Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: weißer Bildschrim nach User Login unter Windows 7

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.06.2013, 22:19   #1
charlien
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



Guten Abend zusammen,

habe mir manch Themen angesehen aber wie Ihr selbst schreibt, sind Lösungen für die einzelnen Personen gedacht.
Daher mein eigenes Thema. Ich bedanke mich vorab für Eure Hilfe und die von Euch eingesetzte Freizeit mir zu helfen.

Problem
nach dem Userlogin, wird der Desktop weiß, es gibt nichts zu sehen, klicken außer die kleine Leiste für die Sprachwahl.. CTRL STRG ENTF öffnet das Menü, der Klick auf den TAskmanager wird nicht ausgeführt.


Ich habe OTLPE wie beschrieben geladen, gebrannt und ausgeführt. Anbei die Log
Was nun?

Code:
ATTFilter
OTL logfile created on: 6/4/2013 1:23:05 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.88 Gb Total Space | 51.16 Gb Free Space | 46.56% Space Free | Partition Type: NTFS
Drive E: | 983.73 Mb Total Space | 420.47 Mb Free Space | 42.74% Space Free | Partition Type: FAT
Drive F: | 110.00 Gb Total Space | 100.96 Gb Free Space | 91.78% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/05/08 12:59:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012/05/08 12:59:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 12:59:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/07/29 14:26:02 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008/10/19 08:30:02 | 000,222,456 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/07/10 07:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/07/10 07:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/05/12 19:47:20 | 000,077,480 | ---- | M] () [Auto] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/16 04:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (VMC326)
DRV - File not found [Kernel | On_Demand] --  -- (VMC302)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2012/05/08 12:59:34 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 12:59:34 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/09/16 11:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2009/10/08 11:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/11/18 11:26:40 | 000,103,552 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\gtstusbser.sys -- (gtstusbser)
DRV - [2008/04/26 22:07:00 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007/05/23 04:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006/11/02 03:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C5 51 1F 09 92 7A CC 01  [binary data]
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\sven_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\sven_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\sven_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\sven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
 
 
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\sven_ON_C..\Run: [{19E4F906-0FCA-6C68-0686-DA2B181F56B4}]  File not found
O4 - HKU\sven_ON_C..\Run: [4E3E0230AEBB4E96]  File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\sven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\sven_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\sven_ON_C Winlogon: Shell - (C:\Users\sven\AppData\Roaming\skype.dat) - C:\Users\sven\AppData\Roaming\skype.dat ()
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/11/08 07:07:50 | 000,000,000 | ---D | M] - F:\auto -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{a86f58c5-9d2d-11e1-97a9-001377e14b62}\Shell - "" = AutoRun
O33 - MountPoints2\{a86f58c5-9d2d-11e1-97a9-001377e14b62}\Shell\AutoRun\command - "" = C:\Windows\explorer.exe -- [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ca0f17c0-1df1-11de-9017-001377e14b62}\Shell - "" = AutoRun
O33 - MountPoints2\{ca0f17c0-1df1-11de-9017-001377e14b62}\Shell\AutoRun\command - "" = G:\QsSetup.exe
O33 - MountPoints2\{ca9abea3-1ef1-11de-9b00-001377e14b62}\Shell - "" = AutoRun
O33 - MountPoints2\{ca9abea3-1ef1-11de-9b00-001377e14b62}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\QsSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 60 Days ==========
 
[2013/04/11 14:36:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/04/11 14:36:28 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/04/11 14:36:26 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/11 14:36:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/11 14:36:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/04/11 14:36:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/04/11 14:36:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/04/11 14:36:24 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/04/11 14:36:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/04/11 14:36:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/04/10 08:14:32 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/04/10 08:14:31 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/04/10 08:14:31 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/04/10 08:14:28 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/04/10 08:14:26 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/08/25 13:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 60 Days ==========
 
[2013/06/03 15:12:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/03 15:12:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/03 15:12:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/03 15:12:36 | 000,000,004 | ---- | M] () -- C:\Users\sven\AppData\Roaming\skype.ini
[2013/06/03 14:49:36 | 000,000,680 | ---- | M] () -- C:\Users\sven\AppData\Local\d3d9caps.dat
[2013/06/03 14:47:41 | 3179,921,408 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/05 10:29:02 | 000,000,912 | ---- | M] () -- C:\Users\sven\Desktop\Dokument.rtf
[2013/05/05 04:44:40 | 000,179,693 | ---- | M] () -- C:\Users\sven\Desktop\Einladung-Einladungskarten-Hochzeit-fhe%20(2).jpg
[2013/05/01 20:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/04/27 14:13:41 | 000,675,412 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/04/27 14:13:41 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/27 14:13:41 | 000,146,368 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/04/27 14:13:41 | 000,118,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/11 15:00:42 | 000,368,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013/05/07 04:04:01 | 000,000,004 | ---- | C] () -- C:\Users\sven\AppData\Roaming\skype.ini
[2013/05/05 10:29:02 | 000,000,912 | ---- | C] () -- C:\Users\sven\Desktop\Dokument.rtf
[2013/05/05 10:12:54 | 000,179,693 | ---- | C] () -- C:\Users\sven\Desktop\Einladung-Einladungskarten-Hochzeit-fhe%20(2).jpg
[2012/03/14 23:29:18 | 000,000,680 | ---- | C] () -- C:\Users\sven\AppData\Local\d3d9caps.dat
[2012/01/11 12:57:48 | 000,110,592 | ---- | C] () -- C:\Users\sven\AppData\Roaming\skype.dat
[2011/12/31 10:37:40 | 000,007,680 | ---- | C] () -- C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/12 06:32:47 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/08/25 14:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 14:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 14:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 13:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 13:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 13:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009/08/22 14:13:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/22 14:13:21 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/03/31 08:55:13 | 000,001,007 | ---- | C] () -- C:\Windows\Mobile Partner Manager.INI
[2009/01/02 03:06:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/02 02:27:20 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2009/01/02 02:26:25 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2009/01/02 02:26:25 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2009/01/02 02:18:23 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe
[2009/01/02 02:18:23 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe
[2009/01/02 02:18:07 | 000,004,860 | ---- | C] () -- C:\Windows\HotFixList.ini
[2009/01/02 01:59:29 | 000,675,412 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009/01/02 01:59:29 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009/01/02 01:59:29 | 000,146,368 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009/01/02 01:59:29 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009/01/02 01:51:14 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/01/02 01:51:04 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1540.dll
[2009/01/02 01:51:03 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/02/09 12:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe
[2007/02/26 03:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,368,568 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,633,886 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,118,772 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/13 23:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2011/09/29 14:46:53 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\DVDVideoSoft
[2011/09/29 14:46:28 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/07/28 14:44:04 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\ICQ
[2011/06/21 14:30:58 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\Qiyl
[2012/12/29 13:05:12 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\RavensburgerTipToi
[2011/06/21 14:25:19 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\Wyul
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009/11/17 10:13:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/03/31 09:26:59 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2013/03/31 03:09:22 | 000,000,000 | ---D | M] -- C:\ProgramData\RavensburgerTipToi
[2009/01/02 02:19:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/01/02 02:46:59 | 000,000,000 | ---D | M] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2013/06/03 15:12:45 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/16 08:56:54 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{27DB8BB8-9817-4932-A2CA-332B0EECBCA5}.job
 
========== Purity Check ==========
 
 
< End of report >
         

Alt 03.06.2013, 22:20   #2
markusg
/// Malware-holic
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



Hi,
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
O20 - HKU\sven_ON_C Winlogon: Shell - (C:\Users\sven\AppData\Roaming\skype.dat) - C:\Users\sven\AppData\Roaming\skype.dat ()
[2013/06/03 15:12:36 | 000,000,004 | ---- | M] () -- C:\Users\sven\AppData\Roaming\skype.ini
:Files
:Commands
[EMPTYFLASH] 
[emptytemp]
         


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________

__________________

Alt 03.06.2013, 22:27   #3
charlien
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



bei Versuch die fix aus zu wählen erhalte ich

Access Violtion at adress 7CA=C936 in module "shell32dll". read of adress 00000006



und dann friert alles alles außer maus ein....rechtsklick beenden geht, erhalte dann die Meldung "this progra is not responding"
__________________

Alt 03.06.2013, 22:27   #4
markusg
/// Malware-holic
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



dann halt manuell eintragen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.06.2013, 22:32   #5
charlien
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



manche Anleitung sagt ich soll den haken bei all users entfernen, andere drin lassen. Hab ihn drin gelassen

ich editiere hier (außer neues post deinerseits kommt dazu) sobald ich es per Hand geschafft hab. Der Fehler violation kommt erst bei der LW Auswahl

EDIT

ich bekam die Datei 06042013_023642.log
der Rechner startete nicht neu


Code:
ATTFilter
========== OTL ==========
Registry value HKEY_USERS\sven_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\sven\AppData\Roaming\skype.dat deleted successfully.
C:\Users\sven\AppData\Roaming\skype.dat moved successfully.
C:\Users\sven\AppData\Roaming\skype.ini moved successfully.
========== FILES ==========
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 400807 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: sven
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: sven
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 140278654 bytes
 
Total Files Cleaned = 134.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 06042013_023642
         


Geändert von charlien (03.06.2013 um 22:41 Uhr)

Alt 03.06.2013, 22:41   #6
markusg
/// Malware-holic
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



du musst ja kein laufwerk eauswählen, wenn du das script, nach otl start einträgst.
__________________
--> weißer Bildschrim nach User Login unter Windows 7

Alt 03.06.2013, 22:44   #7
charlien
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



so log siehe oben, die Datei gezippt und hoch geladen, aber irgendwie sehe ich die hier im Thema nicht.. ?

Zitat:
Datei: MovedFiles.zip_1 empfangen

Vorgang erfolgreich abgeschlossen.
wegen "wenn du das script, nach otl start einträgst." verstehe leider nicht was du meinst
hab copy paste gemacht, dies funktionierte dann nach ein paar Versuchen.

EDIT
ich weiß nicht wie lange der PC den Fehler hat, die letzten geänderten Dateien scheinen von März zu sein, daher hab ich zur Sicherheit OTLPE nochmal mit 90 days eingestellt und gestartet

Code:
ATTFilter
OTL logfile created on: 6/4/2013 2:59:48 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109.88 Gb Total Space | 51.31 Gb Free Space | 46.69% Space Free | Partition Type: NTFS
Drive E: | 983.73 Mb Total Space | 419.89 Mb Free Space | 42.68% Space Free | Partition Type: FAT
Drive F: | 110.00 Gb Total Space | 100.78 Gb Free Space | 91.61% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/05/08 12:59:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012/05/08 12:59:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 12:59:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/07/29 14:26:02 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008/10/19 08:30:02 | 000,222,456 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/07/10 07:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/07/10 07:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/05/12 19:47:20 | 000,077,480 | ---- | M] () [Auto] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/16 04:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (VMC326)
DRV - File not found [Kernel | On_Demand] --  -- (VMC302)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2012/05/08 12:59:34 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 12:59:34 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/09/16 11:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2009/10/08 11:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/11/18 11:26:40 | 000,103,552 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\gtstusbser.sys -- (gtstusbser)
DRV - [2008/04/26 22:07:00 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007/05/23 04:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006/11/02 03:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C5 51 1F 09 92 7A CC 01  [binary data]
IE - HKU\sven_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\sven_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\sven_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\sven_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\sven_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
 
 
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\sven_ON_C..\Run: [{19E4F906-0FCA-6C68-0686-DA2B181F56B4}]  File not found
O4 - HKU\sven_ON_C..\Run: [4E3E0230AEBB4E96]  File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\sven_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/11/08 07:07:50 | 000,000,000 | ---D | M] - F:\auto -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2013/06/04 02:36:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/04/11 14:36:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/04/11 14:36:28 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/04/11 14:36:26 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/11 14:36:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/11 14:36:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/04/11 14:36:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/04/11 14:36:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/04/11 14:36:24 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/04/11 14:36:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/04/11 14:36:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/04/10 08:14:32 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/04/10 08:14:31 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/04/10 08:14:31 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/04/10 08:14:28 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/04/10 08:14:26 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/03/21 15:39:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/08/25 13:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 90 Days ==========
 
[2013/06/03 15:12:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/03 15:12:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/03 15:12:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/03 14:49:36 | 000,000,680 | ---- | M] () -- C:\Users\sven\AppData\Local\d3d9caps.dat
[2013/06/03 14:47:41 | 3179,921,408 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/05 10:29:02 | 000,000,912 | ---- | M] () -- C:\Users\sven\Desktop\Dokument.rtf
[2013/05/05 04:44:40 | 000,179,693 | ---- | M] () -- C:\Users\sven\Desktop\Einladung-Einladungskarten-Hochzeit-fhe%20(2).jpg
[2013/05/01 20:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/04/27 14:13:41 | 000,675,412 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/04/27 14:13:41 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/27 14:13:41 | 000,146,368 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/04/27 14:13:41 | 000,118,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/11 15:00:42 | 000,368,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/03/31 03:09:59 | 000,000,869 | ---- | M] () -- C:\Users\sven\Desktop\tiptoi.lnk
[2013/03/17 11:45:01 | 000,007,680 | ---- | M] () -- C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/17 11:41:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/11 09:25:50 | 003,603,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/03/11 09:25:50 | 003,551,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/03/08 23:45:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/03/07 23:53:50 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
 
========== Files Created - No Company Name ==========
 
[2013/05/05 10:29:02 | 000,000,912 | ---- | C] () -- C:\Users\sven\Desktop\Dokument.rtf
[2013/05/05 10:12:54 | 000,179,693 | ---- | C] () -- C:\Users\sven\Desktop\Einladung-Einladungskarten-Hochzeit-fhe%20(2).jpg
[2012/03/14 23:29:18 | 000,000,680 | ---- | C] () -- C:\Users\sven\AppData\Local\d3d9caps.dat
[2011/12/31 10:37:40 | 000,007,680 | ---- | C] () -- C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/12 06:32:47 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/08/25 14:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 14:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 14:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 13:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 13:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 13:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009/08/22 14:13:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/22 14:13:21 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/03/31 08:55:13 | 000,001,007 | ---- | C] () -- C:\Windows\Mobile Partner Manager.INI
[2009/01/02 03:06:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/02 02:27:20 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2009/01/02 02:26:25 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2009/01/02 02:26:25 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2009/01/02 02:18:23 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe
[2009/01/02 02:18:23 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe
[2009/01/02 02:18:07 | 000,004,860 | ---- | C] () -- C:\Windows\HotFixList.ini
[2009/01/02 01:59:29 | 000,675,412 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009/01/02 01:59:29 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009/01/02 01:59:29 | 000,146,368 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009/01/02 01:59:29 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009/01/02 01:51:14 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/01/02 01:51:04 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1540.dll
[2009/01/02 01:51:03 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/02/09 12:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe
[2007/02/26 03:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,368,568 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,633,886 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,118,772 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/13 23:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2011/09/29 14:46:53 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\DVDVideoSoft
[2011/09/29 14:46:28 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/07/28 14:44:04 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\ICQ
[2011/06/21 14:30:58 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\Qiyl
[2012/12/29 13:05:12 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\RavensburgerTipToi
[2011/06/21 14:25:19 | 000,000,000 | ---D | M] -- C:\Users\sven\AppData\Roaming\Wyul
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009/11/17 10:13:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/03/31 09:26:59 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2013/03/31 03:09:22 | 000,000,000 | ---D | M] -- C:\ProgramData\RavensburgerTipToi
[2009/01/02 02:19:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/03/30 15:12:29 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/01/02 02:46:59 | 000,000,000 | ---D | M] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2013/06/03 15:12:45 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/16 08:56:54 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{27DB8BB8-9817-4932-A2CA-332B0EECBCA5}.job
 
========== Purity Check ==========
 
 
< End of report >
         

Geändert von charlien (03.06.2013 um 23:02 Uhr)

Alt 04.06.2013, 00:09   #8
markusg
/// Malware-holic
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



wenn er wieder normal startet:
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.06.2013, 16:50   #9
charlien
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



Hallo Markus

schön von dir zu lesen, dachte schon gestern Nacht, das ich was falsch gemacht hab und du deshalb nicht weiter machen konntest, wartete geduldig vor dem PC bis mir die Augen zufielen.

Die Log ist zu groß für ein post, aber auch als Anhang
splitte Sie nun

Code:
ATTFilter
20:43:26.0158 2104  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:43:26.0174 2104  ============================================================
20:43:26.0174 2104  Current date / time: 2013/06/04 20:43:26.0174
20:43:26.0174 2104  SystemInfo:
20:43:26.0174 2104  
20:43:26.0174 2104  OS Version: 6.0.6002 ServicePack: 2.0
20:43:26.0174 2104  Product type: Workstation
20:43:26.0174 2104  ComputerName: SVEN-PC
20:43:26.0174 2104  UserName: sven
20:43:26.0174 2104  Windows directory: C:\Windows
20:43:26.0174 2104  System windows directory: C:\Windows
20:43:26.0174 2104  Processor architecture: Intel x86
20:43:26.0174 2104  Number of processors: 2
20:43:26.0174 2104  Page size: 0x1000
20:43:26.0174 2104  Boot type: Normal boot
20:43:26.0174 2104  ============================================================
20:43:26.0782 2104  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:43:26.0798 2104  Drive \Device\Harddisk2\DR2 - Size: 0x3D800000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:43:26.0798 2104  ============================================================
20:43:26.0798 2104  \Device\Harddisk0\DR0:
20:43:26.0798 2104  MBR partitions:
20:43:26.0798 2104  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0xDBC3800
20:43:26.0798 2104  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF5C4000, BlocksNum 0xDC01000
20:43:26.0798 2104  \Device\Harddisk2\DR2:
20:43:26.0798 2104  MBR partitions:
20:43:26.0798 2104  ============================================================
20:43:26.0829 2104  C: <-> \Device\Harddisk0\DR0\Partition1
20:43:26.0938 2104  D: <-> \Device\Harddisk0\DR0\Partition2
20:43:26.0938 2104  ============================================================
20:43:26.0938 2104  Initialize success
20:43:26.0938 2104  ============================================================
20:43:44.0207 1760  ============================================================
20:43:44.0207 1760  Scan started
20:43:44.0207 1760  Mode: Manual; SigCheck; TDLFS; 
20:43:44.0207 1760  ============================================================
20:43:44.0706 1760  ================ Scan system memory ========================
20:43:44.0706 1760  System memory - ok
20:43:44.0706 1760  ================ Scan services =============================
20:43:44.0894 1760  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:43:45.0003 1760  ACPI - ok
20:43:45.0065 1760  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:43:45.0112 1760  adp94xx - ok
20:43:45.0128 1760  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:43:45.0174 1760  adpahci - ok
20:43:45.0206 1760  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:43:45.0221 1760  adpu160m - ok
20:43:45.0268 1760  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:43:45.0284 1760  adpu320 - ok
20:43:45.0315 1760  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:43:45.0330 1760  AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning
20:43:45.0330 1760  AeLookupSvc - detected UnsignedFile.Multi.Generic (1)
20:43:45.0362 1760  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
20:43:45.0377 1760  AFD ( UnsignedFile.Multi.Generic ) - warning
20:43:45.0377 1760  AFD - detected UnsignedFile.Multi.Generic (1)
20:43:45.0408 1760  [ 5D97943C128ED756D1B0A08302C1B1F8 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
20:43:45.0518 1760  AgereSoftModem ( UnsignedFile.Multi.Generic ) - warning
20:43:45.0518 1760  AgereSoftModem - detected UnsignedFile.Multi.Generic (1)
20:43:45.0564 1760  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:43:45.0580 1760  agp440 - ok
20:43:45.0627 1760  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:43:45.0658 1760  aic78xx - ok
20:43:45.0674 1760  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
20:43:45.0689 1760  ALG ( UnsignedFile.Multi.Generic ) - warning
20:43:45.0689 1760  ALG - detected UnsignedFile.Multi.Generic (1)
20:43:45.0705 1760  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:43:45.0736 1760  aliide - ok
20:43:45.0752 1760  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:43:45.0767 1760  amdagp - ok
20:43:45.0798 1760  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:43:45.0814 1760  amdide - ok
20:43:45.0830 1760  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:43:45.0845 1760  AmdK7 ( UnsignedFile.Multi.Generic ) - warning
20:43:45.0845 1760  AmdK7 - detected UnsignedFile.Multi.Generic (1)
20:43:45.0876 1760  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:43:45.0876 1760  AmdK8 ( UnsignedFile.Multi.Generic ) - warning
20:43:45.0876 1760  AmdK8 - detected UnsignedFile.Multi.Generic (1)
20:43:46.0001 1760  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:43:46.0032 1760  AntiVirSchedulerService - ok
20:43:46.0079 1760  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:43:46.0110 1760  AntiVirService - ok
20:43:46.0126 1760  [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:43:46.0157 1760  AntiVirWebService - ok
20:43:46.0204 1760  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
20:43:46.0204 1760  Appinfo ( UnsignedFile.Multi.Generic ) - warning
20:43:46.0204 1760  Appinfo - detected UnsignedFile.Multi.Generic (1)
20:43:46.0266 1760  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
20:43:46.0313 1760  arc - ok
20:43:46.0344 1760  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:43:46.0391 1760  arcsas - ok
20:43:46.0422 1760  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:43:46.0438 1760  AsyncMac ( UnsignedFile.Multi.Generic ) - warning
20:43:46.0438 1760  AsyncMac - detected UnsignedFile.Multi.Generic (1)
20:43:46.0454 1760  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:43:46.0485 1760  atapi - ok
20:43:46.0532 1760  [ 600EFE56F37ADBD65A0FB076B50D1B8D ] athr            C:\Windows\system32\DRIVERS\athr.sys
20:43:46.0594 1760  athr ( UnsignedFile.Multi.Generic ) - warning
20:43:46.0594 1760  athr - detected UnsignedFile.Multi.Generic (1)
20:43:46.0625 1760  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:43:46.0641 1760  AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning
20:43:46.0641 1760  AudioEndpointBuilder - detected UnsignedFile.Multi.Generic (1)
20:43:46.0672 1760  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:43:46.0688 1760  Audiosrv ( UnsignedFile.Multi.Generic ) - warning
20:43:46.0688 1760  Audiosrv - detected UnsignedFile.Multi.Generic (1)
20:43:46.0719 1760  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:43:46.0750 1760  avgntflt - ok
20:43:46.0766 1760  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:43:46.0797 1760  avipbb - ok
20:43:46.0812 1760  [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:43:46.0844 1760  avkmgr - ok
20:43:46.0875 1760  [ 08015D34F6FDD0B355805BAD978497C3 ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
20:43:46.0890 1760  bcm4sbxp ( UnsignedFile.Multi.Generic ) - warning
20:43:46.0890 1760  bcm4sbxp - detected UnsignedFile.Multi.Generic (1)
20:43:46.0968 1760  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
20:43:46.0984 1760  BcmSqlStartupSvc - ok
20:43:47.0015 1760  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:43:47.0031 1760  Beep ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0031 1760  Beep - detected UnsignedFile.Multi.Generic (1)
20:43:47.0078 1760  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
20:43:47.0093 1760  BFE ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0093 1760  BFE - detected UnsignedFile.Multi.Generic (1)
20:43:47.0140 1760  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
20:43:47.0202 1760  BITS ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0202 1760  BITS - detected UnsignedFile.Multi.Generic (1)
20:43:47.0234 1760  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:43:47.0249 1760  blbdrive ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0249 1760  blbdrive - detected UnsignedFile.Multi.Generic (1)
20:43:47.0280 1760  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:43:47.0280 1760  bowser ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0280 1760  bowser - detected UnsignedFile.Multi.Generic (1)
20:43:47.0312 1760  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:43:47.0327 1760  BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0327 1760  BrFiltLo - detected UnsignedFile.Multi.Generic (1)
20:43:47.0343 1760  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:43:47.0358 1760  BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0358 1760  BrFiltUp - detected UnsignedFile.Multi.Generic (1)
20:43:47.0390 1760  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
20:43:47.0405 1760  Browser ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0405 1760  Browser - detected UnsignedFile.Multi.Generic (1)
20:43:47.0421 1760  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:43:47.0436 1760  Brserid ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0436 1760  Brserid - detected UnsignedFile.Multi.Generic (1)
20:43:47.0452 1760  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:43:47.0468 1760  BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0468 1760  BrSerWdm - detected UnsignedFile.Multi.Generic (1)
20:43:47.0483 1760  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:43:47.0499 1760  BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0499 1760  BrUsbMdm - detected UnsignedFile.Multi.Generic (1)
20:43:47.0514 1760  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:43:47.0514 1760  BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0514 1760  BrUsbSer - detected UnsignedFile.Multi.Generic (1)
20:43:47.0530 1760  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:43:47.0546 1760  BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0546 1760  BTHMODEM - detected UnsignedFile.Multi.Generic (1)
20:43:47.0655 1760  [ AA84638EB071A54FAEF41DA601D3DE1D ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
20:43:47.0670 1760  btwdins - ok
20:43:47.0686 1760  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:43:47.0702 1760  cdfs ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0702 1760  cdfs - detected UnsignedFile.Multi.Generic (1)
20:43:47.0733 1760  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:43:47.0733 1760  cdrom ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0733 1760  cdrom - detected UnsignedFile.Multi.Generic (1)
20:43:47.0780 1760  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:43:47.0780 1760  CertPropSvc ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0780 1760  CertPropSvc - detected UnsignedFile.Multi.Generic (1)
20:43:47.0811 1760  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
20:43:47.0811 1760  circlass ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0811 1760  circlass - detected UnsignedFile.Multi.Generic (1)
20:43:47.0842 1760  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
20:43:47.0889 1760  CLFS - ok
20:43:47.0920 1760  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:43:47.0951 1760  clr_optimization_v2.0.50727_32 - ok
20:43:47.0982 1760  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:43:47.0998 1760  CmBatt ( UnsignedFile.Multi.Generic ) - warning
20:43:47.0998 1760  CmBatt - detected UnsignedFile.Multi.Generic (1)
20:43:48.0014 1760  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:43:48.0029 1760  cmdide - ok
20:43:48.0045 1760  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:43:48.0060 1760  Compbatt - ok
20:43:48.0060 1760  COMSysApp - ok
20:43:48.0092 1760  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:43:48.0107 1760  crcdisk - ok
20:43:48.0107 1760  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:43:48.0123 1760  Crusoe ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0123 1760  Crusoe - detected UnsignedFile.Multi.Generic (1)
20:43:48.0170 1760  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:43:48.0170 1760  CryptSvc ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0170 1760  CryptSvc - detected UnsignedFile.Multi.Generic (1)
20:43:48.0216 1760  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:43:48.0263 1760  DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0263 1760  DcomLaunch - detected UnsignedFile.Multi.Generic (1)
20:43:48.0294 1760  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:43:48.0310 1760  DfsC ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0310 1760  DfsC - detected UnsignedFile.Multi.Generic (1)
20:43:48.0435 1760  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
20:43:48.0544 1760  DFSR ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0544 1760  DFSR - detected UnsignedFile.Multi.Generic (1)
20:43:48.0606 1760  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:43:48.0606 1760  Dhcp ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0606 1760  Dhcp - detected UnsignedFile.Multi.Generic (1)
20:43:48.0653 1760  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
20:43:48.0669 1760  disk - ok
20:43:48.0731 1760  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:43:48.0731 1760  Dnscache ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0731 1760  Dnscache - detected UnsignedFile.Multi.Generic (1)
20:43:48.0778 1760  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:43:48.0794 1760  dot3svc ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0794 1760  dot3svc - detected UnsignedFile.Multi.Generic (1)
20:43:48.0840 1760  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
20:43:48.0840 1760  DPS ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0840 1760  DPS - detected UnsignedFile.Multi.Generic (1)
20:43:48.0872 1760  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:43:48.0887 1760  drmkaud ( UnsignedFile.Multi.Generic ) - warning
20:43:48.0887 1760  drmkaud - detected UnsignedFile.Multi.Generic (1)
20:43:48.0965 1760  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:43:49.0012 1760  DXGKrnl - ok
20:43:49.0059 1760  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:43:49.0074 1760  E1G60 ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0074 1760  E1G60 - detected UnsignedFile.Multi.Generic (1)
20:43:49.0121 1760  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:43:49.0137 1760  EapHost ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0137 1760  EapHost - detected UnsignedFile.Multi.Generic (1)
20:43:49.0184 1760  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:43:49.0215 1760  Ecache - ok
20:43:49.0277 1760  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:43:49.0293 1760  ehRecvr ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0293 1760  ehRecvr - detected UnsignedFile.Multi.Generic (1)
20:43:49.0308 1760  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
20:43:49.0324 1760  ehSched ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0324 1760  ehSched - detected UnsignedFile.Multi.Generic (1)
20:43:49.0324 1760  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
20:43:49.0340 1760  ehstart ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0340 1760  ehstart - detected UnsignedFile.Multi.Generic (1)
20:43:49.0386 1760  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:43:49.0418 1760  elxstor - ok
20:43:49.0464 1760  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:43:49.0511 1760  EMDMgmt ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0511 1760  EMDMgmt - detected UnsignedFile.Multi.Generic (1)
20:43:49.0542 1760  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:43:49.0558 1760  ErrDev ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0558 1760  ErrDev - detected UnsignedFile.Multi.Generic (1)
20:43:49.0589 1760  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
20:43:49.0605 1760  EventSystem ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0605 1760  EventSystem - detected UnsignedFile.Multi.Generic (1)
20:43:49.0683 1760  [ 2D41D7250F73272946DE04FF7A19761E ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:43:49.0730 1760  EvtEng ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0730 1760  EvtEng - detected UnsignedFile.Multi.Generic (1)
20:43:49.0776 1760  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
20:43:49.0808 1760  exfat ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0808 1760  exfat - detected UnsignedFile.Multi.Generic (1)
20:43:49.0839 1760  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:43:49.0854 1760  fastfat ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0854 1760  fastfat - detected UnsignedFile.Multi.Generic (1)
20:43:49.0901 1760  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:43:49.0901 1760  fdc ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0901 1760  fdc - detected UnsignedFile.Multi.Generic (1)
20:43:49.0917 1760  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:43:49.0932 1760  fdPHost ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0932 1760  fdPHost - detected UnsignedFile.Multi.Generic (1)
20:43:49.0948 1760  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:43:49.0948 1760  FDResPub ( UnsignedFile.Multi.Generic ) - warning
20:43:49.0948 1760  FDResPub - detected UnsignedFile.Multi.Generic (1)
20:43:49.0979 1760  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:43:49.0995 1760  FileInfo - ok
20:43:50.0010 1760  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:43:50.0026 1760  Filetrace ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0026 1760  Filetrace - detected UnsignedFile.Multi.Generic (1)
20:43:50.0042 1760  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:43:50.0057 1760  flpydisk ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0057 1760  flpydisk - detected UnsignedFile.Multi.Generic (1)
20:43:50.0088 1760  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:43:50.0104 1760  FltMgr - ok
20:43:50.0166 1760  [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache       C:\Windows\system32\FntCache.dll
20:43:50.0213 1760  FontCache ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0213 1760  FontCache - detected UnsignedFile.Multi.Generic (1)
20:43:50.0276 1760  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:43:50.0291 1760  FontCache3.0.0.0 - ok
20:43:50.0338 1760  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:43:50.0354 1760  Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0354 1760  Fs_Rec - detected UnsignedFile.Multi.Generic (1)
20:43:50.0385 1760  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:43:50.0400 1760  gagp30kx - ok
20:43:50.0447 1760  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:43:50.0510 1760  gpsvc ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0510 1760  gpsvc - detected UnsignedFile.Multi.Generic (1)
20:43:50.0556 1760  [ B980D6F28324183C71D9BFFA9D022F52 ] gtstusbser      C:\Windows\system32\DRIVERS\gtstusbser.sys
20:43:50.0572 1760  gtstusbser ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0572 1760  gtstusbser - detected UnsignedFile.Multi.Generic (1)
20:43:50.0634 1760  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:43:50.0666 1760  HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0666 1760  HdAudAddService - detected UnsignedFile.Multi.Generic (1)
20:43:50.0697 1760  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:43:50.0728 1760  HDAudBus ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0728 1760  HDAudBus - detected UnsignedFile.Multi.Generic (1)
20:43:50.0759 1760  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:43:50.0759 1760  HidBth ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0759 1760  HidBth - detected UnsignedFile.Multi.Generic (1)
20:43:50.0775 1760  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:43:50.0790 1760  HidIr ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0790 1760  HidIr - detected UnsignedFile.Multi.Generic (1)
20:43:50.0822 1760  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
20:43:50.0822 1760  hidserv ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0822 1760  hidserv - detected UnsignedFile.Multi.Generic (1)
20:43:50.0853 1760  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:43:50.0868 1760  HidUsb ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0868 1760  HidUsb - detected UnsignedFile.Multi.Generic (1)
20:43:50.0900 1760  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:43:50.0900 1760  hkmsvc ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0900 1760  hkmsvc - detected UnsignedFile.Multi.Generic (1)
20:43:50.0915 1760  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:43:50.0931 1760  HpCISSs - ok
20:43:50.0978 1760  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:43:50.0993 1760  HTTP ( UnsignedFile.Multi.Generic ) - warning
20:43:50.0993 1760  HTTP - detected UnsignedFile.Multi.Generic (1)
20:43:51.0024 1760  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:43:51.0056 1760  i2omp - ok
20:43:51.0087 1760  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:43:51.0102 1760  i8042prt ( UnsignedFile.Multi.Generic ) - warning
20:43:51.0102 1760  i8042prt - detected UnsignedFile.Multi.Generic (1)
20:43:51.0368 1760  [ 8266AE06DF974E5BA047B3E9E9E70B3F ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:43:51.0789 1760  ialm ( UnsignedFile.Multi.Generic ) - warning
20:43:51.0789 1760  ialm - detected UnsignedFile.Multi.Generic (1)
20:43:51.0820 1760  [ ABFEBC5F846C71AFEBD7F8F6BA740C03 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:43:51.0851 1760  iaStor - ok
20:43:51.0867 1760  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:43:51.0914 1760  iaStorV - ok
20:43:51.0945 1760  [ A4E43A7AB1202356BEBEB6B798F15488 ] ICQ Service     C:\Program Files\ICQ6Toolbar\ICQ Service.exe
20:43:51.0960 1760  ICQ Service - ok
20:43:52.0023 1760  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:43:52.0116 1760  idsvc - ok
20:43:52.0413 1760  [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:43:52.0787 1760  igfx ( UnsignedFile.Multi.Generic ) - warning
20:43:52.0787 1760  igfx - detected UnsignedFile.Multi.Generic (1)
20:43:52.0803 1760  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:43:52.0818 1760  iirsp - ok
20:43:52.0865 1760  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:43:52.0881 1760  IKEEXT ( UnsignedFile.Multi.Generic ) - warning
20:43:52.0881 1760  IKEEXT - detected UnsignedFile.Multi.Generic (1)
20:43:52.0974 1760  [ FFD2B3BC042596ABE785D3C15F51AB46 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:43:53.0130 1760  IntcAzAudAddService - ok
20:43:53.0177 1760  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:43:53.0193 1760  intelide - ok
20:43:53.0240 1760  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:43:53.0240 1760  intelppm ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0240 1760  intelppm - detected UnsignedFile.Multi.Generic (1)
20:43:53.0271 1760  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:43:53.0271 1760  IPBusEnum ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0271 1760  IPBusEnum - detected UnsignedFile.Multi.Generic (1)
20:43:53.0302 1760  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:43:53.0318 1760  IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0318 1760  IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
20:43:53.0364 1760  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:43:53.0380 1760  iphlpsvc ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0380 1760  iphlpsvc - detected UnsignedFile.Multi.Generic (1)
20:43:53.0380 1760  IpInIp - ok
20:43:53.0411 1760  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:43:53.0427 1760  IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0427 1760  IPMIDRV - detected UnsignedFile.Multi.Generic (1)
20:43:53.0442 1760  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:43:53.0458 1760  IPNAT ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0458 1760  IPNAT - detected UnsignedFile.Multi.Generic (1)
20:43:53.0474 1760  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:43:53.0489 1760  IRENUM ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0489 1760  IRENUM - detected UnsignedFile.Multi.Generic (1)
20:43:53.0505 1760  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:43:53.0520 1760  isapnp - ok
20:43:53.0552 1760  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:43:53.0567 1760  iScsiPrt - ok
20:43:53.0583 1760  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:43:53.0614 1760  iteatapi - ok
20:43:53.0630 1760  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:43:53.0645 1760  iteraid - ok
20:43:53.0676 1760  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:43:53.0692 1760  kbdclass - ok
20:43:53.0723 1760  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:43:53.0739 1760  kbdhid ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0739 1760  kbdhid - detected UnsignedFile.Multi.Generic (1)
20:43:53.0754 1760  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
20:43:53.0770 1760  KeyIso ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0770 1760  KeyIso - detected UnsignedFile.Multi.Generic (1)
20:43:53.0786 1760  [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO       C:\Windows\system32\DRIVERS\kmdfmemio.sys
20:43:53.0801 1760  KMDFMEMIO ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0801 1760  KMDFMEMIO - detected UnsignedFile.Multi.Generic (1)
20:43:53.0832 1760  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:43:53.0864 1760  KSecDD - ok
20:43:53.0895 1760  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:43:53.0942 1760  KtmRm ( UnsignedFile.Multi.Generic ) - warning
20:43:53.0942 1760  KtmRm - detected UnsignedFile.Multi.Generic (1)
20:43:53.0988 1760  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:43:54.0004 1760  LanmanServer ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0004 1760  LanmanServer - detected UnsignedFile.Multi.Generic (1)
20:43:54.0020 1760  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:43:54.0035 1760  LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0035 1760  LanmanWorkstation - detected UnsignedFile.Multi.Generic (1)
20:43:54.0082 1760  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:43:54.0082 1760  lltdio ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0082 1760  lltdio - detected UnsignedFile.Multi.Generic (1)
20:43:54.0113 1760  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:43:54.0144 1760  lltdsvc ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0144 1760  lltdsvc - detected UnsignedFile.Multi.Generic (1)
20:43:54.0160 1760  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:43:54.0160 1760  lmhosts ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0160 1760  lmhosts - detected UnsignedFile.Multi.Generic (1)
20:43:54.0191 1760  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:43:54.0207 1760  LSI_FC - ok
20:43:54.0222 1760  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:43:54.0254 1760  LSI_SAS - ok
20:43:54.0269 1760  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:43:54.0285 1760  LSI_SCSI - ok
20:43:54.0316 1760  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
20:43:54.0316 1760  luafv ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0316 1760  luafv - detected UnsignedFile.Multi.Generic (1)
20:43:54.0347 1760  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:43:54.0347 1760  Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0347 1760  Mcx2Svc - detected UnsignedFile.Multi.Generic (1)
20:43:54.0378 1760  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:43:54.0394 1760  megasas - ok
20:43:54.0425 1760  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:43:54.0472 1760  MegaSR - ok
20:43:54.0503 1760  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
20:43:54.0519 1760  MMCSS ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0519 1760  MMCSS - detected UnsignedFile.Multi.Generic (1)
20:43:54.0534 1760  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
20:43:54.0550 1760  Modem ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0550 1760  Modem - detected UnsignedFile.Multi.Generic (1)
20:43:54.0566 1760  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:43:54.0566 1760  monitor ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0566 1760  monitor - detected UnsignedFile.Multi.Generic (1)
20:43:54.0581 1760  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:43:54.0597 1760  mouclass - ok
20:43:54.0612 1760  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:43:54.0628 1760  mouhid ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0628 1760  mouhid - detected UnsignedFile.Multi.Generic (1)
20:43:54.0644 1760  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:43:54.0659 1760  MountMgr - ok
20:43:54.0690 1760  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:43:54.0706 1760  mpio - ok
20:43:54.0722 1760  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:43:54.0737 1760  mpsdrv ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0737 1760  mpsdrv - detected UnsignedFile.Multi.Generic (1)
20:43:54.0768 1760  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:43:54.0784 1760  MpsSvc ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0784 1760  MpsSvc - detected UnsignedFile.Multi.Generic (1)
20:43:54.0831 1760  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:43:54.0846 1760  Mraid35x - ok
20:43:54.0878 1760  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:43:54.0878 1760  MRxDAV ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0878 1760  MRxDAV - detected UnsignedFile.Multi.Generic (1)
20:43:54.0909 1760  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:43:54.0924 1760  mrxsmb ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0924 1760  mrxsmb - detected UnsignedFile.Multi.Generic (1)
20:43:54.0956 1760  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:43:54.0987 1760  mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
20:43:54.0987 1760  mrxsmb10 - detected UnsignedFile.Multi.Generic (1)
20:43:55.0002 1760  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:43:55.0018 1760  mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0018 1760  mrxsmb20 - detected UnsignedFile.Multi.Generic (1)
20:43:55.0034 1760  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
20:43:55.0049 1760  msahci - ok
20:43:55.0065 1760  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:43:55.0080 1760  msdsm - ok
20:43:55.0096 1760  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
20:43:55.0096 1760  MSDTC ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0096 1760  MSDTC - detected UnsignedFile.Multi.Generic (1)
20:43:55.0112 1760  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:43:55.0127 1760  Msfs ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0127 1760  Msfs - detected UnsignedFile.Multi.Generic (1)
20:43:55.0158 1760  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:43:55.0174 1760  msisadrv - ok
20:43:55.0205 1760  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:43:55.0236 1760  MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0236 1760  MSiSCSI - detected UnsignedFile.Multi.Generic (1)
20:43:55.0236 1760  msiserver - ok
20:43:55.0283 1760  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:43:55.0283 1760  MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0283 1760  MSKSSRV - detected UnsignedFile.Multi.Generic (1)
20:43:55.0314 1760  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:43:55.0330 1760  MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0330 1760  MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
20:43:55.0361 1760  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:43:55.0377 1760  MSPQM ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0377 1760  MSPQM - detected UnsignedFile.Multi.Generic (1)
20:43:55.0424 1760  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:43:55.0439 1760  MsRPC - ok
20:43:55.0455 1760  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:43:55.0470 1760  mssmbios - ok
20:43:55.0517 1760  MSSQL$MSSMLBIZ - ok
20:43:55.0564 1760  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:43:55.0580 1760  MSSQLServerADHelper - ok
20:43:55.0611 1760  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:43:55.0626 1760  MSTEE ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0626 1760  MSTEE - detected UnsignedFile.Multi.Generic (1)
20:43:55.0642 1760  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:43:55.0658 1760  Mup - ok
20:43:55.0704 1760  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
20:43:55.0720 1760  napagent ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0720 1760  napagent - detected UnsignedFile.Multi.Generic (1)
20:43:55.0751 1760  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:43:55.0751 1760  NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0751 1760  NativeWifiP - detected UnsignedFile.Multi.Generic (1)
20:43:55.0798 1760  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:43:55.0814 1760  NDIS - ok
20:43:55.0845 1760  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:43:55.0860 1760  NdisTapi ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0860 1760  NdisTapi - detected UnsignedFile.Multi.Generic (1)
20:43:55.0876 1760  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:43:55.0892 1760  Ndisuio ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0892 1760  Ndisuio - detected UnsignedFile.Multi.Generic (1)
20:43:55.0938 1760  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:43:55.0954 1760  NdisWan ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0954 1760  NdisWan - detected UnsignedFile.Multi.Generic (1)
20:43:55.0970 1760  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:43:55.0970 1760  NDProxy ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0970 1760  NDProxy - detected UnsignedFile.Multi.Generic (1)
20:43:55.0985 1760  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:43:55.0985 1760  NetBIOS ( UnsignedFile.Multi.Generic ) - warning
20:43:55.0985 1760  NetBIOS - detected UnsignedFile.Multi.Generic (1)
20:43:56.0016 1760  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:43:56.0032 1760  netbt ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0048 1760  netbt - detected UnsignedFile.Multi.Generic (1)
20:43:56.0048 1760  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
20:43:56.0063 1760  Netlogon ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0063 1760  Netlogon - detected UnsignedFile.Multi.Generic (1)
20:43:56.0094 1760  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
20:43:56.0110 1760  Netman ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0110 1760  Netman - detected UnsignedFile.Multi.Generic (1)
20:43:56.0126 1760  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
20:43:56.0141 1760  netprofm ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0141 1760  netprofm - detected UnsignedFile.Multi.Generic (1)
20:43:56.0172 1760  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:43:56.0188 1760  NetTcpPortSharing - ok
20:43:56.0282 1760  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
20:43:56.0500 1760  NETw3v32 ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0500 1760  NETw3v32 - detected UnsignedFile.Multi.Generic (1)
20:43:56.0547 1760  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:43:56.0562 1760  nfrd960 - ok
20:43:56.0594 1760  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:43:56.0609 1760  NlaSvc ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0609 1760  NlaSvc - detected UnsignedFile.Multi.Generic (1)
20:43:56.0640 1760  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:43:56.0640 1760  Npfs ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0640 1760  Npfs - detected UnsignedFile.Multi.Generic (1)
20:43:56.0672 1760  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
20:43:56.0672 1760  nsi ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0672 1760  nsi - detected UnsignedFile.Multi.Generic (1)
20:43:56.0687 1760  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:43:56.0703 1760  nsiproxy ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0703 1760  nsiproxy - detected UnsignedFile.Multi.Generic (1)
20:43:56.0765 1760  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:43:56.0843 1760  Ntfs - ok
20:43:56.0859 1760  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:43:56.0874 1760  ntrigdigi ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0874 1760  ntrigdigi - detected UnsignedFile.Multi.Generic (1)
20:43:56.0890 1760  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
20:43:56.0906 1760  Null ( UnsignedFile.Multi.Generic ) - warning
20:43:56.0906 1760  Null - detected UnsignedFile.Multi.Generic (1)
20:43:56.0921 1760  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:43:56.0937 1760  nvraid - ok
20:43:56.0952 1760  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:43:56.0968 1760  nvstor - ok
20:43:56.0984 1760  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:43:56.0999 1760  nv_agp - ok
20:43:56.0999 1760  NwlnkFlt - ok
20:43:56.0999 1760  NwlnkFwd - ok
20:43:57.0108 1760  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:43:57.0140 1760  odserv - ok
20:43:57.0171 1760  [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:43:57.0186 1760  ohci1394 ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0186 1760  ohci1394 - detected UnsignedFile.Multi.Generic (1)
20:43:57.0218 1760  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:43:57.0233 1760  ose - ok
20:43:57.0264 1760  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:43:57.0311 1760  p2pimsvc ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0311 1760  p2pimsvc - detected UnsignedFile.Multi.Generic (1)
20:43:57.0327 1760  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:43:57.0358 1760  p2psvc ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0358 1760  p2psvc - detected UnsignedFile.Multi.Generic (1)
20:43:57.0389 1760  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
20:43:57.0389 1760  Parport ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0389 1760  Parport - detected UnsignedFile.Multi.Generic (1)
20:43:57.0420 1760  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:43:57.0436 1760  partmgr - ok
20:43:57.0452 1760  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:43:57.0467 1760  Parvdm ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0467 1760  Parvdm - detected UnsignedFile.Multi.Generic (1)
20:43:57.0498 1760  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:43:57.0498 1760  PcaSvc ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0498 1760  PcaSvc - detected UnsignedFile.Multi.Generic (1)
20:43:57.0530 1760  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
20:43:57.0545 1760  pci - ok
20:43:57.0561 1760  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
20:43:57.0576 1760  pciide - ok
20:43:57.0608 1760  [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:43:57.0639 1760  pcmcia - ok
20:43:57.0686 1760  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:43:57.0748 1760  PEAUTH ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0748 1760  PEAUTH - detected UnsignedFile.Multi.Generic (1)
20:43:57.0810 1760  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
20:43:57.0888 1760  pla ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0888 1760  pla - detected UnsignedFile.Multi.Generic (1)
20:43:57.0935 1760  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:43:57.0935 1760  PlugPlay ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0951 1760  PlugPlay - detected UnsignedFile.Multi.Generic (1)
20:43:57.0966 1760  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:43:57.0998 1760  PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning
20:43:57.0998 1760  PNRPAutoReg - detected UnsignedFile.Multi.Generic (1)
20:43:58.0029 1760  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:43:58.0044 1760  PNRPsvc ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0044 1760  PNRPsvc - detected UnsignedFile.Multi.Generic (1)
20:43:58.0091 1760  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:43:58.0122 1760  PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0122 1760  PolicyAgent - detected UnsignedFile.Multi.Generic (1)
20:43:58.0138 1760  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:43:58.0154 1760  PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0154 1760  PptpMiniport - detected UnsignedFile.Multi.Generic (1)
20:43:58.0185 1760  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
20:43:58.0200 1760  Processor ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0200 1760  Processor - detected UnsignedFile.Multi.Generic (1)
20:43:58.0216 1760  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:43:58.0232 1760  ProfSvc ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0232 1760  ProfSvc - detected UnsignedFile.Multi.Generic (1)
20:43:58.0247 1760  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:43:58.0263 1760  ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0263 1760  ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
20:43:58.0294 1760  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:43:58.0294 1760  PSched ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0294 1760  PSched - detected UnsignedFile.Multi.Generic (1)
20:43:58.0356 1760  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:43:58.0481 1760  ql2300 - ok
20:43:58.0497 1760  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:43:58.0512 1760  ql40xx - ok
20:43:58.0559 1760  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
20:43:58.0575 1760  QWAVE ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0575 1760  QWAVE - detected UnsignedFile.Multi.Generic (1)
20:43:58.0575 1760  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:43:58.0590 1760  QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0590 1760  QWAVEdrv - detected UnsignedFile.Multi.Generic (1)
20:43:58.0606 1760  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:43:58.0622 1760  RasAcd ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0622 1760  RasAcd - detected UnsignedFile.Multi.Generic (1)
20:43:58.0637 1760  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
20:43:58.0653 1760  RasAuto ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0653 1760  RasAuto - detected UnsignedFile.Multi.Generic (1)
20:43:58.0653 1760  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:43:58.0668 1760  Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0668 1760  Rasl2tp - detected UnsignedFile.Multi.Generic (1)
20:43:58.0700 1760  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
20:43:58.0715 1760  RasMan ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0715 1760  RasMan - detected UnsignedFile.Multi.Generic (1)
20:43:58.0746 1760  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:43:58.0746 1760  RasPppoe ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0746 1760  RasPppoe - detected UnsignedFile.Multi.Generic (1)
20:43:58.0793 1760  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:43:58.0793 1760  RasSstp ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0793 1760  RasSstp - detected UnsignedFile.Multi.Generic (1)
20:43:58.0824 1760  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:43:58.0840 1760  rdbss ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0840 1760  rdbss - detected UnsignedFile.Multi.Generic (1)
20:43:58.0871 1760  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:43:58.0887 1760  RDPCDD ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0887 1760  RDPCDD - detected UnsignedFile.Multi.Generic (1)
20:43:58.0902 1760  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:43:58.0934 1760  rdpdr ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0934 1760  rdpdr - detected UnsignedFile.Multi.Generic (1)
20:43:58.0934 1760  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:43:58.0949 1760  RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0949 1760  RDPENCDD - detected UnsignedFile.Multi.Generic (1)
20:43:58.0980 1760  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:43:58.0996 1760  RDPWD ( UnsignedFile.Multi.Generic ) - warning
20:43:58.0996 1760  RDPWD - detected UnsignedFile.Multi.Generic (1)
20:43:59.0058 1760  [ ED8C9F16E10C1E4C4C5D16CD04966E24 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:43:59.0074 1760  RegSrvc ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0074 1760  RegSrvc - detected UnsignedFile.Multi.Generic (1)
20:43:59.0121 1760  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:43:59.0136 1760  RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0136 1760  RemoteAccess - detected UnsignedFile.Multi.Generic (1)
20:43:59.0168 1760  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:43:59.0168 1760  RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0168 1760  RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
20:43:59.0199 1760  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
20:43:59.0199 1760  RpcLocator ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0199 1760  RpcLocator - detected UnsignedFile.Multi.Generic (1)
20:43:59.0230 1760  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
20:43:59.0246 1760  RpcSs ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0246 1760  RpcSs - detected UnsignedFile.Multi.Generic (1)
20:43:59.0292 1760  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:43:59.0292 1760  rspndr ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0292 1760  rspndr - detected UnsignedFile.Multi.Generic (1)
20:43:59.0339 1760  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
20:43:59.0355 1760  SamSs ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0355 1760  SamSs - detected UnsignedFile.Multi.Generic (1)
20:43:59.0433 1760  [ A9D840FA78F65857EB554229914F855C ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
20:43:59.0448 1760  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0448 1760  Samsung Update Plus - detected UnsignedFile.Multi.Generic (1)
20:43:59.0480 1760  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:43:59.0495 1760  sbp2port - ok
20:43:59.0526 1760  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:43:59.0542 1760  SCardSvr ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0542 1760  SCardSvr - detected UnsignedFile.Multi.Generic (1)
20:43:59.0589 1760  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
20:43:59.0636 1760  Schedule ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0636 1760  Schedule - detected UnsignedFile.Multi.Generic (1)
20:43:59.0682 1760  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:43:59.0682 1760  SCPolicySvc ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0682 1760  SCPolicySvc - detected UnsignedFile.Multi.Generic (1)
20:43:59.0714 1760  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:43:59.0729 1760  sdbus ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0729 1760  sdbus - detected UnsignedFile.Multi.Generic (1)
20:43:59.0760 1760  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:43:59.0776 1760  SDRSVC ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0776 1760  SDRSVC - detected UnsignedFile.Multi.Generic (1)
20:43:59.0792 1760  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:43:59.0792 1760  secdrv ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0792 1760  secdrv - detected UnsignedFile.Multi.Generic (1)
20:43:59.0823 1760  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
20:43:59.0823 1760  seclogon ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0823 1760  seclogon - detected UnsignedFile.Multi.Generic (1)
20:43:59.0854 1760  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
20:43:59.0854 1760  SENS ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0854 1760  SENS - detected UnsignedFile.Multi.Generic (1)
20:43:59.0870 1760  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:43:59.0885 1760  Serenum ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0885 1760  Serenum - detected UnsignedFile.Multi.Generic (1)
20:43:59.0916 1760  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
20:43:59.0932 1760  Serial ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0932 1760  Serial - detected UnsignedFile.Multi.Generic (1)
20:43:59.0963 1760  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:43:59.0979 1760  sermouse ( UnsignedFile.Multi.Generic ) - warning
20:43:59.0979 1760  sermouse - detected UnsignedFile.Multi.Generic (1)
20:44:00.0010 1760  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:44:00.0026 1760  SessionEnv ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0026 1760  SessionEnv - detected UnsignedFile.Multi.Generic (1)
20:44:00.0041 1760  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:44:00.0057 1760  sffdisk ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0057 1760  sffdisk - detected UnsignedFile.Multi.Generic (1)
20:44:00.0072 1760  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:44:00.0088 1760  sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0088 1760  sffp_mmc - detected UnsignedFile.Multi.Generic (1)
20:44:00.0104 1760  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:44:00.0119 1760  sffp_sd ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0119 1760  sffp_sd - detected UnsignedFile.Multi.Generic (1)
20:44:00.0135 1760  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:44:00.0150 1760  sfloppy ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0150 1760  sfloppy - detected UnsignedFile.Multi.Generic (1)
20:44:00.0182 1760  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:44:00.0197 1760  SharedAccess ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0197 1760  SharedAccess - detected UnsignedFile.Multi.Generic (1)
20:44:00.0228 1760  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:44:00.0244 1760  ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0244 1760  ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
20:44:00.0260 1760  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:44:00.0275 1760  sisagp - ok
20:44:00.0291 1760  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:44:00.0306 1760  SiSRaid2 - ok
20:44:00.0322 1760  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:44:00.0353 1760  SiSRaid4 - ok
20:44:00.0462 1760  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
20:44:00.0634 1760  slsvc ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0634 1760  slsvc - detected UnsignedFile.Multi.Generic (1)
20:44:00.0665 1760  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:44:00.0681 1760  SLUINotify ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0681 1760  SLUINotify - detected UnsignedFile.Multi.Generic (1)
20:44:00.0712 1760  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:44:00.0728 1760  Smb ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0728 1760  Smb - detected UnsignedFile.Multi.Generic (1)
20:44:00.0759 1760  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:44:00.0759 1760  SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0774 1760  SNMPTRAP - detected UnsignedFile.Multi.Generic (1)
20:44:00.0774 1760  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
20:44:00.0790 1760  spldr - ok
20:44:00.0821 1760  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
20:44:00.0837 1760  Spooler ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0837 1760  Spooler - detected UnsignedFile.Multi.Generic (1)
20:44:00.0868 1760  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:44:00.0884 1760  SQLBrowser - ok
20:44:00.0915 1760  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:44:00.0930 1760  SQLWriter - ok
20:44:00.0946 1760  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:44:00.0962 1760  srv ( UnsignedFile.Multi.Generic ) - warning
20:44:00.0962 1760  srv - detected UnsignedFile.Multi.Generic (1)
20:44:00.0993 1760  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:44:01.0008 1760  srv2 ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0008 1760  srv2 - detected UnsignedFile.Multi.Generic (1)
20:44:01.0040 1760  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:44:01.0055 1760  srvnet ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0055 1760  srvnet - detected UnsignedFile.Multi.Generic (1)
20:44:01.0086 1760  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:44:01.0086 1760  SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0086 1760  SSDPSRV - detected UnsignedFile.Multi.Generic (1)
20:44:01.0118 1760  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
20:44:01.0133 1760  ssmdrv - ok
20:44:01.0149 1760  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:44:01.0164 1760  SstpSvc ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0164 1760  SstpSvc - detected UnsignedFile.Multi.Generic (1)
20:44:01.0180 1760  Steam Client Service - ok
20:44:01.0227 1760  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
20:44:01.0242 1760  stisvc ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0242 1760  stisvc - detected UnsignedFile.Multi.Generic (1)
20:44:01.0289 1760  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:44:01.0305 1760  swenum - ok
20:44:01.0320 1760  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
20:44:01.0336 1760  swprv ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0336 1760  swprv - detected UnsignedFile.Multi.Generic (1)
20:44:01.0367 1760  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:44:01.0367 1760  Symc8xx - ok
20:44:01.0398 1760  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:44:01.0414 1760  Sym_hi - ok
20:44:01.0445 1760  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:44:01.0461 1760  Sym_u3 - ok
20:44:01.0492 1760  [ 451E8037E2EB6DA6BDF0A66F65D1810B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:44:01.0523 1760  SynTP - ok
20:44:01.0570 1760  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
20:44:01.0601 1760  SysMain ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0601 1760  SysMain - detected UnsignedFile.Multi.Generic (1)
20:44:01.0648 1760  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:44:01.0648 1760  TabletInputService ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0648 1760  TabletInputService - detected UnsignedFile.Multi.Generic (1)
20:44:01.0679 1760  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:44:01.0695 1760  TapiSrv ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0695 1760  TapiSrv - detected UnsignedFile.Multi.Generic (1)
20:44:01.0710 1760  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
20:44:01.0710 1760  TBS ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0710 1760  TBS - detected UnsignedFile.Multi.Generic (1)
20:44:01.0773 1760  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:44:01.0851 1760  Tcpip - ok
20:44:01.0866 1760  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:44:01.0913 1760  Tcpip6 - ok
20:44:01.0960 1760  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:44:01.0960 1760  tcpipreg ( UnsignedFile.Multi.Generic ) - warning
20:44:01.0960 1760  tcpipreg - detected UnsignedFile.Multi.Generic (1)
20:44:02.0007 1760  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:44:02.0007 1760  TDPIPE ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0007 1760  TDPIPE - detected UnsignedFile.Multi.Generic (1)
20:44:02.0022 1760  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:44:02.0038 1760  TDTCP ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0038 1760  TDTCP - detected UnsignedFile.Multi.Generic (1)
20:44:02.0069 1760  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:44:02.0085 1760  tdx ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0085 1760  tdx - detected UnsignedFile.Multi.Generic (1)
20:44:02.0100 1760  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:44:02.0116 1760  TermDD - ok
20:44:02.0132 1760  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
20:44:02.0147 1760  TermService ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0147 1760  TermService - detected UnsignedFile.Multi.Generic (1)
20:44:02.0178 1760  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
20:44:02.0194 1760  Themes ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0194 1760  Themes - detected UnsignedFile.Multi.Generic (1)
20:44:02.0194 1760  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:44:02.0210 1760  THREADORDER ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0210 1760  THREADORDER - detected UnsignedFile.Multi.Generic (1)
20:44:02.0241 1760  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
20:44:02.0256 1760  TrkWks ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0256 1760  TrkWks - detected UnsignedFile.Multi.Generic (1)
20:44:02.0303 1760  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:44:02.0303 1760  TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0303 1760  TrustedInstaller - detected UnsignedFile.Multi.Generic (1)
20:44:02.0350 1760  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:44:02.0350 1760  tssecsrv ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0350 1760  tssecsrv - detected UnsignedFile.Multi.Generic (1)
20:44:02.0381 1760  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:44:02.0381 1760  tunmp ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0381 1760  tunmp - detected UnsignedFile.Multi.Generic (1)
20:44:02.0412 1760  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:44:02.0428 1760  tunnel ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0428 1760  tunnel - detected UnsignedFile.Multi.Generic (1)
20:44:02.0444 1760  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:44:02.0459 1760  uagp35 - ok
20:44:02.0475 1760  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:44:02.0490 1760  udfs ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0490 1760  udfs - detected UnsignedFile.Multi.Generic (1)
20:44:02.0537 1760  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:44:02.0537 1760  UI0Detect ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0537 1760  UI0Detect - detected UnsignedFile.Multi.Generic (1)
20:44:02.0568 1760  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:44:02.0584 1760  uliagpkx - ok
20:44:02.0615 1760  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:44:02.0631 1760  uliahci - ok
20:44:02.0662 1760  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:44:02.0693 1760  UlSata - ok
20:44:02.0724 1760  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:44:02.0740 1760  ulsata2 - ok
20:44:02.0771 1760  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:44:02.0771 1760  umbus ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0771 1760  umbus - detected UnsignedFile.Multi.Generic (1)
20:44:02.0787 1760  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
20:44:02.0802 1760  upnphost ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0802 1760  upnphost - detected UnsignedFile.Multi.Generic (1)
20:44:02.0849 1760  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:44:02.0865 1760  usbaudio ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0865 1760  usbaudio - detected UnsignedFile.Multi.Generic (1)
20:44:02.0896 1760  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:44:02.0912 1760  usbccgp ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0912 1760  usbccgp - detected UnsignedFile.Multi.Generic (1)
20:44:02.0943 1760  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:44:02.0958 1760  usbcir ( UnsignedFile.Multi.Generic ) - warning
20:44:02.0958 1760  usbcir - detected UnsignedFile.Multi.Generic (1)
20:44:02.0990 1760  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:44:03.0005 1760  usbehci ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0005 1760  usbehci - detected UnsignedFile.Multi.Generic (1)
20:44:03.0021 1760  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:44:03.0052 1760  usbhub ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0052 1760  usbhub - detected UnsignedFile.Multi.Generic (1)
20:44:03.0068 1760  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:44:03.0083 1760  usbohci ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0083 1760  usbohci - detected UnsignedFile.Multi.Generic (1)
20:44:03.0099 1760  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:44:03.0099 1760  usbprint ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0099 1760  usbprint - detected UnsignedFile.Multi.Generic (1)
20:44:03.0130 1760  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:44:03.0146 1760  USBSTOR ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0146 1760  USBSTOR - detected UnsignedFile.Multi.Generic (1)
20:44:03.0161 1760  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:44:03.0161 1760  usbuhci ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0161 1760  usbuhci - detected UnsignedFile.Multi.Generic (1)
20:44:03.0208 1760  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:44:03.0208 1760  usbvideo ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0208 1760  usbvideo - detected UnsignedFile.Multi.Generic (1)
20:44:03.0239 1760  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
20:44:03.0255 1760  UxSms ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0255 1760  UxSms - detected UnsignedFile.Multi.Generic (1)
20:44:03.0286 1760  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
20:44:03.0333 1760  vds ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0333 1760  vds - detected UnsignedFile.Multi.Generic (1)
20:44:03.0380 1760  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:44:03.0395 1760  vga ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0395 1760  vga - detected UnsignedFile.Multi.Generic (1)
20:44:03.0411 1760  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:44:03.0426 1760  VgaSave ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0426 1760  VgaSave - detected UnsignedFile.Multi.Generic (1)
20:44:03.0442 1760  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:44:03.0473 1760  viaagp - ok
20:44:03.0489 1760  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:44:03.0504 1760  ViaC7 ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0504 1760  ViaC7 - detected UnsignedFile.Multi.Generic (1)
20:44:03.0520 1760  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
20:44:03.0536 1760  viaide - ok
20:44:03.0551 1760  VMC302 - ok
20:44:03.0567 1760  VMC326 - ok
20:44:03.0582 1760  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:44:03.0598 1760  volmgr - ok
20:44:03.0629 1760  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:44:03.0645 1760  volmgrx - ok
20:44:03.0692 1760  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:44:03.0723 1760  volsnap - ok
20:44:03.0738 1760  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:44:03.0770 1760  vsmraid - ok
20:44:03.0816 1760  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
20:44:03.0941 1760  VSS ( UnsignedFile.Multi.Generic ) - warning
20:44:03.0941 1760  VSS - detected UnsignedFile.Multi.Generic (1)
20:44:03.0988 1760  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
20:44:04.0004 1760  W32Time ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0004 1760  W32Time - detected UnsignedFile.Multi.Generic (1)
20:44:04.0050 1760  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:44:04.0050 1760  WacomPen ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0050 1760  WacomPen - detected UnsignedFile.Multi.Generic (1)
20:44:04.0082 1760  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:44:04.0097 1760  Wanarp ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0097 1760  Wanarp - detected UnsignedFile.Multi.Generic (1)
20:44:04.0097 1760  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:44:04.0113 1760  Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0113 1760  Wanarpv6 - detected UnsignedFile.Multi.Generic (1)
20:44:04.0128 1760  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:44:04.0175 1760  wcncsvc ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0175 1760  wcncsvc - detected UnsignedFile.Multi.Generic (1)
20:44:04.0222 1760  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:44:04.0222 1760  WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0222 1760  WcsPlugInService - detected UnsignedFile.Multi.Generic (1)
20:44:04.0238 1760  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
20:44:04.0253 1760  Wd - ok
20:44:04.0284 1760  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:44:04.0331 1760  Wdf01000 - ok
20:44:04.0362 1760  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:44:04.0362 1760  WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0362 1760  WdiServiceHost - detected UnsignedFile.Multi.Generic (1)
20:44:04.0378 1760  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:44:04.0378 1760  WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0378 1760  WdiSystemHost - detected UnsignedFile.Multi.Generic (1)
20:44:04.0409 1760  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
20:44:04.0425 1760  WebClient ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0425 1760  WebClient - detected UnsignedFile.Multi.Generic (1)
20:44:04.0440 1760  [ 905214925A88311FCE52F66153DE7610 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:44:04.0456 1760  Wecsvc ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0456 1760  Wecsvc - detected UnsignedFile.Multi.Generic (1)
20:44:04.0456 1760  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:44:04.0472 1760  wercplsupport ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0472 1760  wercplsupport - detected UnsignedFile.Multi.Generic (1)
20:44:04.0503 1760  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:44:04.0518 1760  WerSvc ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0518 1760  WerSvc - detected UnsignedFile.Multi.Generic (1)
20:44:04.0581 1760  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:44:04.0612 1760  WinDefend - ok
20:44:04.0612 1760  WinHttpAutoProxySvc - ok
20:44:04.0690 1760  [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:44:04.0690 1760  Winmgmt ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0690 1760  Winmgmt - detected UnsignedFile.Multi.Generic (1)
20:44:04.0721 1760  [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:44:04.0768 1760  WinRM ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0768 1760  WinRM - detected UnsignedFile.Multi.Generic (1)
20:44:04.0830 1760  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:44:04.0893 1760  Wlansvc ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0893 1760  Wlansvc - detected UnsignedFile.Multi.Generic (1)
20:44:04.0924 1760  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:44:04.0940 1760  WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
20:44:04.0940 1760  WmiAcpi - detected UnsignedFile.Multi.Generic (1)
20:44:05.0002 1760  [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:44:05.0002 1760  wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0002 1760  wmiApSrv - detected UnsignedFile.Multi.Generic (1)
20:44:05.0080 1760  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:44:05.0127 1760  WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0127 1760  WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
20:44:05.0158 1760  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:44:05.0174 1760  WPCSvc ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0174 1760  WPCSvc - detected UnsignedFile.Multi.Generic (1)
20:44:05.0205 1760  [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:44:05.0220 1760  WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0220 1760  WPDBusEnum - detected UnsignedFile.Multi.Generic (1)
20:44:05.0267 1760  [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:44:05.0283 1760  WpdUsb ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0283 1760  WpdUsb - detected UnsignedFile.Multi.Generic (1)
20:44:05.0314 1760  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:44:05.0314 1760  ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0314 1760  ws2ifsl - detected UnsignedFile.Multi.Generic (1)
20:44:05.0345 1760  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
20:44:05.0361 1760  wscsvc ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0361 1760  wscsvc - detected UnsignedFile.Multi.Generic (1)
20:44:05.0361 1760  WSearch - ok
20:44:05.0454 1760  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:44:05.0579 1760  wuauserv - ok
20:44:05.0610 1760  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:44:05.0642 1760  WUDFRd ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0642 1760  WUDFRd - detected UnsignedFile.Multi.Generic (1)
20:44:05.0642 1760  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:44:05.0657 1760  wudfsvc ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0657 1760  wudfsvc - detected UnsignedFile.Multi.Generic (1)
20:44:05.0735 1760  [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
20:44:05.0751 1760  yukonwlh ( UnsignedFile.Multi.Generic ) - warning
20:44:05.0751 1760  yukonwlh - detected UnsignedFile.Multi.Generic (1)
20:44:05.0766 1760  ================ Scan global ===============================
20:44:05.0813 1760  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:44:05.0844 1760  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
20:44:05.0876 1760  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
20:44:05.0922 1760  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:44:05.0922 1760  [Global] - ok
20:44:05.0922 1760  ================ Scan MBR ==================================
20:44:05.0938 1760  [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
20:44:06.0578 1760  \Device\Harddisk0\DR0 - ok
20:44:06.0578 1760  [ BD01C983F50ACB5572A566F0B18E1812 ] \Device\Harddisk2\DR2
20:45:19.0274 1760  \Device\Harddisk2\DR2 - ok
20:45:19.0274 1760  ================ Scan VBR ==================================
20:45:19.0320 1760  [ 4ABC5D786BE829891EFD26B15D525D84 ] \Device\Harddisk0\DR0\Partition1
20:45:19.0320 1760  \Device\Harddisk0\DR0\Partition1 - ok
20:45:19.0352 1760  [ CB130314BED305BC44413D15B461093B ] \Device\Harddisk0\DR0\Partition2
20:45:19.0352 1760  \Device\Harddisk0\DR0\Partition2 - ok
20:45:19.0352 1760  ============================================================
20:45:19.0352 1760  Scan finished
20:45:19.0352 1760  ============================================================
20:45:19.0414 2588  Detected object count: 255
20:45:19.0414 2588  Actual detected object count: 255
20:45:46.0620 2588  AeLookupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0620 2588  AeLookupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0620 2588  AFD ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0620 2588  AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0620 2588  AgereSoftModem ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0620 2588  AgereSoftModem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0620 2588  ALG ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0620 2588  ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0636 2588  AmdK7 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0636 2588  AmdK7 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0636 2588  AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0636 2588  AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0636 2588  Appinfo ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0636 2588  Appinfo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0636 2588  AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0636 2588  AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0636 2588  athr ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0636 2588  athr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0636 2588  AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0636 2588  AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0652 2588  Audiosrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0652 2588  Audiosrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0652 2588  bcm4sbxp ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0652 2588  bcm4sbxp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0652 2588  Beep ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0652 2588  Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0652 2588  BFE ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0652 2588  BFE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0652 2588  BITS ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0652 2588  BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0652 2588  blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0652 2588  blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0667 2588  bowser ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0667 2588  bowser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0667 2588  BrFiltLo ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0667 2588  BrFiltLo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0667 2588  BrFiltUp ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0667 2588  BrFiltUp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0667 2588  Browser ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0667 2588  Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0667 2588  Brserid ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0667 2588  Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0667 2588  BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0667 2588  BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0683 2588  BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0683 2588  BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0683 2588  BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0683 2588  BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0683 2588  BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0683 2588  BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0683 2588  cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0683 2588  cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0683 2588  cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0683 2588  cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0683 2588  CertPropSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0683 2588  CertPropSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0698 2588  circlass ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0698 2588  circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0698 2588  CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0698 2588  CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0698 2588  Crusoe ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0698 2588  Crusoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0698 2588  CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0698 2588  CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0698 2588  DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0698 2588  DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0714 2588  DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0714 2588  DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0714 2588  DFSR ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0714 2588  DFSR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0714 2588  Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0714 2588  Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0714 2588  Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0714 2588  Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0714 2588  dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0714 2588  dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0714 2588  DPS ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0714 2588  DPS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0730 2588  drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0730 2588  drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0730 2588  E1G60 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0730 2588  E1G60 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0730 2588  EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0730 2588  EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0730 2588  ehRecvr ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0730 2588  ehRecvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0730 2588  ehSched ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0730 2588  ehSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0730 2588  ehstart ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0730 2588  ehstart ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0745 2588  EMDMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0745 2588  EMDMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0745 2588  ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0745 2588  ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0745 2588  EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0745 2588  EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0745 2588  EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0745 2588  EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0745 2588  exfat ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0745 2588  exfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0745 2588  fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0745 2588  fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0761 2588  fdc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0761 2588  fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0761 2588  fdPHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0761 2588  fdPHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0761 2588  FDResPub ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0761 2588  FDResPub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0761 2588  Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0761 2588  Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0761 2588  flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0761 2588  flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0761 2588  FontCache ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0761 2588  FontCache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0776 2588  Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0776 2588  Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0776 2588  gpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0776 2588  gpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0776 2588  gtstusbser ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0776 2588  gtstusbser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0776 2588  HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0776 2588  HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0776 2588  HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0776 2588  HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0776 2588  HidBth ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0776 2588  HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0792 2588  HidIr ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0792 2588  HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0792 2588  hidserv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0792 2588  hidserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0792 2588  HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0792 2588  HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0792 2588  hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0792 2588  hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0792 2588  HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0792 2588  HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0792 2588  i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0792 2588  i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0808 2588  ialm ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0808 2588  ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0808 2588  igfx ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0808 2588  igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0808 2588  IKEEXT ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0808 2588  IKEEXT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0808 2588  intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0808 2588  intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0808 2588  IPBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0808 2588  IPBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0823 2588  IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0823 2588  IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0823 2588  iphlpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0823 2588  iphlpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0823 2588  IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0823 2588  IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0823 2588  IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0823 2588  IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0823 2588  IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0823 2588  IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0823 2588  kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0823 2588  kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0839 2588  KeyIso ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0839 2588  KeyIso ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0839 2588  KMDFMEMIO ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0839 2588  KMDFMEMIO ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0839 2588  KtmRm ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0839 2588  KtmRm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0839 2588  LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0839 2588  LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0839 2588  LanmanWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0839 2588  LanmanWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0839 2588  lltdio ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0839 2588  lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0854 2588  lltdsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0854 2588  lltdsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0854 2588  lmhosts ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0854 2588  lmhosts ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0854 2588  luafv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0854 2588  luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0854 2588  Mcx2Svc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0854 2588  Mcx2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0854 2588  MMCSS ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0854 2588  MMCSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0854 2588  Modem ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0870 2588  Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0870 2588  monitor ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0870 2588  monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0870 2588  mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0870 2588  mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0870 2588  mpsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0870 2588  mpsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0870 2588  MpsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0870 2588  MpsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0870 2588  MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0870 2588  MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0870 2588  mrxsmb ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0870 2588  mrxsmb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0886 2588  mrxsmb10 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0886 2588  mrxsmb10 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0886 2588  mrxsmb20 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0886 2588  mrxsmb20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0886 2588  MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0886 2588  MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0886 2588  Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0886 2588  Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0886 2588  MSiSCSI ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0886 2588  MSiSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0886 2588  MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0886 2588  MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0886 2588  MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0886 2588  MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0901 2588  MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0901 2588  MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0901 2588  MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0901 2588  MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0901 2588  napagent ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0901 2588  napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0901 2588  NativeWifiP ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0901 2588  NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0901 2588  NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0901 2588  NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0917 2588  Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0917 2588  Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0917 2588  NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0917 2588  NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0917 2588  NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0917 2588  NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0917 2588  NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0917 2588  NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0917 2588  netbt ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0917 2588  netbt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0932 2588  Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0932 2588  Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0932 2588  Netman ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0932 2588  Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0932 2588  netprofm ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0932 2588  netprofm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0932 2588  NETw3v32 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0932 2588  NETw3v32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0932 2588  NlaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0932 2588  NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0932 2588  Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0932 2588  Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0948 2588  nsi ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0948 2588  nsi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0948 2588  nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0948 2588  nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0948 2588  ntrigdigi ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0948 2588  ntrigdigi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0948 2588  Null ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0948 2588  Null ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0948 2588  ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0948 2588  ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0948 2588  p2pimsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0948 2588  p2pimsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0964 2588  p2psvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0964 2588  p2psvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0964 2588  Parport ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0964 2588  Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0964 2588  Parvdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0964 2588  Parvdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0964 2588  PcaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0964 2588  PcaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0964 2588  PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0964 2588  PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0964 2588  pla ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0964 2588  pla ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0979 2588  PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0979 2588  PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0979 2588  PNRPAutoReg ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0979 2588  PNRPAutoReg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0979 2588  PNRPsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0979 2588  PNRPsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0979 2588  PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0979 2588  PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0979 2588  PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0979 2588  PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0979 2588  Processor ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0979 2588  Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0995 2588  ProfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0995 2588  ProfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0995 2588  ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0995 2588  ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0995 2588  PSched ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0995 2588  PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0995 2588  QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0995 2588  QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0995 2588  QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0995 2588  QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:46.0995 2588  RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:46.0995 2588  RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0010 2588  RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0010 2588  RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0010 2588  Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0010 2588  Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0010 2588  RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0010 2588  RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0010 2588  RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0010 2588  RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0010 2588  RasSstp ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0010 2588  RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0010 2588  rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0010 2588  rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0026 2588  RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0026 2588  RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0026 2588  rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0026 2588  rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0026 2588  RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0026 2588  RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0026 2588  RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0026 2588  RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0026 2588  RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0026 2588  RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0042 2588  RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0042 2588  RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0042 2588  RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0042 2588  RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0042 2588  RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0042 2588  RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0042 2588  RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0042 2588  RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0042 2588  rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0042 2588  rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0042 2588  SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0042 2588  SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0057 2588  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0057 2588  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0057 2588  SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0057 2588  SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0057 2588  Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0057 2588  Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0057 2588  SCPolicySvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0057 2588  SCPolicySvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0057 2588  sdbus ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0057 2588  sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0057 2588  SDRSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0057 2588  SDRSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0073 2588  secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0073 2588  secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0073 2588  seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0073 2588  seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0073 2588  SENS ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0073 2588  SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0073 2588  Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0073 2588  Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0073 2588  Serial ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0073 2588  Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0073 2588  sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0073 2588  sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0088 2588  SessionEnv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0088 2588  SessionEnv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0088 2588  sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0088 2588  sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0088 2588  sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0088 2588  sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0088 2588  sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0088 2588  sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0088 2588  sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0088 2588  sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0088 2588  SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0088 2588  SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0104 2588  ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0104 2588  ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 04.06.2013, 16:52   #10
charlien
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



Teil 2

Code:
ATTFilter
20:45:47.0104 2588  slsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0104 2588  slsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0104 2588  SLUINotify ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0104 2588  SLUINotify ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0104 2588  Smb ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0104 2588  Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0104 2588  SNMPTRAP ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0104 2588  SNMPTRAP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0104 2588  Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0104 2588  Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0104 2588  srv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0120 2588  srv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0120 2588  srv2 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0120 2588  srv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0120 2588  srvnet ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0120 2588  srvnet ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0120 2588  SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0120 2588  SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0120 2588  SstpSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0120 2588  SstpSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0120 2588  stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0120 2588  stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0120 2588  swprv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0120 2588  swprv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0135 2588  SysMain ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0135 2588  SysMain ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0135 2588  TabletInputService ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0135 2588  TabletInputService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0135 2588  TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0135 2588  TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0135 2588  TBS ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0135 2588  TBS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0135 2588  tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0135 2588  tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0135 2588  TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0135 2588  TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0151 2588  TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0151 2588  TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0151 2588  tdx ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0151 2588  tdx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0151 2588  TermService ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0151 2588  TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0151 2588  Themes ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0151 2588  Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0151 2588  THREADORDER ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0151 2588  THREADORDER ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0151 2588  TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0151 2588  TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0166 2588  TrustedInstaller ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0166 2588  TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0166 2588  tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0166 2588  tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0166 2588  tunmp ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0166 2588  tunmp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0166 2588  tunnel ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0166 2588  tunnel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0166 2588  udfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0166 2588  udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0166 2588  UI0Detect ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0166 2588  UI0Detect ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0182 2588  umbus ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0182 2588  umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0182 2588  upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0182 2588  upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0182 2588  usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0182 2588  usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0182 2588  usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0182 2588  usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0182 2588  usbcir ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0182 2588  usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0182 2588  usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0182 2588  usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0198 2588  usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0198 2588  usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0198 2588  usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0198 2588  usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0198 2588  usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0198 2588  usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0198 2588  USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0198 2588  USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0198 2588  usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0198 2588  usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0198 2588  usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0198 2588  usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0213 2588  UxSms ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0213 2588  UxSms ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0213 2588  vds ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0213 2588  vds ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0213 2588  vga ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0213 2588  vga ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0213 2588  VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0213 2588  VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0213 2588  ViaC7 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0213 2588  ViaC7 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0213 2588  VSS ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0213 2588  VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0229 2588  W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0229 2588  W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0229 2588  WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0229 2588  WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0229 2588  Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0229 2588  Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0229 2588  Wanarpv6 ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0229 2588  Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0229 2588  wcncsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0229 2588  wcncsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0229 2588  WcsPlugInService ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0229 2588  WcsPlugInService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0244 2588  WdiServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0244 2588  WdiServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0244 2588  WdiSystemHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0244 2588  WdiSystemHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0244 2588  WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0244 2588  WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0244 2588  Wecsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0244 2588  Wecsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0244 2588  wercplsupport ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0244 2588  wercplsupport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0244 2588  WerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0244 2588  WerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0260 2588  Winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0260 2588  Winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0260 2588  WinRM ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0260 2588  WinRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0260 2588  Wlansvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0260 2588  Wlansvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0260 2588  WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0260 2588  WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0260 2588  wmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0260 2588  wmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0260 2588  WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0260 2588  WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0276 2588  WPCSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0276 2588  WPCSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0276 2588  WPDBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0276 2588  WPDBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0276 2588  WpdUsb ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0276 2588  WpdUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0276 2588  ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0276 2588  ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0276 2588  wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0276 2588  wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0276 2588  WUDFRd ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0291 2588  WUDFRd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0291 2588  wudfsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0291 2588  wudfsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:47.0291 2588  yukonwlh ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:47.0291 2588  yukonwlh ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:45:59.0584 3308  Deinitialize success
         

Alt 04.06.2013, 16:53   #11
markusg
/// Malware-holic
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



Ne, ich biete nur keinen 24 stunden rundum service, das ist meine Freizeit hier.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.06.2013, 17:16   #12
charlien
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



HI Markus

na so war das nicht gemeint und wie du im ersten post siehst, weiß ich diese Hilfe zu schätzen.

Code:
ATTFilter
ComboFix 13-06-03.06 - sven 04.06.2013  21:01:20.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3032.2032 [GMT 2:00]
ausgeführt von:: c:\users\sven\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
C:\Recycle.Bin
c:\users\sven\AppData\Roaming\Qiyl\dydi.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-04 bis 2013-06-04  ))))))))))))))))))))))))))))))
.
.
2013-06-04 19:07 . 2013-06-04 19:08	--------	d-----w-	c:\users\sven\AppData\Local\temp
2013-06-04 19:07 . 2013-06-04 19:07	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-04 11:49 . 2013-06-04 11:49	--------	d-----w-	c:\windows\system32\wbem\en-US
2013-06-04 11:47 . 2008-06-02 01:50	125728	----a-w-	c:\windows\system32\drivers\Mpfp.sys
2013-06-04 11:47 . 2007-07-24 03:02	33800	----a-w-	c:\windows\system32\drivers\mferkdk.sys
2013-06-04 11:47 . 2007-07-23 22:40	79304	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2013-06-04 11:47 . 2007-07-21 00:08	40488	----a-w-	c:\windows\system32\drivers\mfesmfk.sys
2013-06-04 11:47 . 2007-07-21 00:08	35240	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2013-06-04 11:47 . 2007-07-21 00:08	201288	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2013-06-04 11:47 . 2008-01-21 02:23	599552	----a-w-	c:\windows\system32\vsp1cln.exe
2013-06-04 11:47 . 2008-01-21 02:24	78336	----a-w-	c:\windows\system32\ieencode.dll
2013-06-04 11:47 . 2008-01-21 02:24	17408	----a-w-	c:\windows\system32\corpol.dll
2013-06-04 06:36 . 2013-06-04 06:36	--------	d-----w-	C:\_OTL
2013-05-07 07:48 . 2013-04-10 03:08	6906960	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F076FA41-E901-445F-99E4-ED5B59BD68EF}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-02 00:06 . 2010-08-15 09:32	238872	------w-	c:\windows\system32\MpSigStub.exe
2013-03-11 13:25 . 2013-04-10 12:14	3603816	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-03-11 13:25 . 2013-04-10 12:14	3551080	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-09 03:45 . 2013-04-10 12:14	49152	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-09 01:28 . 2013-04-10 12:14	64000	----a-w-	c:\windows\system32\smss.exe
2013-03-08 03:53 . 2013-04-10 12:14	376320	----a-w-	c:\windows\system32\winsrv.dll
2013-03-08 03:52 . 2013-04-10 12:14	2067968	----a-w-	c:\windows\system32\mstscax.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys
[-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys
.
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
.
[-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
[-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
.
[-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
[-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
.
[-] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
[-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[-] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[-] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[-] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[-] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[-] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[-] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[-] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[-] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[-] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[-] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[-] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[-] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[-] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
.
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
.
[-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
[-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
.
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[-] 2008-01-21 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
.
[-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[-] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[-] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[-] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[-] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[-] 2008-01-21 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
.
[-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
[-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[-] 2008-01-21 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
.
[-] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[-] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[-] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[-] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[-] 2008-01-21 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
.
[-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
[-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[-] 2008-01-21 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
.
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[-] 2008-01-21 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
.
[-] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[-] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[-] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[-] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[-] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[-] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll
[-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[-] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[-] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[-] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[-] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[-] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[-] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[-] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[-] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[-] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[-] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[-] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[-] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[-] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
[-] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[-] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[-] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[-] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[-] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[-] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
[-] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
[-] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
[-] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
[-] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll
.
[-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
[-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[-] 2008-01-21 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
.
[-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll
[-] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll
[-] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[-] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[-] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[-] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[-] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[-] 2008-01-21 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
.
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
[-] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll
[-] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll
[-] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll
[-] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll
[-] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll
[-] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll
[-] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll
[-] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll
[-] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll
[-] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
[-] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
[-] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
[-] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
[-] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll
[-] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll
[-] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll
[-] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_aba8fef657b84c8b\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
.
[-] 2013-02-22 . 474D43D76E2A33FEE21C6F4BB7C4A3B7 . 12324864 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20586_none_d3840c4179578751\mshtml.dll
[-] 2013-02-22 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll
[-] 2013-02-22 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16476_none_d3053f626031cb96\mshtml.dll
[-] 2013-02-02 . 88C27474E61271B49677F22CEE76FB3E . 12322304 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20580_none_d37e0a85795cef47\mshtml.dll
[-] 2013-02-02 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16470_none_d2ff3da66037338c\mshtml.dll
[-] 2013-01-08 . C97434C851C4821BD92D2831FDF1ECBE . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16464_none_d30e0eba602b7cf7\mshtml.dll
[-] 2013-01-08 . B6AD225B3BCC07332FBB2C2824315534 . 12322304 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20573_none_d38bdb4f79521f5b\mshtml.dll
[-] 2012-11-14 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16457_none_d31bdf846020ad0b\mshtml.dll
[-] 2012-11-14 . 8021EF27048F9ECE5286EA8C8EED23B8 . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20565_none_d398abcf79483618\mshtml.dll
[-] 2012-10-08 . 8D1BB1E5A033E8817EF94A9047630165 . 12320768 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16455_none_d319def060227a5d\mshtml.dll
[-] 2012-10-08 . F7B251DA2FA89933771289793DCAA08B . 12321280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20562_none_d395aaf1794aea13\mshtml.dll
[-] 2012-08-24 . 975D1EA99A0FE8104B72440995B3C20B . 12319744 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20557_none_d3a57c4f793e4cd5\mshtml.dll
[-] 2012-08-24 . BB197F54A8F69EEA8356B7F70E6D3A20 . 12319744 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16450_none_d314dd7e6026fbaa\mshtml.dll
[-] 2012-06-29 . 5E8E869E1342308752A37A2C90CCA79D . 12317184 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16448_none_d327afba6017aa71\mshtml.dll
[-] 2012-06-28 . AEC51857AEC2F5CE4520366240AFC671 . 12317184 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20554_none_d3a27b71794100d0\mshtml.dll
[-] 2012-06-02 . 6820A9E91AFF7CB3A510360D8CCD9BDD . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16447_none_d326af706018911a\mshtml.dll
[-] 2012-06-02 . 1ABF770552EA9D4FE90F654468FAF4CE . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20553_none_d3a17b277941e779\mshtml.dll
[-] 2012-05-17 . 9FB58F71104107D44540AF1195F7A14D . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16446_none_d325af26601977c3\mshtml.dll
[-] 2012-05-17 . 761D9111F5A2619CB5060661D36FBFFF . 12314624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20551_none_d39f7a937943b4cb\mshtml.dll
[-] 2012-02-28 . F82BF2CB075B49E9FAB5FF213C45C020 . 12281856 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16443_none_d322ae48601c2bbe\mshtml.dll
[-] 2012-02-28 . B9E083B14B1994F1255983F2DF31C7DF . 12281856 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20548_none_d3b14c8579354a3b\mshtml.dll
[-] 2011-12-14 . 497C9C3DB953A60EC4F43A097E15F75E . 12282368 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16441_none_d320adb4601df910\mshtml.dll
[-] 2011-12-14 . A29CFD4B9F6F2BBE06C8D64B6D07F1D4 . 12282368 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20546_none_d3af4bf17937178d\mshtml.dll
[-] 2011-11-03 . A21B983E40578D0E6CFA9864AC4E1219 . 12279808 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20544_none_d3ad4b5d7938e4df\mshtml.dll
[-] 2011-11-03 . 66C0AEE61D1C5C35BF1B4642A153B114 . 12279808 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16440_none_d31fad6a601edfb9\mshtml.dll
[-] 2011-09-01 . 04E0CD31A63DFC0D73725A3D1768FB5A . 12275200 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16437_none_d3317f5c60107529\mshtml.dll
[-] 2011-09-01 . 8C93AED0A332209434B62162D03C38C9 . 12275200 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20537_none_d3bb1c27792e14f3\mshtml.dll
[-] 2011-07-22 . E6D5C7E4AAC0C682169AA5021386EFF3 . 12273664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16434_none_d32e7e7e60132924\mshtml.dll
[-] 2011-07-22 . F2966190D2C20C585A730F9C0B3C7373 . 12273664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20534_none_d3b81b497930c8ee\mshtml.dll
[-] 2011-06-20 . 3F63F95C998F7E1AF409BC74E83D45E5 . 12269056 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16430_none_d32a7d566016c3c8\mshtml.dll
[-] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll
[-] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll
[-] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll
[-] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll
[-] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.23111] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll
[-] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.19019] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll
[-] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.23091] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll
[-] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18999] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll
[-] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.23067] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll
[-] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18975] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll
[-] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.23040] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll
[-] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18943] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll
[-] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.23019] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll
[-] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18928] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll
[-] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.22995] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll
[-] 2010-02-23 . 8D5FB97AE3D30CCDD8C9D8AF447C7D09 . 5944832 . . [8.00.6001.18904] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll
[-] 2010-01-02 . BE6120F3D7A853039B5437AC9E1986C1 . 5945856 . . [8.00.6001.22973] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll
[-] 2010-01-02 . DF4D546A6E1C8D0F4FC10FCC9E422763 . 5942784 . . [8.00.6001.18882] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll
[-] 2009-11-21 . ED6055694115B1A247B2591AB465A21D . 5944320 . . [8.00.6001.22956] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll
.
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[-] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[-] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
.
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[-] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
.
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[-] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
.
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[-] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[-] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
.
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[-] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
.
[-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
[-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[-] 2008-01-21 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
.
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
[-] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll
[-] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[-] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[-] 2013-02-02 . 1284D72C04B553ED5382EA14303D66DB . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll
[-] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll
[-] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll
[-] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll
[-] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll
[-] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll
[-] 2012-10-08 . 9CB0D2A9A77D91D9614355EE9FF00519 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll
[-] 2012-10-08 . 6E3AC8A54A1881806BA2B58539483788 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll
[-] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll
[-] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll
[-] 2012-06-29 . 75A97A2C060E72AB49E071E08C7DD2BA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll
[-] 2012-06-28 . 54C30A4066A28F9A017E095E283B2762 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll
[-] 2012-06-02 . 8E87270C4704CF2951E1E7820D6C8A2B . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll
[-] 2012-06-02 . E430161A632F9A8FE512DE0CA5685559 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll
[-] 2012-05-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll
[-] 2012-05-17 . 43BAC67996D8765A5F1B3A4EA6231E21 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll
[-] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll
[-] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll
[-] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll
[-] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_c2552cd2f8e0ae57\wininet.dll
[-] 2011-11-03 . 32569DF2F9BEF05DD7D56E30590EDFD9 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20544_none_c2532c3ef8e27ba9\wininet.dll
[-] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_c1c58e4bdfc87683\wininet.dll
[-] 2011-09-01 . D3788D91530CFA005BD516189A4C676E . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16437_none_c1d7603ddfba0bf3\wininet.dll
[-] 2011-09-01 . C0FCEE8D760C70DB6EF858BB2262288E . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20537_none_c260fd08f8d7abbd\wininet.dll
[-] 2011-07-22 . 2C7332C222D1FE1FC57D622699A8C001 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16434_none_c1d45f5fdfbcbfee\wininet.dll
[-] 2011-07-22 . AA75F065975FCE762FC9BBF5A3C08368 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20534_none_c25dfc2af8da5fb8\wininet.dll
[-] 2011-06-20 . A1236375B74EA63C75657D564890C436 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16421_none_c1dc2e6ddfb757f8\wininet.dll
[-] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.23181] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[-] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.19088] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[-] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.23143] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[-] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.19048] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[-] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.23111] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[-] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.19019] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[-] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.23091] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[-] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18999] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[-] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.23067] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[-] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18975] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[-] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.23040] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[-] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18943] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[-] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.23019] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[-] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18928] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[-] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.22995] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[-] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18904] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[-] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.22973] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[-] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18882] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[-] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.22956] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[-] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18865] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[-] 2009-08-27 . D0DD9439DB3C927209CFFE095AA1F097 . 916480 . . [8.00.6001.22918] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[-] 2009-08-27 . E3AB6EBE520E1898663B011D2FC0DF11 . 916480 . . [8.00.6001.18828] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[-] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.22903] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[-] 2009-07-18 . FCB4E3234667317905333B6A4CDF85FC . 827904 . . [7.00.6001.18294] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll
[-] 2009-07-18 . 87D84C48693EB949350FA938D63512D8 . 827392 . . [7.00.6000.16890] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll
[-] 2009-07-18 . D1E1447C4E2077BDFFDD547972FEBDEB . 828928 . . [7.00.6000.21089] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll
[-] 2009-07-18 . 7FCA93009963EE8A7AF1740661412F1E . 828416 . . [7.00.6001.22475] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll
[-] 2009-07-18 . 387B0601FCA64AF5117C321E46C4C4E2 . 828928 . . [7.00.6002.22180] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll
[-] 2009-07-18 . 408A0A6E83333F98D564D95CDBB6D3C6 . 828416 . . [7.00.6002.18071] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll
[-] 2009-04-24 . D94BDEEF2E47EB4A46B957253C697F01 . 827392 . . [7.00.6000.16851] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll
[-] 2009-04-24 . 64EAF7CF461A15DB4EAEB1D50A10E88E . 827904 . . [7.00.6001.18248] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll
[-] 2009-04-24 . E7D90AF9B0C7FA98DF353E022EE1C63E . 828928 . . [7.00.6000.21046] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll
[-] 2009-04-24 . 77C60DD61D21777734B1C945540473A4 . 828416 . . [7.00.6001.22418] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll
[-] 2009-04-24 . 07DBFC0759F61E95901AF2B2D4E83451 . 828416 . . [7.00.6002.22121] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll
[-] 2009-04-23 . 24CBE22F35941FBFD6144A5C011EA999 . 828416 . . [7.00.6002.18024] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll
[-] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[-] 2009-03-08 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18813] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[-] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll
[-] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll
[-] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll
[-] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll
[-] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[-] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[-] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[-] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
[-] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll
[-] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
[-] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll
[-] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
[-] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[-] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[-] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[-] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[-] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[-] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[-] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[-] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[-] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[-] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[-] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[-] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[-] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
.
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
.
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[-] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[-] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[-] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[-] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[-] 2008-01-21 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
.
[-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe
[-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
.
[-] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[-] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[-] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[-] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[-] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
.
[-] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[-] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[-] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[-] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[-] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[-] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[-] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[-] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[-] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[-] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[-] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\msimg32.dll
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6000.16386_none_7535161f1f2100ed\msimg32.dll
.
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[-] 2008-01-21 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
.
[-] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[-] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[-] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[-] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[-] 2008-01-21 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
[-] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[-] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
.
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
.
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[-] 2008-01-21 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
.
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
.
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[-] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[-] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[-] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[-] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
.
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[-] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[-] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll
[-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[-] 2008-01-21 02:23 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
.
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[-] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
.
[-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll
[-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll
[-] 2008-01-21 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll
.
[-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll
[-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll
[-] 2008-01-21 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll
.
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[-] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
.
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
.
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54	175912	----a-w-	c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-01-17 14:54	175912	----a-w-	c:\program files\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-01-04 1391272]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
backup=c:\windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04	39792	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-09-03 21:17	3342336	----a-w-	c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:12	3872080	----a-w-	c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-07 11:12	1238352	----a-w-	c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-10-26 05:39	1029416	----a-w-	c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 74665665
*Deregistered* - 74665665
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2010-12-16 c:\windows\Tasks\User_Feed_Synchronization-{27DB8BB8-9817-4932-A2CA-332B0EECBCA5}.job
- c:\windows\system32\msfeedssync.exe [2011-06-20 18:45]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Free YouTube to MP3 Converter - c:\users\sven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-{19E4F906-0FCA-6C68-0686-DA2B181F56B4} - c:\users\sven\AppData\Roaming\Qiyl\dydi.exe
HKCU-Run-4E3E0230AEBB4E96 - c:\recycle.bin\Recycle.Bin.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-06-04 21:08
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2013-06-04  21:14:48
ComboFix-quarantined-files.txt  2013-06-04 19:14
.
Vor Suchlauf: 8 Verzeichnis(se), 54.626.856.960 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 56.088.068.096 Bytes frei
.
- - End Of File - - FA640E75DEF308C80491055B25A987DD
         

Alt 04.06.2013, 17:18   #13
markusg
/// Malware-holic
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



Hi
öffne mal bitte Computer, c: qoobox, rechtsklick quarantain, mit winrar oder anderem archivierungsprogramm packen, und hochladen.
Trojaner-Board Upload Channel
Bitte kurze Rückmeldung, wenn fertig.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.06.2013, 17:32   #14
charlien
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



Zitat:
Datei: Quarantine.zip empfangen

Vorgang erfolgreich abgeschlossen.
fertig

Alt 04.06.2013, 17:35   #15
markusg
/// Malware-holic
 
weißer Bildschrim nach User Login unter Windows 7 - Standard

weißer Bildschrim nach User Login unter Windows 7



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu weißer Bildschrim nach User Login unter Windows 7
adobe, antivir, autorun, avira, avira searchfree toolbar, bho, converter, defender, desktop, error, explorer, home, logfile, opera, plug-in, realtek, registry, software, taskmanager, trojan.agent.zr0, windows, öffnet



Ähnliche Themen: weißer Bildschrim nach User Login unter Windows 7


  1. Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus
    Log-Analyse und Auswertung - 28.07.2015 (12)
  2. WinXP - Weißer Bildschirm nach Anmeldung bei einem User - Abgesicherter Modus funktioniert - FRST32 bricht ab
    Log-Analyse und Auswertung - 22.01.2014 (9)
  3. Windows 7: Snap.do und Search-Gol wird je nach User unter Firefox als Suchmaschine vorgeschlagen
    Log-Analyse und Auswertung - 14.10.2013 (9)
  4. Login-Gesten unter Windows 8 sind berechenbar
    Nachrichten - 06.09.2013 (0)
  5. Weisser Bildschirm nach User-Login (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 01.08.2013 (3)
  6. Weißer Bildschrim und OTL Logfiles
    Plagegeister aller Art und deren Bekämpfung - 08.05.2013 (11)
  7. Windows Vista - GVU-Trojaner / weißer Bildschrim ohne Internet
    Plagegeister aller Art und deren Bekämpfung - 05.03.2013 (5)
  8. Nach Virusentfernung immer noch weißer gesperrter Bildschirm beim Windows Login
    Log-Analyse und Auswertung - 01.02.2013 (15)
  9. Weißer Bildschirm nach Benutzer Login, Windows 7
    Plagegeister aller Art und deren Bekämpfung - 24.01.2013 (24)
  10. weißer Bildschrim (windows 7)
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (18)
  11. Weißer Bildschirm nach booten unter Windows 7
    Log-Analyse und Auswertung - 06.12.2012 (13)
  12. Weißer Bildschrim nach Modzilla start
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (13)
  13. weißer Bildschirm bei Windows-Login (Desktop nicht sichtbar)
    Plagegeister aller Art und deren Bekämpfung - 13.10.2012 (5)
  14. Weißer Bildschrim nach Modzilla start
    Alles rund um Windows - 04.10.2012 (3)
  15. weißer bildschrim nach start, webseite kann nicht angezeigt werden, taskmanager zeigt sich nur kurz
    Plagegeister aller Art und deren Bekämpfung - 04.10.2012 (1)
  16. Win7 nach Login nur weißer Bildschirm - bisher keine Viren auf dem PC gefunden
    Plagegeister aller Art und deren Bekämpfung - 05.08.2012 (1)
  17. weißer Bildschrim nach Neustart
    Plagegeister aller Art und deren Bekämpfung - 29.04.2012 (9)

Zum Thema weißer Bildschrim nach User Login unter Windows 7 - Guten Abend zusammen, habe mir manch Themen angesehen aber wie Ihr selbst schreibt, sind Lösungen für die einzelnen Personen gedacht. Daher mein eigenes Thema. Ich bedanke mich vorab für Eure - weißer Bildschrim nach User Login unter Windows 7...
Archiv
Du betrachtest: weißer Bildschrim nach User Login unter Windows 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.