 1760 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 20:43:47.0249 1760 blbdrive ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0249 1760 blbdrive - detected UnsignedFile.Multi.Generic (1) 20:43:47.0280 1760 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:43:47.0280 1760 bowser ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0280 1760 bowser - detected UnsignedFile.Multi.Generic (1) 20:43:47.0312 1760 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 20:43:47.0327 1760 BrFiltLo ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0327 1760 BrFiltLo - detected UnsignedFile.Multi.Generic (1) 20:43:47.0343 1760 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 20:43:47.0358 1760 BrFiltUp ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0358 1760 BrFiltUp - detected UnsignedFile.Multi.Generic (1) 20:43:47.0390 1760 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 20:43:47.0405 1760 Browser ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0405 1760 Browser - detected UnsignedFile.Multi.Generic (1) 20:43:47.0421 1760 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 20:43:47.0436 1760 Brserid ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0436 1760 Brserid - detected UnsignedFile.Multi.Generic (1) 20:43:47.0452 1760 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 20:43:47.0468 1760 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0468 1760 BrSerWdm - detected UnsignedFile.Multi.Generic (1) 20:43:47.0483 1760 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 20:43:47.0499 1760 BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0499 1760 BrUsbMdm - detected UnsignedFile.Multi.Generic (1) 20:43:47.0514 1760 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 20:43:47.0514 1760 BrUsbSer ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0514 1760 BrUsbSer - detected UnsignedFile.Multi.Generic (1) 20:43:47.0530 1760 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 20:43:47.0546 1760 BTHMODEM ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0546 1760 BTHMODEM - detected UnsignedFile.Multi.Generic (1) 20:43:47.0655 1760 [ AA84638EB071A54FAEF41DA601D3DE1D ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 20:43:47.0670 1760 btwdins - ok 20:43:47.0686 1760 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:43:47.0702 1760 cdfs ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0702 1760 cdfs - detected UnsignedFile.Multi.Generic (1) 20:43:47.0733 1760 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:43:47.0733 1760 cdrom ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0733 1760 cdrom - detected UnsignedFile.Multi.Generic (1) 20:43:47.0780 1760 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 20:43:47.0780 1760 CertPropSvc ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0780 1760 CertPropSvc - detected UnsignedFile.Multi.Generic (1) 20:43:47.0811 1760 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 20:43:47.0811 1760 circlass ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0811 1760 circlass - detected UnsignedFile.Multi.Generic (1) 20:43:47.0842 1760 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 20:43:47.0889 1760 CLFS - ok 20:43:47.0920 1760 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:43:47.0951 1760 clr_optimization_v2.0.50727_32 - ok 20:43:47.0982 1760 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 20:43:47.0998 1760 CmBatt ( UnsignedFile.Multi.Generic ) - warning 20:43:47.0998 1760 CmBatt - detected UnsignedFile.Multi.Generic (1) 20:43:48.0014 1760 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:43:48.0029 1760 cmdide - ok 20:43:48.0045 1760 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 20:43:48.0060 1760 Compbatt - ok 20:43:48.0060 1760 COMSysApp - ok 20:43:48.0092 1760 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 20:43:48.0107 1760 crcdisk - ok 20:43:48.0107 1760 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 20:43:48.0123 1760 Crusoe ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0123 1760 Crusoe - detected UnsignedFile.Multi.Generic (1) 20:43:48.0170 1760 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:43:48.0170 1760 CryptSvc ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0170 1760 CryptSvc - detected UnsignedFile.Multi.Generic (1) 20:43:48.0216 1760 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:43:48.0263 1760 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0263 1760 DcomLaunch - detected UnsignedFile.Multi.Generic (1) 20:43:48.0294 1760 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:43:48.0310 1760 DfsC ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0310 1760 DfsC - detected UnsignedFile.Multi.Generic (1) 20:43:48.0435 1760 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 20:43:48.0544 1760 DFSR ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0544 1760 DFSR - detected UnsignedFile.Multi.Generic (1) 20:43:48.0606 1760 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 20:43:48.0606 1760 Dhcp ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0606 1760 Dhcp - detected UnsignedFile.Multi.Generic (1) 20:43:48.0653 1760 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 20:43:48.0669 1760 disk - ok 20:43:48.0731 1760 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:43:48.0731 1760 Dnscache ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0731 1760 Dnscache - detected UnsignedFile.Multi.Generic (1) 20:43:48.0778 1760 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 20:43:48.0794 1760 dot3svc ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0794 1760 dot3svc - detected UnsignedFile.Multi.Generic (1) 20:43:48.0840 1760 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 20:43:48.0840 1760 DPS ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0840 1760 DPS - detected UnsignedFile.Multi.Generic (1) 20:43:48.0872 1760 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:43:48.0887 1760 drmkaud ( UnsignedFile.Multi.Generic ) - warning 20:43:48.0887 1760 drmkaud - detected UnsignedFile.Multi.Generic (1) 20:43:48.0965 1760 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:43:49.0012 1760 DXGKrnl - ok 20:43:49.0059 1760 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 20:43:49.0074 1760 E1G60 ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0074 1760 E1G60 - detected UnsignedFile.Multi.Generic (1) 20:43:49.0121 1760 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 20:43:49.0137 1760 EapHost ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0137 1760 EapHost - detected UnsignedFile.Multi.Generic (1) 20:43:49.0184 1760 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 20:43:49.0215 1760 Ecache - ok 20:43:49.0277 1760 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:43:49.0293 1760 ehRecvr ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0293 1760 ehRecvr - detected UnsignedFile.Multi.Generic (1) 20:43:49.0308 1760 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 20:43:49.0324 1760 ehSched ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0324 1760 ehSched - detected UnsignedFile.Multi.Generic (1) 20:43:49.0324 1760 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 20:43:49.0340 1760 ehstart ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0340 1760 ehstart - detected UnsignedFile.Multi.Generic (1) 20:43:49.0386 1760 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 20:43:49.0418 1760 elxstor - ok 20:43:49.0464 1760 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 20:43:49.0511 1760 EMDMgmt ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0511 1760 EMDMgmt - detected UnsignedFile.Multi.Generic (1) 20:43:49.0542 1760 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:43:49.0558 1760 ErrDev ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0558 1760 ErrDev - detected UnsignedFile.Multi.Generic (1) 20:43:49.0589 1760 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 20:43:49.0605 1760 EventSystem ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0605 1760 EventSystem - detected UnsignedFile.Multi.Generic (1) 20:43:49.0683 1760 [ 2D41D7250F73272946DE04FF7A19761E ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 20:43:49.0730 1760 EvtEng ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0730 1760 EvtEng - detected UnsignedFile.Multi.Generic (1) 20:43:49.0776 1760 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 20:43:49.0808 1760 exfat ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0808 1760 exfat - detected UnsignedFile.Multi.Generic (1) 20:43:49.0839 1760 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:43:49.0854 1760 fastfat ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0854 1760 fastfat - detected UnsignedFile.Multi.Generic (1) 20:43:49.0901 1760 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 20:43:49.0901 1760 fdc ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0901 1760 fdc - detected UnsignedFile.Multi.Generic (1) 20:43:49.0917 1760 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 20:43:49.0932 1760 fdPHost ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0932 1760 fdPHost - detected UnsignedFile.Multi.Generic (1) 20:43:49.0948 1760 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 20:43:49.0948 1760 FDResPub ( UnsignedFile.Multi.Generic ) - warning 20:43:49.0948 1760 FDResPub - detected UnsignedFile.Multi.Generic (1) 20:43:49.0979 1760 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:43:49.0995 1760 FileInfo - ok 20:43:50.0010 1760 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:43:50.0026 1760 Filetrace ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0026 1760 Filetrace - detected UnsignedFile.Multi.Generic (1) 20:43:50.0042 1760 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 20:43:50.0057 1760 flpydisk ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0057 1760 flpydisk - detected UnsignedFile.Multi.Generic (1) 20:43:50.0088 1760 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:43:50.0104 1760 FltMgr - ok 20:43:50.0166 1760 [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache C:\Windows\system32\FntCache.dll 20:43:50.0213 1760 FontCache ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0213 1760 FontCache - detected UnsignedFile.Multi.Generic (1) 20:43:50.0276 1760 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 20:43:50.0291 1760 FontCache3.0.0.0 - ok 20:43:50.0338 1760 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:43:50.0354 1760 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0354 1760 Fs_Rec - detected UnsignedFile.Multi.Generic (1) 20:43:50.0385 1760 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 20:43:50.0400 1760 gagp30kx - ok 20:43:50.0447 1760 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 20:43:50.0510 1760 gpsvc ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0510 1760 gpsvc - detected UnsignedFile.Multi.Generic (1) 20:43:50.0556 1760 [ B980D6F28324183C71D9BFFA9D022F52 ] gtstusbser C:\Windows\system32\DRIVERS\gtstusbser.sys 20:43:50.0572 1760 gtstusbser ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0572 1760 gtstusbser - detected UnsignedFile.Multi.Generic (1) 20:43:50.0634 1760 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:43:50.0666 1760 HdAudAddService ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0666 1760 HdAudAddService - detected UnsignedFile.Multi.Generic (1) 20:43:50.0697 1760 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 20:43:50.0728 1760 HDAudBus ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0728 1760 HDAudBus - detected UnsignedFile.Multi.Generic (1) 20:43:50.0759 1760 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 20:43:50.0759 1760 HidBth ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0759 1760 HidBth - detected UnsignedFile.Multi.Generic (1) 20:43:50.0775 1760 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 20:43:50.0790 1760 HidIr ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0790 1760 HidIr - detected UnsignedFile.Multi.Generic (1) 20:43:50.0822 1760 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll 20:43:50.0822 1760 hidserv ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0822 1760 hidserv - detected UnsignedFile.Multi.Generic (1) 20:43:50.0853 1760 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:43:50.0868 1760 HidUsb ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0868 1760 HidUsb - detected UnsignedFile.Multi.Generic (1) 20:43:50.0900 1760 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:43:50.0900 1760 hkmsvc ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0900 1760 hkmsvc - detected UnsignedFile.Multi.Generic (1) 20:43:50.0915 1760 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 20:43:50.0931 1760 HpCISSs - ok 20:43:50.0978 1760 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:43:50.0993 1760 HTTP ( UnsignedFile.Multi.Generic ) - warning 20:43:50.0993 1760 HTTP - detected UnsignedFile.Multi.Generic (1) 20:43:51.0024 1760 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 20:43:51.0056 1760 i2omp - ok 20:43:51.0087 1760 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 20:43:51.0102 1760 i8042prt ( UnsignedFile.Multi.Generic ) - warning 20:43:51.0102 1760 i8042prt - detected UnsignedFile.Multi.Generic (1) 20:43:51.0368 1760 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys 20:43:51.0789 1760 ialm ( UnsignedFile.Multi.Generic ) - warning 20:43:51.0789 1760 ialm - detected UnsignedFile.Multi.Generic (1) 20:43:51.0820 1760 [ ABFEBC5F846C71AFEBD7F8F6BA740C03 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 20:43:51.0851 1760 iaStor - ok 20:43:51.0867 1760 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 20:43:51.0914 1760 iaStorV - ok 20:43:51.0945 1760 [ A4E43A7AB1202356BEBEB6B798F15488 ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe 20:43:51.0960 1760 ICQ Service - ok 20:43:52.0023 1760 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:43:52.0116 1760 idsvc - ok 20:43:52.0413 1760 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 20:43:52.0787 1760 igfx ( UnsignedFile.Multi.Generic ) - warning 20:43:52.0787 1760 igfx - detected UnsignedFile.Multi.Generic (1) 20:43:52.0803 1760 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 20:43:52.0818 1760 iirsp - ok 20:43:52.0865 1760 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 20:43:52.0881 1760 IKEEXT ( UnsignedFile.Multi.Generic ) - warning 20:43:52.0881 1760 IKEEXT - detected UnsignedFile.Multi.Generic (1) 20:43:52.0974 1760 [ FFD2B3BC042596ABE785D3C15F51AB46 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 20:43:53.0130 1760 IntcAzAudAddService - ok 20:43:53.0177 1760 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 20:43:53.0193 1760 intelide - ok 20:43:53.0240 1760 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:43:53.0240 1760 intelppm ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0240 1760 intelppm - detected UnsignedFile.Multi.Generic (1) 20:43:53.0271 1760 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:43:53.0271 1760 IPBusEnum ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0271 1760 IPBusEnum - detected UnsignedFile.Multi.Generic (1) 20:43:53.0302 1760 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:43:53.0318 1760 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0318 1760 IpFilterDriver - detected UnsignedFile.Multi.Generic (1) 20:43:53.0364 1760 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:43:53.0380 1760 iphlpsvc ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0380 1760 iphlpsvc - detected UnsignedFile.Multi.Generic (1) 20:43:53.0380 1760 IpInIp - ok 20:43:53.0411 1760 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 20:43:53.0427 1760 IPMIDRV ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0427 1760 IPMIDRV - detected UnsignedFile.Multi.Generic (1) 20:43:53.0442 1760 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 20:43:53.0458 1760 IPNAT ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0458 1760 IPNAT - detected UnsignedFile.Multi.Generic (1) 20:43:53.0474 1760 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:43:53.0489 1760 IRENUM ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0489 1760 IRENUM - detected UnsignedFile.Multi.Generic (1) 20:43:53.0505 1760 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:43:53.0520 1760 isapnp - ok 20:43:53.0552 1760 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 20:43:53.0567 1760 iScsiPrt - ok 20:43:53.0583 1760 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 20:43:53.0614 1760 iteatapi - ok 20:43:53.0630 1760 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 20:43:53.0645 1760 iteraid - ok 20:43:53.0676 1760 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 20:43:53.0692 1760 kbdclass - ok 20:43:53.0723 1760 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:43:53.0739 1760 kbdhid ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0739 1760 kbdhid - detected UnsignedFile.Multi.Generic (1) 20:43:53.0754 1760 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe 20:43:53.0770 1760 KeyIso ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0770 1760 KeyIso - detected UnsignedFile.Multi.Generic (1) 20:43:53.0786 1760 [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys 20:43:53.0801 1760 KMDFMEMIO ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0801 1760 KMDFMEMIO - detected UnsignedFile.Multi.Generic (1) 20:43:53.0832 1760 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:43:53.0864 1760 KSecDD - ok 20:43:53.0895 1760 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 20:43:53.0942 1760 KtmRm ( UnsignedFile.Multi.Generic ) - warning 20:43:53.0942 1760 KtmRm - detected UnsignedFile.Multi.Generic (1) 20:43:53.0988 1760 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll 20:43:54.0004 1760 LanmanServer ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0004 1760 LanmanServer - detected UnsignedFile.Multi.Generic (1) 20:43:54.0020 1760 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:43:54.0035 1760 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0035 1760 LanmanWorkstation - detected UnsignedFile.Multi.Generic (1) 20:43:54.0082 1760 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:43:54.0082 1760 lltdio ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0082 1760 lltdio - detected UnsignedFile.Multi.Generic (1) 20:43:54.0113 1760 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:43:54.0144 1760 lltdsvc ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0144 1760 lltdsvc - detected UnsignedFile.Multi.Generic (1) 20:43:54.0160 1760 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:43:54.0160 1760 lmhosts ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0160 1760 lmhosts - detected UnsignedFile.Multi.Generic (1) 20:43:54.0191 1760 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 20:43:54.0207 1760 LSI_FC - ok 20:43:54.0222 1760 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 20:43:54.0254 1760 LSI_SAS - ok 20:43:54.0269 1760 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 20:43:54.0285 1760 LSI_SCSI - ok 20:43:54.0316 1760 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 20:43:54.0316 1760 luafv ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0316 1760 luafv - detected UnsignedFile.Multi.Generic (1) 20:43:54.0347 1760 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:43:54.0347 1760 Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0347 1760 Mcx2Svc - detected UnsignedFile.Multi.Generic (1) 20:43:54.0378 1760 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 20:43:54.0394 1760 megasas - ok 20:43:54.0425 1760 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 20:43:54.0472 1760 MegaSR - ok 20:43:54.0503 1760 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 20:43:54.0519 1760 MMCSS ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0519 1760 MMCSS - detected UnsignedFile.Multi.Generic (1) 20:43:54.0534 1760 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 20:43:54.0550 1760 Modem ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0550 1760 Modem - detected UnsignedFile.Multi.Generic (1) 20:43:54.0566 1760 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:43:54.0566 1760 monitor ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0566 1760 monitor - detected UnsignedFile.Multi.Generic (1) 20:43:54.0581 1760 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:43:54.0597 1760 mouclass - ok 20:43:54.0612 1760 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:43:54.0628 1760 mouhid ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0628 1760 mouhid - detected UnsignedFile.Multi.Generic (1) 20:43:54.0644 1760 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 20:43:54.0659 1760 MountMgr - ok 20:43:54.0690 1760 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 20:43:54.0706 1760 mpio - ok 20:43:54.0722 1760 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:43:54.0737 1760 mpsdrv ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0737 1760 mpsdrv - detected UnsignedFile.Multi.Generic (1) 20:43:54.0768 1760 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll 20:43:54.0784 1760 MpsSvc ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0784 1760 MpsSvc - detected UnsignedFile.Multi.Generic (1) 20:43:54.0831 1760 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 20:43:54.0846 1760 Mraid35x - ok 20:43:54.0878 1760 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:43:54.0878 1760 MRxDAV ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0878 1760 MRxDAV - detected UnsignedFile.Multi.Generic (1) 20:43:54.0909 1760 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:43:54.0924 1760 mrxsmb ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0924 1760 mrxsmb - detected UnsignedFile.Multi.Generic (1) 20:43:54.0956 1760 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:43:54.0987 1760 mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning 20:43:54.0987 1760 mrxsmb10 - detected UnsignedFile.Multi.Generic (1) 20:43:55.0002 1760 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:43:55.0018 1760 mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0018 1760 mrxsmb20 - detected UnsignedFile.Multi.Generic (1) 20:43:55.0034 1760 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys 20:43:55.0049 1760 msahci - ok 20:43:55.0065 1760 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:43:55.0080 1760 msdsm - ok 20:43:55.0096 1760 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 20:43:55.0096 1760 MSDTC ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0096 1760 MSDTC - detected UnsignedFile.Multi.Generic (1) 20:43:55.0112 1760 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:43:55.0127 1760 Msfs ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0127 1760 Msfs - detected UnsignedFile.Multi.Generic (1) 20:43:55.0158 1760 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:43:55.0174 1760 msisadrv - ok 20:43:55.0205 1760 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:43:55.0236 1760 MSiSCSI ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0236 1760 MSiSCSI - detected UnsignedFile.Multi.Generic (1) 20:43:55.0236 1760 msiserver - ok 20:43:55.0283 1760 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:43:55.0283 1760 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0283 1760 MSKSSRV - detected UnsignedFile.Multi.Generic (1) 20:43:55.0314 1760 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:43:55.0330 1760 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0330 1760 MSPCLOCK - detected UnsignedFile.Multi.Generic (1) 20:43:55.0361 1760 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:43:55.0377 1760 MSPQM ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0377 1760 MSPQM - detected UnsignedFile.Multi.Generic (1) 20:43:55.0424 1760 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:43:55.0439 1760 MsRPC - ok 20:43:55.0455 1760 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 20:43:55.0470 1760 mssmbios - ok 20:43:55.0517 1760 MSSQL$MSSMLBIZ - ok 20:43:55.0564 1760 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 20:43:55.0580 1760 MSSQLServerADHelper - ok 20:43:55.0611 1760 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:43:55.0626 1760 MSTEE ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0626 1760 MSTEE - detected UnsignedFile.Multi.Generic (1) 20:43:55.0642 1760 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 20:43:55.0658 1760 Mup - ok 20:43:55.0704 1760 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 20:43:55.0720 1760 napagent ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0720 1760 napagent - detected UnsignedFile.Multi.Generic (1) 20:43:55.0751 1760 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:43:55.0751 1760 NativeWifiP ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0751 1760 NativeWifiP - detected UnsignedFile.Multi.Generic (1) 20:43:55.0798 1760 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:43:55.0814 1760 NDIS - ok 20:43:55.0845 1760 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:43:55.0860 1760 NdisTapi ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0860 1760 NdisTapi - detected UnsignedFile.Multi.Generic (1) 20:43:55.0876 1760 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:43:55.0892 1760 Ndisuio ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0892 1760 Ndisuio - detected UnsignedFile.Multi.Generic (1) 20:43:55.0938 1760 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:43:55.0954 1760 NdisWan ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0954 1760 NdisWan - detected UnsignedFile.Multi.Generic (1) 20:43:55.0970 1760 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:43:55.0970 1760 NDProxy ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0970 1760 NDProxy - detected UnsignedFile.Multi.Generic (1) 20:43:55.0985 1760 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:43:55.0985 1760 NetBIOS ( UnsignedFile.Multi.Generic ) - warning 20:43:55.0985 1760 NetBIOS - detected UnsignedFile.Multi.Generic (1) 20:43:56.0016 1760 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 20:43:56.0032 1760 netbt ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0048 1760 netbt - detected UnsignedFile.Multi.Generic (1) 20:43:56.0048 1760 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe 20:43:56.0063 1760 Netlogon ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0063 1760 Netlogon - detected UnsignedFile.Multi.Generic (1) 20:43:56.0094 1760 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 20:43:56.0110 1760 Netman ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0110 1760 Netman - detected UnsignedFile.Multi.Generic (1) 20:43:56.0126 1760 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 20:43:56.0141 1760 netprofm ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0141 1760 netprofm - detected UnsignedFile.Multi.Generic (1) 20:43:56.0172 1760 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:43:56.0188 1760 NetTcpPortSharing - ok 20:43:56.0282 1760 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys 20:43:56.0500 1760 NETw3v32 ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0500 1760 NETw3v32 - detected UnsignedFile.Multi.Generic (1) 20:43:56.0547 1760 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 20:43:56.0562 1760 nfrd960 - ok 20:43:56.0594 1760 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 20:43:56.0609 1760 NlaSvc ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0609 1760 NlaSvc - detected UnsignedFile.Multi.Generic (1) 20:43:56.0640 1760 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:43:56.0640 1760 Npfs ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0640 1760 Npfs - detected UnsignedFile.Multi.Generic (1) 20:43:56.0672 1760 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 20:43:56.0672 1760 nsi ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0672 1760 nsi - detected UnsignedFile.Multi.Generic (1) 20:43:56.0687 1760 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:43:56.0703 1760 nsiproxy ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0703 1760 nsiproxy - detected UnsignedFile.Multi.Generic (1) 20:43:56.0765 1760 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:43:56.0843 1760 Ntfs - ok 20:43:56.0859 1760 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 20:43:56.0874 1760 ntrigdigi ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0874 1760 ntrigdigi - detected UnsignedFile.Multi.Generic (1) 20:43:56.0890 1760 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 20:43:56.0906 1760 Null ( UnsignedFile.Multi.Generic ) - warning 20:43:56.0906 1760 Null - detected UnsignedFile.Multi.Generic (1) 20:43:56.0921 1760 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:43:56.0937 1760 nvraid - ok 20:43:56.0952 1760 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:43:56.0968 1760 nvstor - ok 20:43:56.0984 1760 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:43:56.0999 1760 nv_agp - ok 20:43:56.0999 1760 NwlnkFlt - ok 20:43:56.0999 1760 NwlnkFwd - ok 20:43:57.0108 1760 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:43:57.0140 1760 odserv - ok 20:43:57.0171 1760 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 20:43:57.0186 1760 ohci1394 ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0186 1760 ohci1394 - detected UnsignedFile.Multi.Generic (1) 20:43:57.0218 1760 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:43:57.0233 1760 ose - ok 20:43:57.0264 1760 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 20:43:57.0311 1760 p2pimsvc ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0311 1760 p2pimsvc - detected UnsignedFile.Multi.Generic (1) 20:43:57.0327 1760 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 20:43:57.0358 1760 p2psvc ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0358 1760 p2psvc - detected UnsignedFile.Multi.Generic (1) 20:43:57.0389 1760 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 20:43:57.0389 1760 Parport ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0389 1760 Parport - detected UnsignedFile.Multi.Generic (1) 20:43:57.0420 1760 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:43:57.0436 1760 partmgr - ok 20:43:57.0452 1760 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 20:43:57.0467 1760 Parvdm ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0467 1760 Parvdm - detected UnsignedFile.Multi.Generic (1) 20:43:57.0498 1760 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 20:43:57.0498 1760 PcaSvc ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0498 1760 PcaSvc - detected UnsignedFile.Multi.Generic (1) 20:43:57.0530 1760 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 20:43:57.0545 1760 pci - ok 20:43:57.0561 1760 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 20:43:57.0576 1760 pciide - ok 20:43:57.0608 1760 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 20:43:57.0639 1760 pcmcia - ok 20:43:57.0686 1760 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:43:57.0748 1760 PEAUTH ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0748 1760 PEAUTH - detected UnsignedFile.Multi.Generic (1) 20:43:57.0810 1760 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 20:43:57.0888 1760 pla ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0888 1760 pla - detected UnsignedFile.Multi.Generic (1) 20:43:57.0935 1760 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:43:57.0935 1760 PlugPlay ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0951 1760 PlugPlay - detected UnsignedFile.Multi.Generic (1) 20:43:57.0966 1760 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 20:43:57.0998 1760 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning 20:43:57.0998 1760 PNRPAutoReg - detected UnsignedFile.Multi.Generic (1) 20:43:58.0029 1760 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 20:43:58.0044 1760 PNRPsvc ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0044 1760 PNRPsvc - detected UnsignedFile.Multi.Generic (1) 20:43:58.0091 1760 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:43:58.0122 1760 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0122 1760 PolicyAgent - detected UnsignedFile.Multi.Generic (1) 20:43:58.0138 1760 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:43:58.0154 1760 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0154 1760 PptpMiniport - detected UnsignedFile.Multi.Generic (1) 20:43:58.0185 1760 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 20:43:58.0200 1760 Processor ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0200 1760 Processor - detected UnsignedFile.Multi.Generic (1) 20:43:58.0216 1760 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 20:43:58.0232 1760 ProfSvc ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0232 1760 ProfSvc - detected UnsignedFile.Multi.Generic (1) 20:43:58.0247 1760 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe 20:43:58.0263 1760 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0263 1760 ProtectedStorage - detected UnsignedFile.Multi.Generic (1) 20:43:58.0294 1760 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 20:43:58.0294 1760 PSched ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0294 1760 PSched - detected UnsignedFile.Multi.Generic (1) 20:43:58.0356 1760 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 20:43:58.0481 1760 ql2300 - ok 20:43:58.0497 1760 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 20:43:58.0512 1760 ql40xx - ok 20:43:58.0559 1760 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 20:43:58.0575 1760 QWAVE ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0575 1760 QWAVE - detected UnsignedFile.Multi.Generic (1) 20:43:58.0575 1760 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:43:58.0590 1760 QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0590 1760 QWAVEdrv - detected UnsignedFile.Multi.Generic (1) 20:43:58.0606 1760 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:43:58.0622 1760 RasAcd ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0622 1760 RasAcd - detected UnsignedFile.Multi.Generic (1) 20:43:58.0637 1760 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 20:43:58.0653 1760 RasAuto ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0653 1760 RasAuto - detected UnsignedFile.Multi.Generic (1) 20:43:58.0653 1760 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:43:58.0668 1760 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0668 1760 Rasl2tp - detected UnsignedFile.Multi.Generic (1) 20:43:58.0700 1760 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 20:43:58.0715 1760 RasMan ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0715 1760 RasMan - detected UnsignedFile.Multi.Generic (1) 20:43:58.0746 1760 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:43:58.0746 1760 RasPppoe ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0746 1760 RasPppoe - detected UnsignedFile.Multi.Generic (1) 20:43:58.0793 1760 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:43:58.0793 1760 RasSstp ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0793 1760 RasSstp - detected UnsignedFile.Multi.Generic (1) 20:43:58.0824 1760 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:43:58.0840 1760 rdbss ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0840 1760 rdbss - detected UnsignedFile.Multi.Generic (1) 20:43:58.0871 1760 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:43:58.0887 1760 RDPCDD ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0887 1760 RDPCDD - detected UnsignedFile.Multi.Generic (1) 20:43:58.0902 1760 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 20:43:58.0934 1760 rdpdr ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0934 1760 rdpdr - detected UnsignedFile.Multi.Generic (1) 20:43:58.0934 1760 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:43:58.0949 1760 RDPENCDD ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0949 1760 RDPENCDD - detected UnsignedFile.Multi.Generic (1) 20:43:58.0980 1760 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:43:58.0996 1760 RDPWD ( UnsignedFile.Multi.Generic ) - warning 20:43:58.0996 1760 RDPWD - detected UnsignedFile.Multi.Generic (1) 20:43:59.0058 1760 [ ED8C9F16E10C1E4C4C5D16CD04966E24 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 20:43:59.0074 1760 RegSrvc ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0074 1760 RegSrvc - detected UnsignedFile.Multi.Generic (1) 20:43:59.0121 1760 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:43:59.0136 1760 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0136 1760 RemoteAccess - detected UnsignedFile.Multi.Generic (1) 20:43:59.0168 1760 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:43:59.0168 1760 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0168 1760 RemoteRegistry - detected UnsignedFile.Multi.Generic (1) 20:43:59.0199 1760 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 20:43:59.0199 1760 RpcLocator ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0199 1760 RpcLocator - detected UnsignedFile.Multi.Generic (1) 20:43:59.0230 1760 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll 20:43:59.0246 1760 RpcSs ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0246 1760 RpcSs - detected UnsignedFile.Multi.Generic (1) 20:43:59.0292 1760 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:43:59.0292 1760 rspndr ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0292 1760 rspndr - detected UnsignedFile.Multi.Generic (1) 20:43:59.0339 1760 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe 20:43:59.0355 1760 SamSs ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0355 1760 SamSs - detected UnsignedFile.Multi.Generic (1) 20:43:59.0433 1760 [ A9D840FA78F65857EB554229914F855C ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe 20:43:59.0448 1760 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0448 1760 Samsung Update Plus - detected UnsignedFile.Multi.Generic (1) 20:43:59.0480 1760 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:43:59.0495 1760 sbp2port - ok 20:43:59.0526 1760 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:43:59.0542 1760 SCardSvr ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0542 1760 SCardSvr - detected UnsignedFile.Multi.Generic (1) 20:43:59.0589 1760 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll 20:43:59.0636 1760 Schedule ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0636 1760 Schedule - detected UnsignedFile.Multi.Generic (1) 20:43:59.0682 1760 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 20:43:59.0682 1760 SCPolicySvc ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0682 1760 SCPolicySvc - detected UnsignedFile.Multi.Generic (1) 20:43:59.0714 1760 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 20:43:59.0729 1760 sdbus ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0729 1760 sdbus - detected UnsignedFile.Multi.Generic (1) 20:43:59.0760 1760 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:43:59.0776 1760 SDRSVC ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0776 1760 SDRSVC - detected UnsignedFile.Multi.Generic (1) 20:43:59.0792 1760 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:43:59.0792 1760 secdrv ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0792 1760 secdrv - detected UnsignedFile.Multi.Generic (1) 20:43:59.0823 1760 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 20:43:59.0823 1760 seclogon ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0823 1760 seclogon - detected UnsignedFile.Multi.Generic (1) 20:43:59.0854 1760 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 20:43:59.0854 1760 SENS ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0854 1760 SENS - detected UnsignedFile.Multi.Generic (1) 20:43:59.0870 1760 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 20:43:59.0885 1760 Serenum ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0885 1760 Serenum - detected UnsignedFile.Multi.Generic (1) 20:43:59.0916 1760 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 20:43:59.0932 1760 Serial ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0932 1760 Serial - detected UnsignedFile.Multi.Generic (1) 20:43:59.0963 1760 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 20:43:59.0979 1760 sermouse ( UnsignedFile.Multi.Generic ) - warning 20:43:59.0979 1760 sermouse - detected UnsignedFile.Multi.Generic (1) 20:44:00.0010 1760 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 20:44:00.0026 1760 SessionEnv ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0026 1760 SessionEnv - detected UnsignedFile.Multi.Generic (1) 20:44:00.0041 1760 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:44:00.0057 1760 sffdisk ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0057 1760 sffdisk - detected UnsignedFile.Multi.Generic (1) 20:44:00.0072 1760 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:44:00.0088 1760 sffp_mmc ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0088 1760 sffp_mmc - detected UnsignedFile.Multi.Generic (1) 20:44:00.0104 1760 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:44:00.0119 1760 sffp_sd ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0119 1760 sffp_sd - detected UnsignedFile.Multi.Generic (1) 20:44:00.0135 1760 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 20:44:00.0150 1760 sfloppy ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0150 1760 sfloppy - detected UnsignedFile.Multi.Generic (1) 20:44:00.0182 1760 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:44:00.0197 1760 SharedAccess ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0197 1760 SharedAccess - detected UnsignedFile.Multi.Generic (1) 20:44:00.0228 1760 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:44:00.0244 1760 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0244 1760 ShellHWDetection - detected UnsignedFile.Multi.Generic (1) 20:44:00.0260 1760 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 20:44:00.0275 1760 sisagp - ok 20:44:00.0291 1760 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 20:44:00.0306 1760 SiSRaid2 - ok 20:44:00.0322 1760 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 20:44:00.0353 1760 SiSRaid4 - ok 20:44:00.0462 1760 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 20:44:00.0634 1760 slsvc ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0634 1760 slsvc - detected UnsignedFile.Multi.Generic (1) 20:44:00.0665 1760 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 20:44:00.0681 1760 SLUINotify ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0681 1760 SLUINotify - detected UnsignedFile.Multi.Generic (1) 20:44:00.0712 1760 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:44:00.0728 1760 Smb ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0728 1760 Smb - detected UnsignedFile.Multi.Generic (1) 20:44:00.0759 1760 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:44:00.0759 1760 SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0774 1760 SNMPTRAP - detected UnsignedFile.Multi.Generic (1) 20:44:00.0774 1760 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 20:44:00.0790 1760 spldr - ok 20:44:00.0821 1760 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe 20:44:00.0837 1760 Spooler ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0837 1760 Spooler - detected UnsignedFile.Multi.Generic (1) 20:44:00.0868 1760 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 20:44:00.0884 1760 SQLBrowser - ok 20:44:00.0915 1760 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 20:44:00.0930 1760 SQLWriter - ok 20:44:00.0946 1760 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:44:00.0962 1760 srv ( UnsignedFile.Multi.Generic ) - warning 20:44:00.0962 1760 srv - detected UnsignedFile.Multi.Generic (1) 20:44:00.0993 1760 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:44:01.0008 1760 srv2 ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0008 1760 srv2 - detected UnsignedFile.Multi.Generic (1) 20:44:01.0040 1760 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:44:01.0055 1760 srvnet ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0055 1760 srvnet - detected UnsignedFile.Multi.Generic (1) 20:44:01.0086 1760 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:44:01.0086 1760 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0086 1760 SSDPSRV - detected UnsignedFile.Multi.Generic (1) 20:44:01.0118 1760 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 20:44:01.0133 1760 ssmdrv - ok 20:44:01.0149 1760 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:44:01.0164 1760 SstpSvc ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0164 1760 SstpSvc - detected UnsignedFile.Multi.Generic (1) 20:44:01.0180 1760 Steam Client Service - ok 20:44:01.0227 1760 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 20:44:01.0242 1760 stisvc ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0242 1760 stisvc - detected UnsignedFile.Multi.Generic (1) 20:44:01.0289 1760 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 20:44:01.0305 1760 swenum - ok 20:44:01.0320 1760 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 20:44:01.0336 1760 swprv ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0336 1760 swprv - detected UnsignedFile.Multi.Generic (1) 20:44:01.0367 1760 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 20:44:01.0367 1760 Symc8xx - ok 20:44:01.0398 1760 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 20:44:01.0414 1760 Sym_hi - ok 20:44:01.0445 1760 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 20:44:01.0461 1760 Sym_u3 - ok 20:44:01.0492 1760 [ 451E8037E2EB6DA6BDF0A66F65D1810B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 20:44:01.0523 1760 SynTP - ok 20:44:01.0570 1760 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 20:44:01.0601 1760 SysMain ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0601 1760 SysMain - detected UnsignedFile.Multi.Generic (1) 20:44:01.0648 1760 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:44:01.0648 1760 TabletInputService ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0648 1760 TabletInputService - detected UnsignedFile.Multi.Generic (1) 20:44:01.0679 1760 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 20:44:01.0695 1760 TapiSrv ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0695 1760 TapiSrv - detected UnsignedFile.Multi.Generic (1) 20:44:01.0710 1760 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 20:44:01.0710 1760 TBS ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0710 1760 TBS - detected UnsignedFile.Multi.Generic (1) 20:44:01.0773 1760 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:44:01.0851 1760 Tcpip - ok 20:44:01.0866 1760 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 20:44:01.0913 1760 Tcpip6 - ok 20:44:01.0960 1760 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:44:01.0960 1760 tcpipreg ( UnsignedFile.Multi.Generic ) - warning 20:44:01.0960 1760 tcpipreg - detected UnsignedFile.Multi.Generic (1) 20:44:02.0007 1760 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:44:02.0007 1760 TDPIPE ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0007 1760 TDPIPE - detected UnsignedFile.Multi.Generic (1) 20:44:02.0022 1760 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:44:02.0038 1760 TDTCP ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0038 1760 TDTCP - detected UnsignedFile.Multi.Generic (1) 20:44:02.0069 1760 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:44:02.0085 1760 tdx ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0085 1760 tdx - detected UnsignedFile.Multi.Generic (1) 20:44:02.0100 1760 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 20:44:02.0116 1760 TermDD - ok 20:44:02.0132 1760 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 20:44:02.0147 1760 TermService ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0147 1760 TermService - detected UnsignedFile.Multi.Generic (1) 20:44:02.0178 1760 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll 20:44:02.0194 1760 Themes ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0194 1760 Themes - detected UnsignedFile.Multi.Generic (1) 20:44:02.0194 1760 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 20:44:02.0210 1760 THREADORDER ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0210 1760 THREADORDER - detected UnsignedFile.Multi.Generic (1) 20:44:02.0241 1760 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 20:44:02.0256 1760 TrkWks ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0256 1760 TrkWks - detected UnsignedFile.Multi.Generic (1) 20:44:02.0303 1760 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:44:02.0303 1760 TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0303 1760 TrustedInstaller - detected UnsignedFile.Multi.Generic (1) 20:44:02.0350 1760 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:44:02.0350 1760 tssecsrv ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0350 1760 tssecsrv - detected UnsignedFile.Multi.Generic (1) 20:44:02.0381 1760 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 20:44:02.0381 1760 tunmp ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0381 1760 tunmp - detected UnsignedFile.Multi.Generic (1) 20:44:02.0412 1760 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:44:02.0428 1760 tunnel ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0428 1760 tunnel - detected UnsignedFile.Multi.Generic (1) 20:44:02.0444 1760 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 20:44:02.0459 1760 uagp35 - ok 20:44:02.0475 1760 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:44:02.0490 1760 udfs ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0490 1760 udfs - detected UnsignedFile.Multi.Generic (1) 20:44:02.0537 1760 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:44:02.0537 1760 UI0Detect ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0537 1760 UI0Detect - detected UnsignedFile.Multi.Generic (1) 20:44:02.0568 1760 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:44:02.0584 1760 uliagpkx - ok 20:44:02.0615 1760 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 20:44:02.0631 1760 uliahci - ok 20:44:02.0662 1760 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 20:44:02.0693 1760 UlSata - ok 20:44:02.0724 1760 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 20:44:02.0740 1760 ulsata2 - ok 20:44:02.0771 1760 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:44:02.0771 1760 umbus ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0771 1760 umbus - detected UnsignedFile.Multi.Generic (1) 20:44:02.0787 1760 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 20:44:02.0802 1760 upnphost ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0802 1760 upnphost - detected UnsignedFile.Multi.Generic (1) 20:44:02.0849 1760 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 20:44:02.0865 1760 usbaudio ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0865 1760 usbaudio - detected UnsignedFile.Multi.Generic (1) 20:44:02.0896 1760 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:44:02.0912 1760 usbccgp ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0912 1760 usbccgp - detected UnsignedFile.Multi.Generic (1) 20:44:02.0943 1760 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:44:02.0958 1760 usbcir ( UnsignedFile.Multi.Generic ) - warning 20:44:02.0958 1760 usbcir - detected UnsignedFile.Multi.Generic (1) 20:44:02.0990 1760 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 20:44:03.0005 1760 usbehci ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0005 1760 usbehci - detected UnsignedFile.Multi.Generic (1) 20:44:03.0021 1760 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:44:03.0052 1760 usbhub ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0052 1760 usbhub - detected UnsignedFile.Multi.Generic (1) 20:44:03.0068 1760 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 20:44:03.0083 1760 usbohci ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0083 1760 usbohci - detected UnsignedFile.Multi.Generic (1) 20:44:03.0099 1760 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys 20:44:03.0099 1760 usbprint ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0099 1760 usbprint - detected UnsignedFile.Multi.Generic (1) 20:44:03.0130 1760 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:44:03.0146 1760 USBSTOR ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0146 1760 USBSTOR - detected UnsignedFile.Multi.Generic (1) 20:44:03.0161 1760 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 20:44:03.0161 1760 usbuhci ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0161 1760 usbuhci - detected UnsignedFile.Multi.Generic (1) 20:44:03.0208 1760 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 20:44:03.0208 1760 usbvideo ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0208 1760 usbvideo - detected UnsignedFile.Multi.Generic (1) 20:44:03.0239 1760 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 20:44:03.0255 1760 UxSms ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0255 1760 UxSms - detected UnsignedFile.Multi.Generic (1) 20:44:03.0286 1760 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 20:44:03.0333 1760 vds ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0333 1760 vds - detected UnsignedFile.Multi.Generic (1) 20:44:03.0380 1760 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:44:03.0395 1760 vga ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0395 1760 vga - detected UnsignedFile.Multi.Generic (1) 20:44:03.0411 1760 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 20:44:03.0426 1760 VgaSave ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0426 1760 VgaSave - detected UnsignedFile.Multi.Generic (1) 20:44:03.0442 1760 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 20:44:03.0473 1760 viaagp - ok 20:44:03.0489 1760 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 20:44:03.0504 1760 ViaC7 ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0504 1760 ViaC7 - detected UnsignedFile.Multi.Generic (1) 20:44:03.0520 1760 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 20:44:03.0536 1760 viaide - ok 20:44:03.0551 1760 VMC302 - ok 20:44:03.0567 1760 VMC326 - ok 20:44:03.0582 1760 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:44:03.0598 1760 volmgr - ok 20:44:03.0629 1760 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:44:03.0645 1760 volmgrx - ok 20:44:03.0692 1760 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:44:03.0723 1760 volsnap - ok 20:44:03.0738 1760 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:44:03.0770 1760 vsmraid - ok 20:44:03.0816 1760 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 20:44:03.0941 1760 VSS ( UnsignedFile.Multi.Generic ) - warning 20:44:03.0941 1760 VSS - detected UnsignedFile.Multi.Generic (1) 20:44:03.0988 1760 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 20:44:04.0004 1760 W32Time ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0004 1760 W32Time - detected UnsignedFile.Multi.Generic (1) 20:44:04.0050 1760 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 20:44:04.0050 1760 WacomPen ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0050 1760 WacomPen - detected UnsignedFile.Multi.Generic (1) 20:44:04.0082 1760 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 20:44:04.0097 1760 Wanarp ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0097 1760 Wanarp - detected UnsignedFile.Multi.Generic (1) 20:44:04.0097 1760 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:44:04.0113 1760 Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0113 1760 Wanarpv6 - detected UnsignedFile.Multi.Generic (1) 20:44:04.0128 1760 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:44:04.0175 1760 wcncsvc ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0175 1760 wcncsvc - detected UnsignedFile.Multi.Generic (1) 20:44:04.0222 1760 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:44:04.0222 1760 WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0222 1760 WcsPlugInService - detected UnsignedFile.Multi.Generic (1) 20:44:04.0238 1760 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 20:44:04.0253 1760 Wd - ok 20:44:04.0284 1760 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:44:04.0331 1760 Wdf01000 - ok 20:44:04.0362 1760 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:44:04.0362 1760 WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0362 1760 WdiServiceHost - detected UnsignedFile.Multi.Generic (1) 20:44:04.0378 1760 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:44:04.0378 1760 WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0378 1760 WdiSystemHost - detected UnsignedFile.Multi.Generic (1) 20:44:04.0409 1760 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 20:44:04.0425 1760 WebClient ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0425 1760 WebClient - detected UnsignedFile.Multi.Generic (1) 20:44:04.0440 1760 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:44:04.0456 1760 Wecsvc ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0456 1760 Wecsvc - detected UnsignedFile.Multi.Generic (1) 20:44:04.0456 1760 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:44:04.0472 1760 wercplsupport ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0472 1760 wercplsupport - detected UnsignedFile.Multi.Generic (1) 20:44:04.0503 1760 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 20:44:04.0518 1760 WerSvc ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0518 1760 WerSvc - detected UnsignedFile.Multi.Generic (1) 20:44:04.0581 1760 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 20:44:04.0612 1760 WinDefend - ok 20:44:04.0612 1760 WinHttpAutoProxySvc - ok 20:44:04.0690 1760 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:44:04.0690 1760 Winmgmt ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0690 1760 Winmgmt - detected UnsignedFile.Multi.Generic (1) 20:44:04.0721 1760 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll 20:44:04.0768 1760 WinRM ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0768 1760 WinRM - detected UnsignedFile.Multi.Generic (1) 20:44:04.0830 1760 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 20:44:04.0893 1760 Wlansvc ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0893 1760 Wlansvc - detected UnsignedFile.Multi.Generic (1) 20:44:04.0924 1760 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 20:44:04.0940 1760 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning 20:44:04.0940 1760 WmiAcpi - detected UnsignedFile.Multi.Generic (1) 20:44:05.0002 1760 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:44:05.0002 1760 wmiApSrv ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0002 1760 wmiApSrv - detected UnsignedFile.Multi.Generic (1) 20:44:05.0080 1760 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 20:44:05.0127 1760 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0127 1760 WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1) 20:44:05.0158 1760 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:44:05.0174 1760 WPCSvc ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0174 1760 WPCSvc - detected UnsignedFile.Multi.Generic (1) 20:44:05.0205 1760 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:44:05.0220 1760 WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0220 1760 WPDBusEnum - detected UnsignedFile.Multi.Generic (1) 20:44:05.0267 1760 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 20:44:05.0283 1760 WpdUsb ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0283 1760 WpdUsb - detected UnsignedFile.Multi.Generic (1) 20:44:05.0314 1760 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:44:05.0314 1760 ws2ifsl ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0314 1760 ws2ifsl - detected UnsignedFile.Multi.Generic (1) 20:44:05.0345 1760 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll 20:44:05.0361 1760 wscsvc ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0361 1760 wscsvc - detected UnsignedFile.Multi.Generic (1) 20:44:05.0361 1760 WSearch - ok 20:44:05.0454 1760 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 20:44:05.0579 1760 wuauserv - ok 20:44:05.0610 1760 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:44:05.0642 1760 WUDFRd ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0642 1760 WUDFRd - detected UnsignedFile.Multi.Generic (1) 20:44:05.0642 1760 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:44:05.0657 1760 wudfsvc ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0657 1760 wudfsvc - detected UnsignedFile.Multi.Generic (1) 20:44:05.0735 1760 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 20:44:05.0751 1760 yukonwlh ( UnsignedFile.Multi.Generic ) - warning 20:44:05.0751 1760 yukonwlh - detected UnsignedFile.Multi.Generic (1) 20:44:05.0766 1760 ================ Scan global =============================== 20:44:05.0813 1760 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 20:44:05.0844 1760 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll 20:44:05.0876 1760 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll 20:44:05.0922 1760 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe 20:44:05.0922 1760 [Global] - ok 20:44:05.0922 1760 ================ Scan MBR ================================== 20:44:05.0938 1760 [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0 20:44:06.0578 1760 \Device\Harddisk0\DR0 - ok 20:44:06.0578 1760 [ BD01C983F50ACB5572A566F0B18E1812 ] \Device\Harddisk2\DR2 20:45:19.0274 1760 \Device\Harddisk2\DR2 - ok 20:45:19.0274 1760 ================ Scan VBR ================================== 20:45:19.0320 1760 [ 4ABC5D786BE829891EFD26B15D525D84 ] \Device\Harddisk0\DR0\Partition1 20:45:19.0320 1760 \Device\Harddisk0\DR0\Partition1 - ok 20:45:19.0352 1760 [ CB130314BED305BC44413D15B461093B ] \Device\Harddisk0\DR0\Partition2 20:45:19.0352 1760 \Device\Harddisk0\DR0\Partition2 - ok 20:45:19.0352 1760 ============================================================ 20:45:19.0352 1760 Scan finished 20:45:19.0352 1760 ============================================================ 20:45:19.0414 2588 Detected object count: 255 20:45:19.0414 2588 Actual detected object count: 255 20:45:46.0620 2588 AeLookupSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0620 2588 AeLookupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0620 2588 AFD ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0620 2588 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0620 2588 AgereSoftModem ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0620 2588 AgereSoftModem ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0620 2588 ALG ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0620 2588 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0636 2588 AmdK7 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0636 2588 AmdK7 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0636 2588 AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0636 2588 AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0636 2588 Appinfo ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0636 2588 Appinfo ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0636 2588 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0636 2588 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0636 2588 athr ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0636 2588 athr ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0636 2588 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0636 2588 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0652 2588 Audiosrv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0652 2588 Audiosrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0652 2588 bcm4sbxp ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0652 2588 bcm4sbxp ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0652 2588 Beep ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0652 2588 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0652 2588 BFE ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0652 2588 BFE ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0652 2588 BITS ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0652 2588 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0652 2588 blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0652 2588 blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0667 2588 bowser ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0667 2588 bowser ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0667 2588 BrFiltLo ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0667 2588 BrFiltLo ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0667 2588 BrFiltUp ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0667 2588 BrFiltUp ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0667 2588 Browser ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0667 2588 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0667 2588 Brserid ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0667 2588 Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0667 2588 BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0667 2588 BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0683 2588 BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0683 2588 BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0683 2588 BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0683 2588 BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0683 2588 BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0683 2588 BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0683 2588 cdfs ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0683 2588 cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0683 2588 cdrom ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0683 2588 cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0683 2588 CertPropSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0683 2588 CertPropSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0698 2588 circlass ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0698 2588 circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0698 2588 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0698 2588 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0698 2588 Crusoe ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0698 2588 Crusoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0698 2588 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0698 2588 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0698 2588 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0698 2588 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0714 2588 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0714 2588 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0714 2588 DFSR ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0714 2588 DFSR ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0714 2588 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0714 2588 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0714 2588 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0714 2588 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0714 2588 dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0714 2588 dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0714 2588 DPS ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0714 2588 DPS ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0730 2588 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0730 2588 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0730 2588 E1G60 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0730 2588 E1G60 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0730 2588 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0730 2588 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0730 2588 ehRecvr ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0730 2588 ehRecvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0730 2588 ehSched ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0730 2588 ehSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0730 2588 ehstart ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0730 2588 ehstart ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0745 2588 EMDMgmt ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0745 2588 EMDMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0745 2588 ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0745 2588 ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0745 2588 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0745 2588 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0745 2588 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0745 2588 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0745 2588 exfat ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0745 2588 exfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0745 2588 fastfat ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0745 2588 fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0761 2588 fdc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0761 2588 fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0761 2588 fdPHost ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0761 2588 fdPHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0761 2588 FDResPub ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0761 2588 FDResPub ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0761 2588 Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0761 2588 Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0761 2588 flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0761 2588 flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0761 2588 FontCache ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0761 2588 FontCache ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0776 2588 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0776 2588 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0776 2588 gpsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0776 2588 gpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0776 2588 gtstusbser ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0776 2588 gtstusbser ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0776 2588 HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0776 2588 HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0776 2588 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0776 2588 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0776 2588 HidBth ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0776 2588 HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0792 2588 HidIr ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0792 2588 HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0792 2588 hidserv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0792 2588 hidserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0792 2588 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0792 2588 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0792 2588 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0792 2588 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0792 2588 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0792 2588 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0792 2588 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0792 2588 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0808 2588 ialm ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0808 2588 ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0808 2588 igfx ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0808 2588 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0808 2588 IKEEXT ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0808 2588 IKEEXT ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0808 2588 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0808 2588 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0808 2588 IPBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0808 2588 IPBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0823 2588 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0823 2588 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0823 2588 iphlpsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0823 2588 iphlpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0823 2588 IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0823 2588 IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0823 2588 IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0823 2588 IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0823 2588 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0823 2588 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0823 2588 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0823 2588 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0839 2588 KeyIso ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0839 2588 KeyIso ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0839 2588 KMDFMEMIO ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0839 2588 KMDFMEMIO ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0839 2588 KtmRm ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0839 2588 KtmRm ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0839 2588 LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0839 2588 LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0839 2588 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0839 2588 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0839 2588 lltdio ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0839 2588 lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0854 2588 lltdsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0854 2588 lltdsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0854 2588 lmhosts ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0854 2588 lmhosts ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0854 2588 luafv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0854 2588 luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0854 2588 Mcx2Svc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0854 2588 Mcx2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0854 2588 MMCSS ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0854 2588 MMCSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0854 2588 Modem ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0870 2588 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0870 2588 monitor ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0870 2588 monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0870 2588 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0870 2588 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0870 2588 mpsdrv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0870 2588 mpsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0870 2588 MpsSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0870 2588 MpsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0870 2588 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0870 2588 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0870 2588 mrxsmb ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0870 2588 mrxsmb ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0886 2588 mrxsmb10 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0886 2588 mrxsmb10 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0886 2588 mrxsmb20 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0886 2588 mrxsmb20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0886 2588 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0886 2588 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0886 2588 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0886 2588 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0886 2588 MSiSCSI ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0886 2588 MSiSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0886 2588 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0886 2588 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0886 2588 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0886 2588 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0901 2588 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0901 2588 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0901 2588 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0901 2588 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0901 2588 napagent ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0901 2588 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0901 2588 NativeWifiP ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0901 2588 NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0901 2588 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0901 2588 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0917 2588 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0917 2588 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0917 2588 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0917 2588 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0917 2588 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0917 2588 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0917 2588 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0917 2588 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0917 2588 netbt ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0917 2588 netbt ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0932 2588 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0932 2588 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0932 2588 Netman ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0932 2588 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0932 2588 netprofm ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0932 2588 netprofm ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0932 2588 NETw3v32 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0932 2588 NETw3v32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0932 2588 NlaSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0932 2588 NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0932 2588 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0932 2588 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0948 2588 nsi ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0948 2588 nsi ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0948 2588 nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0948 2588 nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0948 2588 ntrigdigi ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0948 2588 ntrigdigi ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0948 2588 Null ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0948 2588 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0948 2588 ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0948 2588 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0948 2588 p2pimsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0948 2588 p2pimsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0964 2588 p2psvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0964 2588 p2psvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0964 2588 Parport ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0964 2588 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0964 2588 Parvdm ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0964 2588 Parvdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0964 2588 PcaSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0964 2588 PcaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0964 2588 PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0964 2588 PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0964 2588 pla ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0964 2588 pla ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0979 2588 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0979 2588 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0979 2588 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0979 2588 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0979 2588 PNRPsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0979 2588 PNRPsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0979 2588 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0979 2588 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0979 2588 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0979 2588 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0979 2588 Processor ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0979 2588 Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0995 2588 ProfSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0995 2588 ProfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0995 2588 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0995 2588 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0995 2588 PSched ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0995 2588 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0995 2588 QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0995 2588 QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0995 2588 QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0995 2588 QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:46.0995 2588 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:46.0995 2588 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0010 2588 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0010 2588 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0010 2588 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0010 2588 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0010 2588 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0010 2588 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0010 2588 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0010 2588 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0010 2588 RasSstp ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0010 2588 RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0010 2588 rdbss ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0010 2588 rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0026 2588 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0026 2588 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0026 2588 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0026 2588 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0026 2588 RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0026 2588 RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0026 2588 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0026 2588 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0026 2588 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0026 2588 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0042 2588 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0042 2588 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0042 2588 RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0042 2588 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0042 2588 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0042 2588 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0042 2588 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0042 2588 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0042 2588 rspndr ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0042 2588 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0042 2588 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0042 2588 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0057 2588 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0057 2588 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0057 2588 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0057 2588 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0057 2588 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0057 2588 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0057 2588 SCPolicySvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0057 2588 SCPolicySvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0057 2588 sdbus ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0057 2588 sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0057 2588 SDRSVC ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0057 2588 SDRSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0073 2588 secdrv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0073 2588 secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0073 2588 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0073 2588 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0073 2588 SENS ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0073 2588 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0073 2588 Serenum ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0073 2588 Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0073 2588 Serial ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0073 2588 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0073 2588 sermouse ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0073 2588 sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0088 2588 SessionEnv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0088 2588 SessionEnv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0088 2588 sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0088 2588 sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0088 2588 sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0088 2588 sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0088 2588 sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0088 2588 sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0088 2588 sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0088 2588 sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0088 2588 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0088 2588 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0104 2588 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0104 2588 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip |
04.06.2013, 16:52 | #10 |
| weißer Bildschrim nach User Login unter Windows 7 Teil 2 Code:
ATTFilter 20:45:47.0104 2588 slsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0104 2588 slsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0104 2588 SLUINotify ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0104 2588 SLUINotify ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0104 2588 Smb ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0104 2588 Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0104 2588 SNMPTRAP ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0104 2588 SNMPTRAP ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0104 2588 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0104 2588 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0104 2588 srv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0120 2588 srv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0120 2588 srv2 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0120 2588 srv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0120 2588 srvnet ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0120 2588 srvnet ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0120 2588 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0120 2588 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0120 2588 SstpSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0120 2588 SstpSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0120 2588 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0120 2588 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0120 2588 swprv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0120 2588 swprv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0135 2588 SysMain ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0135 2588 SysMain ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0135 2588 TabletInputService ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0135 2588 TabletInputService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0135 2588 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0135 2588 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0135 2588 TBS ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0135 2588 TBS ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0135 2588 tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0135 2588 tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0135 2588 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0135 2588 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0151 2588 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0151 2588 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0151 2588 tdx ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0151 2588 tdx ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0151 2588 TermService ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0151 2588 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0151 2588 Themes ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0151 2588 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0151 2588 THREADORDER ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0151 2588 THREADORDER ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0151 2588 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0151 2588 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0166 2588 TrustedInstaller ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0166 2588 TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0166 2588 tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0166 2588 tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0166 2588 tunmp ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0166 2588 tunmp ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0166 2588 tunnel ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0166 2588 tunnel ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0166 2588 udfs ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0166 2588 udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0166 2588 UI0Detect ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0166 2588 UI0Detect ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0182 2588 umbus ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0182 2588 umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0182 2588 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0182 2588 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0182 2588 usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0182 2588 usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0182 2588 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0182 2588 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0182 2588 usbcir ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0182 2588 usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0182 2588 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0182 2588 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0198 2588 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0198 2588 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0198 2588 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0198 2588 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0198 2588 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0198 2588 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0198 2588 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0198 2588 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0198 2588 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0198 2588 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0198 2588 usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0198 2588 usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0213 2588 UxSms ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0213 2588 UxSms ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0213 2588 vds ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0213 2588 vds ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0213 2588 vga ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0213 2588 vga ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0213 2588 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0213 2588 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0213 2588 ViaC7 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0213 2588 ViaC7 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0213 2588 VSS ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0213 2588 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0229 2588 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0229 2588 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0229 2588 WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0229 2588 WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0229 2588 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0229 2588 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0229 2588 Wanarpv6 ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0229 2588 Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0229 2588 wcncsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0229 2588 wcncsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0229 2588 WcsPlugInService ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0229 2588 WcsPlugInService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0244 2588 WdiServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0244 2588 WdiServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0244 2588 WdiSystemHost ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0244 2588 WdiSystemHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0244 2588 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0244 2588 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0244 2588 Wecsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0244 2588 Wecsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0244 2588 wercplsupport ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0244 2588 wercplsupport ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0244 2588 WerSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0244 2588 WerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0260 2588 Winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0260 2588 Winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0260 2588 WinRM ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0260 2588 WinRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0260 2588 Wlansvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0260 2588 Wlansvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0260 2588 WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0260 2588 WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0260 2588 wmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0260 2588 wmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0260 2588 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0260 2588 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0276 2588 WPCSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0276 2588 WPCSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0276 2588 WPDBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0276 2588 WPDBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0276 2588 WpdUsb ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0276 2588 WpdUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0276 2588 ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0276 2588 ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0276 2588 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0276 2588 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0276 2588 WUDFRd ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0291 2588 WUDFRd ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0291 2588 wudfsvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0291 2588 wudfsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:47.0291 2588 yukonwlh ( UnsignedFile.Multi.Generic ) - skipped by user 20:45:47.0291 2588 yukonwlh ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:45:59.0584 3308 Deinitialize success |
04.06.2013, 16:53 | #11 |
/// Malware-holic | weißer Bildschrim nach User Login unter Windows 7 Ne, ich biete nur keinen 24 stunden rundum service, das ist meine Freizeit hier. Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
04.06.2013, 17:16 | #12 |
| weißer Bildschrim nach User Login unter Windows 7 HI Markus na so war das nicht gemeint und wie du im ersten post siehst, weiß ich diese Hilfe zu schätzen. Code:
ATTFilter ComboFix 13-06-03.06 - sven 04.06.2013 21:01:20.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3032.2032 [GMT 2:00] ausgeführt von:: c:\users\sven\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini C:\Recycle.Bin c:\users\sven\AppData\Roaming\Qiyl\dydi.exe . . ((((((((((((((((((((((( Dateien erstellt von 2013-05-04 bis 2013-06-04 )))))))))))))))))))))))))))))) . . 2013-06-04 19:07 . 2013-06-04 19:08 -------- d-----w- c:\users\sven\AppData\Local\temp 2013-06-04 19:07 . 2013-06-04 19:07 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-06-04 11:49 . 2013-06-04 11:49 -------- d-----w- c:\windows\system32\wbem\en-US 2013-06-04 11:47 . 2008-06-02 01:50 125728 ----a-w- c:\windows\system32\drivers\Mpfp.sys 2013-06-04 11:47 . 2007-07-24 03:02 33800 ----a-w- c:\windows\system32\drivers\mferkdk.sys 2013-06-04 11:47 . 2007-07-23 22:40 79304 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2013-06-04 11:47 . 2007-07-21 00:08 40488 ----a-w- c:\windows\system32\drivers\mfesmfk.sys 2013-06-04 11:47 . 2007-07-21 00:08 35240 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2013-06-04 11:47 . 2007-07-21 00:08 201288 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2013-06-04 11:47 . 2008-01-21 02:23 599552 ----a-w- c:\windows\system32\vsp1cln.exe 2013-06-04 11:47 . 2008-01-21 02:24 78336 ----a-w- c:\windows\system32\ieencode.dll 2013-06-04 11:47 . 2008-01-21 02:24 17408 ----a-w- c:\windows\system32\corpol.dll 2013-06-04 06:36 . 2013-06-04 06:36 -------- d-----w- C:\_OTL 2013-05-07 07:48 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F076FA41-E901-445F-99E4-ED5B59BD68EF}\mpengine.dll . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-02 00:06 . 2010-08-15 09:32 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-03-11 13:25 . 2013-04-10 12:14 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-11 13:25 . 2013-04-10 12:14 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-09 03:45 . 2013-04-10 12:14 49152 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-09 01:28 . 2013-04-10 12:14 64000 ----a-w- c:\windows\system32\smss.exe 2013-03-08 03:53 . 2013-04-10 12:14 376320 ----a-w- c:\windows\system32\winsrv.dll 2013-03-08 03:52 . 2013-04-10 12:14 2067968 ----a-w- c:\windows\system32\mstscax.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys [-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys . [-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys [-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys . [-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys [-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys . [-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll [-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll . [-] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe [-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe [-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe [-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe [-] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe [-] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe [-] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe [-] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe [-] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe [-] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe [-] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe [-] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe [-] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe [-] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe [-] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe [-] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe [-] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe [-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe [-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe [-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe . [-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll [-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll . [-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll [-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll . [-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll [-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll [-] 2008-01-21 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll . [-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll [-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll [-] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll [-] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll [-] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll [-] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll [-] 2008-01-21 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll . [-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe [-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe [-] 2008-01-21 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe . [-] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe [-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe [-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe [-] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe [-] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe [-] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe [-] 2008-01-21 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe . [-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe [-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [-] 2008-01-21 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe . [-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys [-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys [-] 2008-01-21 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys . [-] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll [-] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll [-] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll [-] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll [-] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll [-] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll [-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll [-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll [-] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [-] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll [-] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll [-] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll [-] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll [-] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll [-] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll [-] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll [-] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [-] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll [-] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll . [-] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll [-] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll [-] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll [-] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll [-] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll [-] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll [-] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll . [-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll [-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll [-] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll [-] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll [-] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll [-] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll [-] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll . [-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll [-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll [-] 2008-01-21 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll . [-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll [-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll [-] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll [-] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll [-] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll [-] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll [-] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll [-] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll [-] 2008-01-21 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll . [-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll [-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll . [-] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll [-] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll [-] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll [-] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll [-] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll [-] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll [-] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll [-] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll [-] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll [-] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll [-] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll [-] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll [-] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll [-] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll [-] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll [-] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll [-] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_aba8fef657b84c8b\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll . [-] 2013-02-22 . 474D43D76E2A33FEE21C6F4BB7C4A3B7 . 12324864 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20586_none_d3840c4179578751\mshtml.dll [-] 2013-02-22 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll [-] 2013-02-22 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16476_none_d3053f626031cb96\mshtml.dll [-] 2013-02-02 . 88C27474E61271B49677F22CEE76FB3E . 12322304 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20580_none_d37e0a85795cef47\mshtml.dll [-] 2013-02-02 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16470_none_d2ff3da66037338c\mshtml.dll [-] 2013-01-08 . C97434C851C4821BD92D2831FDF1ECBE . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16464_none_d30e0eba602b7cf7\mshtml.dll [-] 2013-01-08 . B6AD225B3BCC07332FBB2C2824315534 . 12322304 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20573_none_d38bdb4f79521f5b\mshtml.dll [-] 2012-11-14 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16457_none_d31bdf846020ad0b\mshtml.dll [-] 2012-11-14 . 8021EF27048F9ECE5286EA8C8EED23B8 . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20565_none_d398abcf79483618\mshtml.dll [-] 2012-10-08 . 8D1BB1E5A033E8817EF94A9047630165 . 12320768 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16455_none_d319def060227a5d\mshtml.dll [-] 2012-10-08 . F7B251DA2FA89933771289793DCAA08B . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20562_none_d395aaf1794aea13\mshtml.dll [-] 2012-08-24 . 975D1EA99A0FE8104B72440995B3C20B . 12319744 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20557_none_d3a57c4f793e4cd5\mshtml.dll [-] 2012-08-24 . BB197F54A8F69EEA8356B7F70E6D3A20 . 12319744 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16450_none_d314dd7e6026fbaa\mshtml.dll [-] 2012-06-29 . 5E8E869E1342308752A37A2C90CCA79D . 12317184 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16448_none_d327afba6017aa71\mshtml.dll [-] 2012-06-28 . AEC51857AEC2F5CE4520366240AFC671 . 12317184 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20554_none_d3a27b71794100d0\mshtml.dll [-] 2012-06-02 . 6820A9E91AFF7CB3A510360D8CCD9BDD . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16447_none_d326af706018911a\mshtml.dll [-] 2012-06-02 . 1ABF770552EA9D4FE90F654468FAF4CE . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20553_none_d3a17b277941e779\mshtml.dll [-] 2012-05-17 . 9FB58F71104107D44540AF1195F7A14D . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16446_none_d325af26601977c3\mshtml.dll [-] 2012-05-17 . 761D9111F5A2619CB5060661D36FBFFF . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20551_none_d39f7a937943b4cb\mshtml.dll [-] 2012-02-28 . F82BF2CB075B49E9FAB5FF213C45C020 . 12281856 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16443_none_d322ae48601c2bbe\mshtml.dll [-] 2012-02-28 . B9E083B14B1994F1255983F2DF31C7DF . 12281856 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20548_none_d3b14c8579354a3b\mshtml.dll [-] 2011-12-14 . 497C9C3DB953A60EC4F43A097E15F75E . 12282368 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16441_none_d320adb4601df910\mshtml.dll [-] 2011-12-14 . A29CFD4B9F6F2BBE06C8D64B6D07F1D4 . 12282368 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20546_none_d3af4bf17937178d\mshtml.dll [-] 2011-11-03 . A21B983E40578D0E6CFA9864AC4E1219 . 12279808 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20544_none_d3ad4b5d7938e4df\mshtml.dll [-] 2011-11-03 . 66C0AEE61D1C5C35BF1B4642A153B114 . 12279808 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16440_none_d31fad6a601edfb9\mshtml.dll [-] 2011-09-01 . 04E0CD31A63DFC0D73725A3D1768FB5A . 12275200 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16437_none_d3317f5c60107529\mshtml.dll [-] 2011-09-01 . 8C93AED0A332209434B62162D03C38C9 . 12275200 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20537_none_d3bb1c27792e14f3\mshtml.dll [-] 2011-07-22 . E6D5C7E4AAC0C682169AA5021386EFF3 . 12273664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16434_none_d32e7e7e60132924\mshtml.dll [-] 2011-07-22 . F2966190D2C20C585A730F9C0B3C7373 . 12273664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20534_none_d3b81b497930c8ee\mshtml.dll [-] 2011-06-20 . 3F63F95C998F7E1AF409BC74E83D45E5 . 12269056 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16430_none_d32a7d566016c3c8\mshtml.dll [-] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll [-] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll [-] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll [-] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll [-] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.23111] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll [-] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.19019] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll [-] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.23091] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll [-] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18999] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll [-] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.23067] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll [-] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18975] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll [-] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.23040] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll [-] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18943] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll [-] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.23019] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll [-] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18928] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll [-] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.22995] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll [-] 2010-02-23 . 8D5FB97AE3D30CCDD8C9D8AF447C7D09 . 5944832 . . [8.00.6001.18904] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll [-] 2010-01-02 . BE6120F3D7A853039B5437AC9E1986C1 . 5945856 . . [8.00.6001.22973] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll [-] 2010-01-02 . DF4D546A6E1C8D0F4FC10FCC9E422763 . 5942784 . . [8.00.6001.18882] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll [-] 2009-11-21 . ED6055694115B1A247B2591AB465A21D . 5944320 . . [8.00.6001.22956] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll . [-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll [-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll [-] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll [-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll [-] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll . [-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll [-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll [-] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll . [-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll [-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [-] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll . [-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll [-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll [-] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll . [-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll [-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [-] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll . [-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll [-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll . [-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe [-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe . [-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll [-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll [-] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll . [-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll [-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll [-] 2008-01-21 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll . [-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe [-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe . [-] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll [-] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll [-] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll [-] 2013-02-02 . 1284D72C04B553ED5382EA14303D66DB . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll [-] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll [-] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll [-] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll [-] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll [-] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll [-] 2012-10-08 . 9CB0D2A9A77D91D9614355EE9FF00519 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll [-] 2012-10-08 . 6E3AC8A54A1881806BA2B58539483788 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll [-] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll [-] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll [-] 2012-06-29 . 75A97A2C060E72AB49E071E08C7DD2BA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll [-] 2012-06-28 . 54C30A4066A28F9A017E095E283B2762 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll [-] 2012-06-02 . 8E87270C4704CF2951E1E7820D6C8A2B . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll [-] 2012-06-02 . E430161A632F9A8FE512DE0CA5685559 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll [-] 2012-05-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll [-] 2012-05-17 . 43BAC67996D8765A5F1B3A4EA6231E21 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll [-] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll [-] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll [-] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll [-] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_c2552cd2f8e0ae57\wininet.dll [-] 2011-11-03 . 32569DF2F9BEF05DD7D56E30590EDFD9 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20544_none_c2532c3ef8e27ba9\wininet.dll [-] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_c1c58e4bdfc87683\wininet.dll [-] 2011-09-01 . D3788D91530CFA005BD516189A4C676E . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16437_none_c1d7603ddfba0bf3\wininet.dll [-] 2011-09-01 . C0FCEE8D760C70DB6EF858BB2262288E . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20537_none_c260fd08f8d7abbd\wininet.dll [-] 2011-07-22 . 2C7332C222D1FE1FC57D622699A8C001 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16434_none_c1d45f5fdfbcbfee\wininet.dll [-] 2011-07-22 . AA75F065975FCE762FC9BBF5A3C08368 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20534_none_c25dfc2af8da5fb8\wininet.dll [-] 2011-06-20 . A1236375B74EA63C75657D564890C436 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16421_none_c1dc2e6ddfb757f8\wininet.dll [-] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll [-] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll [-] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll [-] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll [-] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll [-] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll [-] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll [-] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll [-] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll [-] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll [-] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.23040] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll [-] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18943] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll [-] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.23019] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll [-] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18928] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll [-] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.22995] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll [-] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18904] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll [-] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.22973] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll [-] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18882] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll [-] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.22956] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll [-] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18865] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll [-] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.22918] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll [-] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18828] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll [-] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.22903] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll [-] 2009-07-18 . FCB4E3234667317905333B6A4CDF85FC . 827904 . . [7.00.6001.18294] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll [-] 2009-07-18 . 87D84C48693EB949350FA938D63512D8 . 827392 . . [7.00.6000.16890] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll [-] 2009-07-18 . D1E1447C4E2077BDFFDD547972FEBDEB . 828928 . . [7.00.6000.21089] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll [-] 2009-07-18 . 7FCA93009963EE8A7AF1740661412F1E . 828416 . . [7.00.6001.22475] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll [-] 2009-07-18 . 387B0601FCA64AF5117C321E46C4C4E2 . 828928 . . [7.00.6002.22180] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll [-] 2009-07-18 . 408A0A6E83333F98D564D95CDBB6D3C6 . 828416 . . [7.00.6002.18071] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll [-] 2009-04-24 . D94BDEEF2E47EB4A46B957253C697F01 . 827392 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll [-] 2009-04-24 . 64EAF7CF461A15DB4EAEB1D50A10E88E . 827904 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll [-] 2009-04-24 . E7D90AF9B0C7FA98DF353E022EE1C63E . 828928 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll [-] 2009-04-24 . 77C60DD61D21777734B1C945540473A4 . 828416 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll [-] 2009-04-24 . 07DBFC0759F61E95901AF2B2D4E83451 . 828416 . . [7.00.6002.22121] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll [-] 2009-04-23 . 24CBE22F35941FBFD6144A5C011EA999 . 828416 . . [7.00.6002.18024] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll [-] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll [-] 2009-03-08 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18813] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll [-] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll [-] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll [-] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll [-] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll [-] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll [-] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll [-] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll [-] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll [-] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll [-] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll [-] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll [-] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll [-] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll [-] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll [-] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll [-] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll [-] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll [-] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll [-] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll [-] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll [-] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll [-] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll [-] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll [-] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll [-] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll . [-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll [-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll . [-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll [-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll . [-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe [-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [-] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [-] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [-] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [-] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [-] 2008-01-21 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe . [-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe [-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe . [-] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll [-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll [-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll [-] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll [-] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll [-] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll [-] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll . [-] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll [-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll [-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll [-] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll [-] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll [-] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll [-] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll . [-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll [-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll . [-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe [-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe . [-] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll [-] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll [-] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll [-] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll [-] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll [-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll [-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll [-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll [-] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll . [-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\msimg32.dll [-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6000.16386_none_7535161f1f2100ed\msimg32.dll . [-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll [-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll . [-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe [-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe . [-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll [-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll [-] 2008-01-21 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll . [-] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll [-] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll [-] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll [-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll [-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll [-] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll [-] 2008-01-21 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll [-] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll [-] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll . [-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll [-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll . [-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll [-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll [-] 2008-01-21 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll . [-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll [-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll . [-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll [-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll [-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll . [-] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll [-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll [-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll [-] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll [-] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll [-] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll . [-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll [-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll . [-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll [-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll [-] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll . [-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll [-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll [-] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll . [-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll [-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll . [-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll [-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll [-] 2008-01-21 02:23 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll . [-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll [-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll [-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll . [-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll [-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll [-] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll . [-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll [-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll [-] 2008-01-21 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll . [-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll [-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll [-] 2008-01-21 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll . [-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll [-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll [-] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll . [-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll [-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll . [-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL [-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] 2011-01-17 14:54 175912 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVDV.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520] "ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-01-04 1391272] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk backup=c:\windows\pss\BTTray.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-14 23:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core] 2009-09-03 21:17 3342336 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-05-07 11:12 1238352 ----a-w- c:\program files\Steam\Steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-10-26 05:39 1029416 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - 74665665 *Deregistered* - 74665665 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhalt des "geplante Tasks" Ordners . 2010-12-16 c:\windows\Tasks\User_Feed_Synchronization-{27DB8BB8-9817-4932-A2CA-332B0EECBCA5}.job - c:\windows\system32\msfeedssync.exe [2011-06-20 18:45] . . ------- Zusätzlicher Suchlauf ------- . IE: Free YouTube to MP3 Converter - c:\users\sven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll TCP: DhcpNameServer = 192.168.0.1 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . HKCU-Run-{19E4F906-0FCA-6C68-0686-DA2B181F56B4} - c:\users\sven\AppData\Roaming\Qiyl\dydi.exe HKCU-Run-4E3E0230AEBB4E96 - c:\recycle.bin\Recycle.Bin.exe MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net Rootkit scan 2013-06-04 21:08 Windows 6.0.6002 Service Pack 2 NTFS . Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: 0 . ************************************************************************** . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Zeit der Fertigstellung: 2013-06-04 21:14:48 ComboFix-quarantined-files.txt 2013-06-04 19:14 . Vor Suchlauf: 8 Verzeichnis(se), 54.626.856.960 Bytes frei Nach Suchlauf: 13 Verzeichnis(se), 56.088.068.096 Bytes frei . - - End Of File - - FA640E75DEF308C80491055B25A987DD |
04.06.2013, 17:18 | #13 |
/// Malware-holic | weißer Bildschrim nach User Login unter Windows 7 Hi öffne mal bitte Computer, c: qoobox, rechtsklick quarantain, mit winrar oder anderem archivierungsprogramm packen, und hochladen. Trojaner-Board Upload Channel Bitte kurze Rückmeldung, wenn fertig.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
04.06.2013, 17:32 | #14 | |
| weißer Bildschrim nach User Login unter Windows 7Zitat:
|
04.06.2013, 17:35 | #15 |
/// Malware-holic | weißer Bildschrim nach User Login unter Windows 7 Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu weißer Bildschrim nach User Login unter Windows 7 |
adobe, antivir, autorun, avira, avira searchfree toolbar, bho, converter, defender, desktop, error, explorer, home, logfile, opera, plug-in, realtek, registry, software, taskmanager, trojan.agent.zr0, windows, öffnet |