Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: System nach Spy.Banker.Gen2 wieder sauber?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 27.11.2011, 12:05   #16
Badgerli
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Finde keinen Combofix Log, aber der Ordner ist vorhanden, ja...

In der \Lastrun\drev_.txt stehen

"C:\install.exe"
"C:\Users\Badger_2\AppData\Roaming\AcroIEHelpe.txt"
"C:\Users\Badger_2\AppData\Roaming\srvblck2.tmp"
"C:\Windows\pkunzip.pif"
"C:\Windows\pkzip.pif"


Und befinden sich nu alle im Quarantine Ordner in Qoobox

Alt 27.11.2011, 12:13   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Ich brauch den Quarantäneordner von Combofix. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner Quarantine in C:\Qoobox in eine Datei zippen
3.) die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!

4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten
__________________

__________________

Alt 27.11.2011, 12:19   #18
Badgerli
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Ist hochgeladen
__________________

Alt 27.11.2011, 12:33   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=7decdf60-f732-11e0-89e3-dd5d7a854ee0&q="
[2011.05.20 00:13:58 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Badger\AppData\Roaming\mozilla\Firefox\Profiles\2ilz1vf0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.07.11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Badger\AppData\Roaming\Mozilla\Firefox\Profiles\2ilz1vf0.default\searchplugins\startsear.xml
:Files
C:\Program Files (x86)\Win7codecs
C:\ProgramData\Win7codecs
C:\Users\All Users\Win7codecs
C:\Windows\Installer\315564.msi
D:\Downloads\Software\SoftonicDownloader92616.exe
:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.11.2011, 13:00   #20
Badgerli
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Code:
ATTFilter
All processes killed
========== OTL ==========
Prefs.js: "hxxp://startsear.ch/?aff=1" removed from browser.startup.homepage
Prefs.js: "Web Search" removed from browser.search.defaultenginename
Prefs.js: "Web Search" removed from browser.search.defaultengine
Prefs.js: "Web Search" removed from browser.search.order.1
Prefs.js: "Web Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://startsear.ch/?aff=1&src=sp&cf=7decdf60-f732-11e0-89e3-dd5d7a854ee0&q=" removed from keyword.URL
C:\Users\Badger\AppData\Roaming\mozilla\Firefox\Profiles\2ilz1vf0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Badger\AppData\Roaming\mozilla\Firefox\Profiles\2ilz1vf0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\Badger\AppData\Roaming\Mozilla\Firefox\Profiles\2ilz1vf0.default\searchplugins\startsear.xml moved successfully.
========== FILES ==========
C:\Program Files (x86)\Win7codecs\Tools folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Update_OB folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Rpplugins folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Plugins\ExtResources folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Plugins folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Common folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Codecs folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Browser\Plugins folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Browser\Components folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm\Browser folder moved successfully.
C:\Program Files (x86)\Win7codecs\rm folder moved successfully.
C:\Program Files (x86)\Win7codecs\icons folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\languages folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\zh@Traditional\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\zh@Traditional folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\zh@Simplified\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\zh@Simplified folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\swe\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\swe folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\spa\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\spa folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\slv\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\slv folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\slo\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\slo folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\rus\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\rus folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\pt_BR\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\pt_BR folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\pol\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\pol folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\kor\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\kor folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\jpn\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\jpn folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\ita\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\ita folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\ind\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\ind folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\hun\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\hun folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\heb\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\heb folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\gre\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\gre folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\ger\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\ger folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\fre\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\fre folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\fin\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\fin folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\dut\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\dut folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\cze\LC_MESSAGES folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang\cze folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters\lang folder moved successfully.
C:\Program Files (x86)\Win7codecs\filters folder moved successfully.
C:\Program Files (x86)\Win7codecs folder moved successfully.
C:\ProgramData\Win7codecs\{6B010B4A-EBD4-491C-A6A9-BC1063E2A432} folder moved successfully.
C:\ProgramData\Win7codecs folder moved successfully.
File\Folder C:\Users\All Users\Win7codecs not found.
C:\Windows\Installer\315564.msi moved successfully.
D:\Downloads\Software\SoftonicDownloader92616.exe moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Angy
->Temp folder emptied: 6771073 bytes
->Temporary Internet Files folder emptied: 49895422 bytes
->Java cache emptied: 228894 bytes
->FireFox cache emptied: 544856452 bytes
->Flash cache emptied: 28768 bytes
 
User: Badger
->Temp folder emptied: 1209782938 bytes
->Temporary Internet Files folder emptied: 361144 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 90215328 bytes
->Flash cache emptied: 3120 bytes
 
User: Badger_2
->Temp folder emptied: 118970712 bytes
->Temporary Internet Files folder emptied: 59525934 bytes
->Java cache emptied: 34301646 bytes
->FireFox cache emptied: 813851962 bytes
->Google Chrome cache emptied: 8475515 bytes
->Flash cache emptied: 1291842 bytes
 
User: Carstinho
->Temp folder emptied: 15602 bytes
->Temporary Internet Files folder emptied: 425970 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 2.803,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 11272011_123629

Files\Folders moved on Reboot...
File move failed. C:\Users\Badger_2\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
         


Alt 27.11.2011, 13:24   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
--> System nach Spy.Banker.Gen2 wieder sauber?

Alt 27.11.2011, 13:33   #22
Badgerli
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



In voller Pracht und Länge

Code:
ATTFilter
13:30:32.0451 3024	TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
13:30:32.0888 3024	============================================================
13:30:32.0888 3024	Current date / time: 2011/11/27 13:30:32.0888
13:30:32.0888 3024	SystemInfo:
13:30:32.0888 3024	
13:30:32.0888 3024	OS Version: 6.1.7600 ServicePack: 0.0
13:30:32.0888 3024	Product type: Workstation
13:30:32.0889 3024	ComputerName: BADGERLI
13:30:32.0891 3024	UserName: Badger
13:30:32.0891 3024	Windows directory: C:\Windows
13:30:32.0891 3024	System windows directory: C:\Windows
13:30:32.0891 3024	Running under WOW64
13:30:32.0891 3024	Processor architecture: Intel x64
13:30:32.0891 3024	Number of processors: 2
13:30:32.0891 3024	Page size: 0x1000
13:30:32.0891 3024	Boot type: Normal boot
13:30:32.0891 3024	============================================================
13:30:33.0391 3024	Initialize success
13:31:05.0165 2388	============================================================
13:31:05.0165 2388	Scan started
13:31:05.0165 2388	Mode: Manual; SigCheck; TDLFS; 
13:31:05.0165 2388	============================================================
13:31:05.0545 2388	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
13:31:05.0605 2388	1394ohci ( UnsignedFile.Multi.Generic ) - warning
13:31:05.0605 2388	1394ohci - detected UnsignedFile.Multi.Generic (1)
13:31:05.0755 2388	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
13:31:05.0805 2388	ACPI - ok
13:31:05.0945 2388	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
13:31:05.0965 2388	AcpiPmi ( UnsignedFile.Multi.Generic ) - warning
13:31:05.0965 2388	AcpiPmi - detected UnsignedFile.Multi.Generic (1)
13:31:06.0125 2388	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:31:06.0145 2388	adp94xx - ok
13:31:06.0295 2388	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:31:06.0315 2388	adpahci - ok
13:31:06.0455 2388	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:31:06.0475 2388	adpu320 - ok
13:31:06.0615 2388	AFD             (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
13:31:06.0645 2388	AFD ( UnsignedFile.Multi.Generic ) - warning
13:31:06.0645 2388	AFD - detected UnsignedFile.Multi.Generic (1)
13:31:06.0785 2388	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
13:31:06.0795 2388	agp440 - ok
13:31:06.0925 2388	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
13:31:06.0935 2388	aliide - ok
13:31:07.0065 2388	altausb         (267c87fed5ac9443502004ada6238aba) C:\Windows\system32\DRIVERS\altausb.sys
13:31:07.0085 2388	altausb ( UnsignedFile.Multi.Generic ) - warning
13:31:07.0085 2388	altausb - detected UnsignedFile.Multi.Generic (1)
13:31:07.0245 2388	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
13:31:07.0265 2388	amdide - ok
13:31:07.0405 2388	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:31:07.0425 2388	AmdK8 ( UnsignedFile.Multi.Generic ) - warning
13:31:07.0425 2388	AmdK8 - detected UnsignedFile.Multi.Generic (1)
13:31:07.0575 2388	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:31:07.0595 2388	AmdPPM ( UnsignedFile.Multi.Generic ) - warning
13:31:07.0595 2388	AmdPPM - detected UnsignedFile.Multi.Generic (1)
13:31:07.0735 2388	amdsata         (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
13:31:07.0745 2388	amdsata - ok
13:31:07.0875 2388	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:31:07.0895 2388	amdsbs - ok
13:31:08.0025 2388	amdxata         (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
13:31:08.0035 2388	amdxata - ok
13:31:08.0175 2388	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:31:08.0205 2388	AppID ( UnsignedFile.Multi.Generic ) - warning
13:31:08.0205 2388	AppID - detected UnsignedFile.Multi.Generic (1)
13:31:08.0365 2388	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:31:08.0385 2388	arc - ok
13:31:08.0495 2388	archlp          (2e18f6a486330bc2c9c0172878799099) C:\Windows\system32\drivers\archlp.sys
13:31:09.0445 2388	archlp - ok
13:31:09.0575 2388	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:31:09.0595 2388	arcsas - ok
13:31:09.0705 2388	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:31:09.0725 2388	AsyncMac ( UnsignedFile.Multi.Generic ) - warning
13:31:09.0725 2388	AsyncMac - detected UnsignedFile.Multi.Generic (1)
13:31:09.0875 2388	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
13:31:09.0885 2388	atapi - ok
13:31:10.0015 2388	avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
13:31:10.0025 2388	avgntflt - ok
13:31:10.0155 2388	avipbb          (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
13:31:10.0165 2388	avipbb - ok
13:31:10.0315 2388	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
13:31:10.0325 2388	avkmgr - ok
13:31:10.0475 2388	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:31:10.0505 2388	b06bdrv ( UnsignedFile.Multi.Generic ) - warning
13:31:10.0505 2388	b06bdrv - detected UnsignedFile.Multi.Generic (1)
13:31:10.0645 2388	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:31:10.0665 2388	b57nd60a ( UnsignedFile.Multi.Generic ) - warning
13:31:10.0665 2388	b57nd60a - detected UnsignedFile.Multi.Generic (1)
13:31:10.0845 2388	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:31:10.0865 2388	Beep ( UnsignedFile.Multi.Generic ) - warning
13:31:10.0865 2388	Beep - detected UnsignedFile.Multi.Generic (1)
13:31:11.0005 2388	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:31:11.0035 2388	blbdrive ( UnsignedFile.Multi.Generic ) - warning
13:31:11.0035 2388	blbdrive - detected UnsignedFile.Multi.Generic (1)
13:31:11.0165 2388	bowser          (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
13:31:11.0185 2388	bowser ( UnsignedFile.Multi.Generic ) - warning
13:31:11.0185 2388	bowser - detected UnsignedFile.Multi.Generic (1)
13:31:11.0305 2388	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:31:11.0335 2388	BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
13:31:11.0335 2388	BrFiltLo - detected UnsignedFile.Multi.Generic (1)
13:31:11.0425 2388	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:31:11.0455 2388	BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
13:31:11.0455 2388	BrFiltUp - detected UnsignedFile.Multi.Generic (1)
13:31:11.0505 2388	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:31:11.0535 2388	Brserid ( UnsignedFile.Multi.Generic ) - warning
13:31:11.0535 2388	Brserid - detected UnsignedFile.Multi.Generic (1)
13:31:11.0635 2388	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:31:11.0665 2388	BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
13:31:11.0665 2388	BrSerWdm - detected UnsignedFile.Multi.Generic (1)
13:31:11.0795 2388	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:31:11.0815 2388	BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
13:31:11.0815 2388	BrUsbMdm - detected UnsignedFile.Multi.Generic (1)
13:31:11.0955 2388	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:31:11.0975 2388	BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
13:31:11.0975 2388	BrUsbSer - detected UnsignedFile.Multi.Generic (1)
13:31:12.0095 2388	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:31:12.0125 2388	BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
13:31:12.0125 2388	BTHMODEM - detected UnsignedFile.Multi.Generic (1)
13:31:12.0255 2388	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:31:12.0285 2388	cdfs ( UnsignedFile.Multi.Generic ) - warning
13:31:12.0285 2388	cdfs - detected UnsignedFile.Multi.Generic (1)
13:31:12.0435 2388	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:31:12.0465 2388	cdrom ( UnsignedFile.Multi.Generic ) - warning
13:31:12.0465 2388	cdrom - detected UnsignedFile.Multi.Generic (1)
13:31:12.0605 2388	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:31:12.0625 2388	circlass ( UnsignedFile.Multi.Generic ) - warning
13:31:12.0625 2388	circlass - detected UnsignedFile.Multi.Generic (1)
13:31:12.0765 2388	CLBUDF          (0fca6da0b344facdc77c9b75e4710c67) C:\Windows\system32\drivers\CLBUDF.sys
13:31:12.0795 2388	CLBUDF - ok
13:31:12.0885 2388	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:31:12.0905 2388	CLFS - ok
13:31:13.0045 2388	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:31:13.0075 2388	CmBatt ( UnsignedFile.Multi.Generic ) - warning
13:31:13.0075 2388	CmBatt - detected UnsignedFile.Multi.Generic (1)
13:31:13.0185 2388	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
13:31:13.0195 2388	cmdide - ok
13:31:13.0325 2388	CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
13:31:13.0345 2388	CNG - ok
13:31:13.0485 2388	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:31:13.0495 2388	Compbatt - ok
13:31:13.0635 2388	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:31:13.0655 2388	CompositeBus ( UnsignedFile.Multi.Generic ) - warning
13:31:13.0655 2388	CompositeBus - detected UnsignedFile.Multi.Generic (1)
13:31:13.0825 2388	cpuz133         (95c88d25e211a4d52a82c53e5d93e634) C:\Windows\system32\drivers\cpuz133_x64.sys
13:31:13.0835 2388	cpuz133 - ok
13:31:13.0955 2388	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:31:13.0975 2388	crcdisk - ok
13:31:14.0095 2388	CSC             (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
13:31:14.0125 2388	CSC ( UnsignedFile.Multi.Generic ) - warning
13:31:14.0125 2388	CSC - detected UnsignedFile.Multi.Generic (1)
13:31:14.0265 2388	CVirtA          (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
13:31:14.0275 2388	CVirtA - ok
13:31:14.0425 2388	DfsC            (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
13:31:14.0445 2388	DfsC ( UnsignedFile.Multi.Generic ) - warning
13:31:14.0445 2388	DfsC - detected UnsignedFile.Multi.Generic (1)
13:31:14.0565 2388	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:31:14.0585 2388	discache ( UnsignedFile.Multi.Generic ) - warning
13:31:14.0585 2388	discache - detected UnsignedFile.Multi.Generic (1)
13:31:14.0715 2388	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:31:14.0725 2388	Disk - ok
13:31:14.0865 2388	DNE             (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
13:31:14.0875 2388	DNE - ok
13:31:15.0015 2388	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:31:15.0035 2388	drmkaud ( UnsignedFile.Multi.Generic ) - warning
13:31:15.0035 2388	drmkaud - detected UnsignedFile.Multi.Generic (1)
13:31:15.0185 2388	DXGKrnl         (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
13:31:15.0215 2388	DXGKrnl - ok
13:31:15.0375 2388	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:31:15.0465 2388	ebdrv ( UnsignedFile.Multi.Generic ) - warning
13:31:15.0465 2388	ebdrv - detected UnsignedFile.Multi.Generic (1)
13:31:15.0625 2388	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:31:15.0645 2388	elxstor - ok
13:31:15.0745 2388	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
13:31:15.0765 2388	ErrDev ( UnsignedFile.Multi.Generic ) - warning
13:31:15.0765 2388	ErrDev - detected UnsignedFile.Multi.Generic (1)
13:31:15.0905 2388	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:31:15.0935 2388	exfat ( UnsignedFile.Multi.Generic ) - warning
13:31:15.0935 2388	exfat - detected UnsignedFile.Multi.Generic (1)
13:31:16.0045 2388	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:31:16.0065 2388	fastfat ( UnsignedFile.Multi.Generic ) - warning
13:31:16.0065 2388	fastfat - detected UnsignedFile.Multi.Generic (1)
13:31:16.0215 2388	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:31:16.0245 2388	fdc ( UnsignedFile.Multi.Generic ) - warning
13:31:16.0245 2388	fdc - detected UnsignedFile.Multi.Generic (1)
13:31:16.0365 2388	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:31:16.0385 2388	FileInfo - ok
13:31:16.0405 2388	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:31:16.0435 2388	Filetrace ( UnsignedFile.Multi.Generic ) - warning
13:31:16.0435 2388	Filetrace - detected UnsignedFile.Multi.Generic (1)
13:31:16.0575 2388	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:31:16.0595 2388	flpydisk ( UnsignedFile.Multi.Generic ) - warning
13:31:16.0595 2388	flpydisk - detected UnsignedFile.Multi.Generic (1)
13:31:16.0625 2388	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:31:16.0645 2388	FltMgr - ok
13:31:16.0765 2388	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:31:16.0785 2388	FsDepends - ok
13:31:16.0895 2388	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:31:16.0905 2388	Fs_Rec - ok
13:31:17.0035 2388	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:31:17.0055 2388	fvevol - ok
13:31:17.0175 2388	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:31:17.0185 2388	gagp30kx - ok
13:31:17.0305 2388	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:31:17.0325 2388	hcw85cir ( UnsignedFile.Multi.Generic ) - warning
13:31:17.0325 2388	hcw85cir - detected UnsignedFile.Multi.Generic (1)
13:31:17.0385 2388	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
13:31:17.0415 2388	HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
13:31:17.0415 2388	HdAudAddService - detected UnsignedFile.Multi.Generic (1)
13:31:17.0545 2388	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:31:17.0575 2388	HDAudBus ( UnsignedFile.Multi.Generic ) - warning
13:31:17.0575 2388	HDAudBus - detected UnsignedFile.Multi.Generic (1)
13:31:17.0585 2388	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:31:17.0605 2388	HidBatt ( UnsignedFile.Multi.Generic ) - warning
13:31:17.0605 2388	HidBatt - detected UnsignedFile.Multi.Generic (1)
13:31:17.0695 2388	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:31:17.0715 2388	HidBth ( UnsignedFile.Multi.Generic ) - warning
13:31:17.0715 2388	HidBth - detected UnsignedFile.Multi.Generic (1)
13:31:17.0735 2388	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:31:17.0765 2388	HidIr ( UnsignedFile.Multi.Generic ) - warning
13:31:17.0765 2388	HidIr - detected UnsignedFile.Multi.Generic (1)
13:31:17.0875 2388	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:31:17.0905 2388	HidUsb ( UnsignedFile.Multi.Generic ) - warning
13:31:17.0905 2388	HidUsb - detected UnsignedFile.Multi.Generic (1)
13:31:17.0965 2388	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
13:31:17.0985 2388	HpSAMD - ok
13:31:18.0085 2388	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:31:18.0125 2388	HTTP ( UnsignedFile.Multi.Generic ) - warning
13:31:18.0125 2388	HTTP - detected UnsignedFile.Multi.Generic (1)
13:31:18.0235 2388	hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:31:18.0255 2388	hwpolicy - ok
13:31:18.0375 2388	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:31:18.0395 2388	i8042prt ( UnsignedFile.Multi.Generic ) - warning
13:31:18.0395 2388	i8042prt - detected UnsignedFile.Multi.Generic (1)
13:31:18.0535 2388	iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
13:31:18.0545 2388	iaStor - ok
13:31:18.0685 2388	iaStorV         (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
13:31:18.0705 2388	iaStorV - ok
13:31:18.0825 2388	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:31:18.0835 2388	iirsp - ok
13:31:19.0005 2388	IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
13:31:19.0055 2388	IntcAzAudAddService - ok
13:31:19.0175 2388	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
13:31:19.0185 2388	intelide - ok
13:31:19.0235 2388	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:31:19.0255 2388	intelppm ( UnsignedFile.Multi.Generic ) - warning
13:31:19.0255 2388	intelppm - detected UnsignedFile.Multi.Generic (1)
13:31:19.0345 2388	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:31:19.0375 2388	IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
13:31:19.0375 2388	IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
13:31:19.0405 2388	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:31:19.0425 2388	IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
13:31:19.0425 2388	IPMIDRV - detected UnsignedFile.Multi.Generic (1)
13:31:19.0435 2388	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:31:19.0465 2388	IPNAT ( UnsignedFile.Multi.Generic ) - warning
13:31:19.0465 2388	IPNAT - detected UnsignedFile.Multi.Generic (1)
13:31:19.0555 2388	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:31:19.0585 2388	IRENUM ( UnsignedFile.Multi.Generic ) - warning
13:31:19.0585 2388	IRENUM - detected UnsignedFile.Multi.Generic (1)
13:31:19.0695 2388	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
13:31:19.0705 2388	isapnp - ok
13:31:19.0725 2388	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
13:31:19.0745 2388	iScsiPrt - ok
13:31:19.0845 2388	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:31:19.0855 2388	kbdclass - ok
13:31:19.0895 2388	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
13:31:19.0925 2388	kbdhid ( UnsignedFile.Multi.Generic ) - warning
13:31:19.0925 2388	kbdhid - detected UnsignedFile.Multi.Generic (1)
13:31:20.0035 2388	KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
13:31:20.0055 2388	KSecDD - ok
13:31:20.0085 2388	KSecPkg         (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
13:31:20.0105 2388	KSecPkg - ok
13:31:20.0215 2388	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:31:20.0235 2388	ksthunk ( UnsignedFile.Multi.Generic ) - warning
13:31:20.0235 2388	ksthunk - detected UnsignedFile.Multi.Generic (1)
13:31:20.0385 2388	LHidFilt        (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:31:20.0395 2388	LHidFilt - ok
13:31:20.0525 2388	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:31:20.0555 2388	lltdio ( UnsignedFile.Multi.Generic ) - warning
13:31:20.0555 2388	lltdio - detected UnsignedFile.Multi.Generic (1)
13:31:20.0615 2388	LMouFilt        (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:31:20.0625 2388	LMouFilt - ok
13:31:20.0745 2388	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:31:20.0755 2388	LSI_FC - ok
13:31:20.0795 2388	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:31:20.0815 2388	LSI_SAS - ok
13:31:20.0925 2388	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:31:20.0945 2388	LSI_SAS2 - ok
13:31:20.0975 2388	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:31:20.0995 2388	LSI_SCSI - ok
13:31:21.0105 2388	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:31:21.0125 2388	luafv ( UnsignedFile.Multi.Generic ) - warning
13:31:21.0125 2388	luafv - detected UnsignedFile.Multi.Generic (1)
13:31:21.0275 2388	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:31:21.0285 2388	megasas - ok
13:31:21.0305 2388	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:31:21.0325 2388	MegaSR - ok
13:31:21.0445 2388	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:31:21.0465 2388	Modem ( UnsignedFile.Multi.Generic ) - warning
13:31:21.0465 2388	Modem - detected UnsignedFile.Multi.Generic (1)
13:31:21.0605 2388	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:31:21.0625 2388	monitor ( UnsignedFile.Multi.Generic ) - warning
13:31:21.0625 2388	monitor - detected UnsignedFile.Multi.Generic (1)
13:31:21.0755 2388	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:31:21.0765 2388	mouclass - ok
13:31:21.0885 2388	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:31:21.0905 2388	mouhid ( UnsignedFile.Multi.Generic ) - warning
13:31:21.0905 2388	mouhid - detected UnsignedFile.Multi.Generic (1)
13:31:21.0935 2388	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:31:21.0945 2388	mountmgr - ok
13:31:22.0035 2388	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
13:31:22.0055 2388	mpio - ok
13:31:22.0075 2388	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:31:22.0095 2388	mpsdrv ( UnsignedFile.Multi.Generic ) - warning
13:31:22.0095 2388	mpsdrv - detected UnsignedFile.Multi.Generic (1)
13:31:22.0195 2388	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:31:22.0225 2388	MRxDAV ( UnsignedFile.Multi.Generic ) - warning
13:31:22.0225 2388	MRxDAV - detected UnsignedFile.Multi.Generic (1)
13:31:22.0275 2388	mrxsmb          (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:31:22.0305 2388	mrxsmb ( UnsignedFile.Multi.Generic ) - warning
13:31:22.0305 2388	mrxsmb - detected UnsignedFile.Multi.Generic (1)
13:31:22.0405 2388	mrxsmb10        (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:31:22.0435 2388	mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
13:31:22.0435 2388	mrxsmb10 - detected UnsignedFile.Multi.Generic (1)
13:31:22.0455 2388	mrxsmb20        (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:31:22.0475 2388	mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
13:31:22.0475 2388	mrxsmb20 - detected UnsignedFile.Multi.Generic (1)
13:31:22.0575 2388	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
13:31:22.0585 2388	msahci - ok
13:31:22.0605 2388	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
13:31:22.0625 2388	msdsm - ok
13:31:22.0735 2388	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:31:22.0755 2388	Msfs ( UnsignedFile.Multi.Generic ) - warning
13:31:22.0755 2388	Msfs - detected UnsignedFile.Multi.Generic (1)
13:31:22.0765 2388	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:31:22.0795 2388	mshidkmdf ( UnsignedFile.Multi.Generic ) - warning
13:31:22.0795 2388	mshidkmdf - detected UnsignedFile.Multi.Generic (1)
13:31:22.0815 2388	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
13:31:22.0825 2388	msisadrv - ok
13:31:22.0945 2388	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:31:22.0965 2388	MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
13:31:22.0965 2388	MSKSSRV - detected UnsignedFile.Multi.Generic (1)
13:31:22.0995 2388	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:31:23.0015 2388	MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
13:31:23.0015 2388	MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
13:31:23.0115 2388	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:31:23.0135 2388	MSPQM ( UnsignedFile.Multi.Generic ) - warning
13:31:23.0135 2388	MSPQM - detected UnsignedFile.Multi.Generic (1)
13:31:23.0175 2388	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:31:23.0195 2388	MsRPC - ok
13:31:23.0275 2388	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:31:23.0295 2388	mssmbios - ok
13:31:23.0335 2388	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:31:23.0355 2388	MSTEE ( UnsignedFile.Multi.Generic ) - warning
13:31:23.0355 2388	MSTEE - detected UnsignedFile.Multi.Generic (1)
13:31:23.0425 2388	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:31:23.0455 2388	MTConfig ( UnsignedFile.Multi.Generic ) - warning
13:31:23.0455 2388	MTConfig - detected UnsignedFile.Multi.Generic (1)
13:31:23.0485 2388	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:31:23.0495 2388	Mup - ok
13:31:23.0615 2388	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:31:23.0645 2388	NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
13:31:23.0645 2388	NativeWifiP - detected UnsignedFile.Multi.Generic (1)
13:31:23.0805 2388	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:31:23.0835 2388	NDIS - ok
13:31:23.0945 2388	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:31:23.0975 2388	NdisCap ( UnsignedFile.Multi.Generic ) - warning
13:31:23.0975 2388	NdisCap - detected UnsignedFile.Multi.Generic (1)
13:31:24.0035 2388	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:31:24.0055 2388	NdisTapi ( UnsignedFile.Multi.Generic ) - warning
13:31:24.0055 2388	NdisTapi - detected UnsignedFile.Multi.Generic (1)
13:31:24.0135 2388	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:31:24.0165 2388	Ndisuio ( UnsignedFile.Multi.Generic ) - warning
13:31:24.0165 2388	Ndisuio - detected UnsignedFile.Multi.Generic (1)
13:31:24.0195 2388	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:31:24.0215 2388	NdisWan ( UnsignedFile.Multi.Generic ) - warning
13:31:24.0215 2388	NdisWan - detected UnsignedFile.Multi.Generic (1)
13:31:24.0305 2388	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:31:24.0325 2388	NDProxy ( UnsignedFile.Multi.Generic ) - warning
13:31:24.0325 2388	NDProxy - detected UnsignedFile.Multi.Generic (1)
13:31:24.0375 2388	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:31:24.0395 2388	NetBIOS ( UnsignedFile.Multi.Generic ) - warning
13:31:24.0395 2388	NetBIOS - detected UnsignedFile.Multi.Generic (1)
13:31:24.0495 2388	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:31:24.0515 2388	NetBT ( UnsignedFile.Multi.Generic ) - warning
13:31:24.0515 2388	NetBT - detected UnsignedFile.Multi.Generic (1)
13:31:24.0745 2388	netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
13:31:24.0905 2388	netw5v64 ( UnsignedFile.Multi.Generic ) - warning
13:31:24.0905 2388	netw5v64 - detected UnsignedFile.Multi.Generic (1)
13:31:25.0025 2388	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:31:25.0035 2388	nfrd960 - ok
13:31:25.0175 2388	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:31:25.0195 2388	Npfs ( UnsignedFile.Multi.Generic ) - warning
13:31:25.0195 2388	Npfs - detected UnsignedFile.Multi.Generic (1)
13:31:25.0225 2388	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:31:25.0245 2388	nsiproxy ( UnsignedFile.Multi.Generic ) - warning
13:31:25.0245 2388	nsiproxy - detected UnsignedFile.Multi.Generic (1)
13:31:25.0315 2388	NSNDIS5 - ok
13:31:25.0415 2388	Ntfs            (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
13:31:25.0465 2388	Ntfs - ok
13:31:25.0565 2388	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:31:25.0585 2388	Null ( UnsignedFile.Multi.Generic ) - warning
13:31:25.0585 2388	Null - detected UnsignedFile.Multi.Generic (1)
13:31:25.0865 2388	nvlddmkm        (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:31:26.0135 2388	nvlddmkm - ok
13:31:26.0305 2388	nvraid          (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
13:31:26.0325 2388	nvraid - ok
13:31:26.0395 2388	nvstor          (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
13:31:26.0415 2388	nvstor - ok
13:31:26.0555 2388	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
13:31:26.0565 2388	nv_agp - ok
13:31:26.0685 2388	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
13:31:26.0715 2388	ohci1394 ( UnsignedFile.Multi.Generic ) - warning
13:31:26.0715 2388	ohci1394 - detected UnsignedFile.Multi.Generic (1)
13:31:26.0895 2388	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:31:26.0915 2388	Parport ( UnsignedFile.Multi.Generic ) - warning
13:31:26.0915 2388	Parport - detected UnsignedFile.Multi.Generic (1)
13:31:26.0945 2388	partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
13:31:26.0955 2388	partmgr - ok
13:31:27.0045 2388	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
13:31:27.0065 2388	pci - ok
13:31:27.0185 2388	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
13:31:27.0195 2388	pciide - ok
13:31:27.0215 2388	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:31:27.0235 2388	pcmcia - ok
13:31:27.0335 2388	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:31:27.0345 2388	pcw - ok
13:31:27.0375 2388	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:31:27.0415 2388	PEAUTH ( UnsignedFile.Multi.Generic ) - warning
13:31:27.0415 2388	PEAUTH - detected UnsignedFile.Multi.Generic (1)
13:31:27.0585 2388	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:31:27.0615 2388	PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
13:31:27.0615 2388	PptpMiniport - detected UnsignedFile.Multi.Generic (1)
13:31:27.0635 2388	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:31:27.0665 2388	Processor ( UnsignedFile.Multi.Generic ) - warning
13:31:27.0665 2388	Processor - detected UnsignedFile.Multi.Generic (1)
13:31:27.0785 2388	Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:31:27.0815 2388	Psched ( UnsignedFile.Multi.Generic ) - warning
13:31:27.0815 2388	Psched - detected UnsignedFile.Multi.Generic (1)
13:31:27.0955 2388	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:31:28.0005 2388	ql2300 - ok
13:31:28.0105 2388	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:31:28.0125 2388	ql40xx - ok
13:31:28.0145 2388	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:31:28.0165 2388	QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0165 2388	QWAVEdrv - detected UnsignedFile.Multi.Generic (1)
13:31:28.0185 2388	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:31:28.0205 2388	RasAcd ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0205 2388	RasAcd - detected UnsignedFile.Multi.Generic (1)
13:31:28.0335 2388	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:31:28.0355 2388	RasAgileVpn ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0355 2388	RasAgileVpn - detected UnsignedFile.Multi.Generic (1)
13:31:28.0475 2388	Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:31:28.0505 2388	Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0505 2388	Rasl2tp - detected UnsignedFile.Multi.Generic (1)
13:31:28.0525 2388	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:31:28.0555 2388	RasPppoe ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0555 2388	RasPppoe - detected UnsignedFile.Multi.Generic (1)
13:31:28.0675 2388	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:31:28.0705 2388	RasSstp ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0705 2388	RasSstp - detected UnsignedFile.Multi.Generic (1)
13:31:28.0715 2388	rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:31:28.0745 2388	rdbss ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0745 2388	rdbss - detected UnsignedFile.Multi.Generic (1)
13:31:28.0835 2388	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:31:28.0855 2388	rdpbus ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0855 2388	rdpbus - detected UnsignedFile.Multi.Generic (1)
13:31:28.0955 2388	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:31:28.0975 2388	RDPCDD ( UnsignedFile.Multi.Generic ) - warning
13:31:28.0975 2388	RDPCDD - detected UnsignedFile.Multi.Generic (1)
13:31:29.0005 2388	RDPDR           (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
13:31:29.0035 2388	RDPDR ( UnsignedFile.Multi.Generic ) - warning
13:31:29.0035 2388	RDPDR - detected UnsignedFile.Multi.Generic (1)
13:31:29.0145 2388	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:31:29.0175 2388	RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
13:31:29.0175 2388	RDPENCDD - detected UnsignedFile.Multi.Generic (1)
13:31:29.0195 2388	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:31:29.0215 2388	RDPREFMP ( UnsignedFile.Multi.Generic ) - warning
13:31:29.0215 2388	RDPREFMP - detected UnsignedFile.Multi.Generic (1)
13:31:29.0235 2388	RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
13:31:29.0265 2388	RDPWD ( UnsignedFile.Multi.Generic ) - warning
13:31:29.0265 2388	RDPWD - detected UnsignedFile.Multi.Generic (1)
13:31:29.0395 2388	rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
13:31:29.0405 2388	rdyboost - ok
13:31:29.0555 2388	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:31:29.0575 2388	rspndr ( UnsignedFile.Multi.Generic ) - warning
13:31:29.0575 2388	rspndr - detected UnsignedFile.Multi.Generic (1)
13:31:29.0785 2388	RTCore64        (bc5366760098dc14ec00ae36c359f42b) C:\Program Files (x86)\RMClock\RTCore64.sys
13:31:29.0795 2388	RTCore64 - ok
13:31:29.0905 2388	RTL8167         (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:31:29.0935 2388	RTL8167 ( UnsignedFile.Multi.Generic ) - warning
13:31:29.0935 2388	RTL8167 - detected UnsignedFile.Multi.Generic (1)
13:31:29.0965 2388	s3cap           (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
13:31:29.0985 2388	s3cap ( UnsignedFile.Multi.Generic ) - warning
13:31:29.0985 2388	s3cap - detected UnsignedFile.Multi.Generic (1)
13:31:30.0075 2388	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
13:31:30.0085 2388	sbp2port - ok
13:31:30.0115 2388	scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:31:30.0145 2388	scfilter ( UnsignedFile.Multi.Generic ) - warning
13:31:30.0145 2388	scfilter - detected UnsignedFile.Multi.Generic (1)
13:31:30.0245 2388	sdbus           (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
13:31:30.0275 2388	sdbus ( UnsignedFile.Multi.Generic ) - warning
13:31:30.0275 2388	sdbus - detected UnsignedFile.Multi.Generic (1)
13:31:30.0395 2388	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:31:30.0415 2388	secdrv ( UnsignedFile.Multi.Generic ) - warning
13:31:30.0415 2388	secdrv - detected UnsignedFile.Multi.Generic (1)
13:31:30.0535 2388	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:31:30.0555 2388	Serenum ( UnsignedFile.Multi.Generic ) - warning
13:31:30.0555 2388	Serenum - detected UnsignedFile.Multi.Generic (1)
13:31:30.0675 2388	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:31:30.0705 2388	Serial ( UnsignedFile.Multi.Generic ) - warning
13:31:30.0705 2388	Serial - detected UnsignedFile.Multi.Generic (1)
13:31:30.0745 2388	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:31:30.0775 2388	sermouse ( UnsignedFile.Multi.Generic ) - warning
13:31:30.0775 2388	sermouse - detected UnsignedFile.Multi.Generic (1)
13:31:30.0875 2388	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
13:31:30.0895 2388	sffdisk ( UnsignedFile.Multi.Generic ) - warning
13:31:30.0895 2388	sffdisk - detected UnsignedFile.Multi.Generic (1)
13:31:30.0925 2388	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:31:30.0945 2388	sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
13:31:30.0945 2388	sffp_mmc - detected UnsignedFile.Multi.Generic (1)
13:31:31.0035 2388	sffp_sd         (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:31:31.0065 2388	sffp_sd ( UnsignedFile.Multi.Generic ) - warning
13:31:31.0065 2388	sffp_sd - detected UnsignedFile.Multi.Generic (1)
13:31:31.0145 2388	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:31:31.0175 2388	sfloppy ( UnsignedFile.Multi.Generic ) - warning
13:31:31.0175 2388	sfloppy - detected UnsignedFile.Multi.Generic (1)
13:31:31.0245 2388	silabenm        (7799106fee728b907a86d9c9751e02d5) C:\Windows\system32\DRIVERS\silabenm.sys
13:31:31.0255 2388	silabenm - ok
13:31:31.0375 2388	silabser        (3c356beaa55339d7ce7a9509e22166cc) C:\Windows\system32\DRIVERS\silabser.sys
13:31:31.0395 2388	silabser ( UnsignedFile.Multi.Generic ) - warning
13:31:31.0395 2388	silabser - detected UnsignedFile.Multi.Generic (1)
13:31:31.0515 2388	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:31:31.0535 2388	SiSRaid2 - ok
13:31:31.0545 2388	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:31:31.0565 2388	SiSRaid4 - ok
13:31:31.0675 2388	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:31:31.0705 2388	Smb ( UnsignedFile.Multi.Generic ) - warning
13:31:31.0705 2388	Smb - detected UnsignedFile.Multi.Generic (1)
13:31:31.0845 2388	smserial        (7ae8bca90539ecbde87ac45ba1436be3) C:\Windows\system32\DRIVERS\SmSerl64.sys
13:31:31.0895 2388	smserial ( UnsignedFile.Multi.Generic ) - warning
13:31:31.0895 2388	smserial - detected UnsignedFile.Multi.Generic (1)
13:31:32.0015 2388	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:31:32.0025 2388	spldr - ok
13:31:32.0075 2388	srv             (43067a65522eaec33d31a12d6fa8e3f4) C:\Windows\system32\DRIVERS\srv.sys
13:31:32.0105 2388	srv ( UnsignedFile.Multi.Generic ) - warning
13:31:32.0105 2388	srv - detected UnsignedFile.Multi.Generic (1)
13:31:32.0205 2388	srv2            (03715cf9c30b563da35fc5f2b8f7b8e0) C:\Windows\system32\DRIVERS\srv2.sys
13:31:32.0235 2388	srv2 ( UnsignedFile.Multi.Generic ) - warning
13:31:32.0235 2388	srv2 - detected UnsignedFile.Multi.Generic (1)
13:31:32.0365 2388	srvnet          (fbd09635227a8026c0f7790f604343c6) C:\Windows\system32\DRIVERS\srvnet.sys
13:31:32.0395 2388	srvnet ( UnsignedFile.Multi.Generic ) - warning
13:31:32.0395 2388	srvnet - detected UnsignedFile.Multi.Generic (1)
13:31:32.0535 2388	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:31:32.0545 2388	stexstor - ok
13:31:32.0665 2388	storflt         (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
13:31:32.0675 2388	storflt - ok
13:31:32.0795 2388	storvsc         (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
13:31:32.0815 2388	storvsc - ok
13:31:32.0835 2388	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:31:32.0855 2388	swenum - ok
13:31:32.0985 2388	SynTP           (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys
13:31:33.0005 2388	SynTP - ok
13:31:33.0155 2388	Tcpip           (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
13:31:33.0215 2388	Tcpip - ok
13:31:33.0355 2388	TCPIP6          (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
13:31:33.0405 2388	TCPIP6 - ok
13:31:33.0505 2388	tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:31:33.0525 2388	tcpipreg ( UnsignedFile.Multi.Generic ) - warning
13:31:33.0525 2388	tcpipreg - detected UnsignedFile.Multi.Generic (1)
13:31:33.0545 2388	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:31:33.0565 2388	TDPIPE ( UnsignedFile.Multi.Generic ) - warning
13:31:33.0565 2388	TDPIPE - detected UnsignedFile.Multi.Generic (1)
13:31:33.0655 2388	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:31:33.0675 2388	TDTCP ( UnsignedFile.Multi.Generic ) - warning
13:31:33.0675 2388	TDTCP - detected UnsignedFile.Multi.Generic (1)
13:31:33.0705 2388	tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:31:33.0735 2388	tdx ( UnsignedFile.Multi.Generic ) - warning
13:31:33.0735 2388	tdx - detected UnsignedFile.Multi.Generic (1)
13:31:33.0755 2388	TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
13:31:33.0775 2388	TermDD - ok
13:31:33.0915 2388	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:31:33.0935 2388	tssecsrv ( UnsignedFile.Multi.Generic ) - warning
13:31:33.0935 2388	tssecsrv - detected UnsignedFile.Multi.Generic (1)
13:31:34.0075 2388	tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:31:34.0105 2388	tunnel ( UnsignedFile.Multi.Generic ) - warning
13:31:34.0105 2388	tunnel - detected UnsignedFile.Multi.Generic (1)
13:31:34.0195 2388	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:31:34.0205 2388	uagp35 - ok
13:31:34.0235 2388	udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
13:31:34.0265 2388	udfs ( UnsignedFile.Multi.Generic ) - warning
13:31:34.0265 2388	udfs - detected UnsignedFile.Multi.Generic (1)
13:31:34.0375 2388	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
13:31:34.0395 2388	uliagpkx - ok
13:31:34.0525 2388	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
13:31:34.0545 2388	umbus ( UnsignedFile.Multi.Generic ) - warning
13:31:34.0545 2388	umbus - detected UnsignedFile.Multi.Generic (1)
13:31:34.0665 2388	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:31:34.0695 2388	UmPass ( UnsignedFile.Multi.Generic ) - warning
13:31:34.0695 2388	UmPass - detected UnsignedFile.Multi.Generic (1)
13:31:34.0825 2388	usbccgp         (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
13:31:34.0855 2388	usbccgp ( UnsignedFile.Multi.Generic ) - warning
13:31:34.0855 2388	usbccgp - detected UnsignedFile.Multi.Generic (1)
13:31:34.0975 2388	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
13:31:34.0995 2388	usbcir ( UnsignedFile.Multi.Generic ) - warning
13:31:34.0995 2388	usbcir - detected UnsignedFile.Multi.Generic (1)
13:31:35.0115 2388	usbehci         (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
13:31:35.0135 2388	usbehci ( UnsignedFile.Multi.Generic ) - warning
13:31:35.0135 2388	usbehci - detected UnsignedFile.Multi.Generic (1)
13:31:35.0285 2388	usbhub          (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
13:31:35.0315 2388	usbhub ( UnsignedFile.Multi.Generic ) - warning
13:31:35.0315 2388	usbhub - detected UnsignedFile.Multi.Generic (1)
13:31:35.0405 2388	usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
13:31:35.0425 2388	usbohci ( UnsignedFile.Multi.Generic ) - warning
13:31:35.0425 2388	usbohci - detected UnsignedFile.Multi.Generic (1)
13:31:35.0445 2388	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:31:35.0465 2388	usbprint ( UnsignedFile.Multi.Generic ) - warning
13:31:35.0465 2388	usbprint - detected UnsignedFile.Multi.Generic (1)
13:31:35.0565 2388	USBSTOR         (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:31:35.0585 2388	USBSTOR ( UnsignedFile.Multi.Generic ) - warning
13:31:35.0585 2388	USBSTOR - detected UnsignedFile.Multi.Generic (1)
13:31:35.0605 2388	usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:31:35.0635 2388	usbuhci ( UnsignedFile.Multi.Generic ) - warning
13:31:35.0635 2388	usbuhci - detected UnsignedFile.Multi.Generic (1)
13:31:35.0755 2388	usbvideo        (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
13:31:35.0785 2388	usbvideo ( UnsignedFile.Multi.Generic ) - warning
13:31:35.0785 2388	usbvideo - detected UnsignedFile.Multi.Generic (1)
13:31:35.0915 2388	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
13:31:35.0925 2388	vdrvroot - ok
13:31:35.0965 2388	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:31:35.0995 2388	vga ( UnsignedFile.Multi.Generic ) - warning
13:31:35.0995 2388	vga - detected UnsignedFile.Multi.Generic (1)
13:31:36.0085 2388	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:31:36.0115 2388	VgaSave ( UnsignedFile.Multi.Generic ) - warning
13:31:36.0115 2388	VgaSave - detected UnsignedFile.Multi.Generic (1)
13:31:36.0125 2388	vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
13:31:36.0145 2388	vhdmp - ok
13:31:36.0235 2388	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
13:31:36.0255 2388	viaide - ok
13:31:36.0295 2388	vmbus           (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
13:31:36.0305 2388	vmbus - ok
13:31:36.0405 2388	VMBusHID        (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
13:31:36.0435 2388	VMBusHID ( UnsignedFile.Multi.Generic ) - warning
13:31:36.0435 2388	VMBusHID - detected UnsignedFile.Multi.Generic (1)
13:31:36.0555 2388	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
13:31:36.0565 2388	volmgr - ok
13:31:36.0585 2388	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:31:36.0605 2388	volmgrx - ok
13:31:36.0715 2388	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
13:31:36.0735 2388	volsnap - ok
13:31:36.0855 2388	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:31:36.0865 2388	vsmraid - ok
13:31:36.0895 2388	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:31:36.0915 2388	vwifibus ( UnsignedFile.Multi.Generic ) - warning
13:31:36.0915 2388	vwifibus - detected UnsignedFile.Multi.Generic (1)
13:31:37.0025 2388	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:31:37.0045 2388	WacomPen ( UnsignedFile.Multi.Generic ) - warning
13:31:37.0045 2388	WacomPen - detected UnsignedFile.Multi.Generic (1)
13:31:37.0185 2388	WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:31:37.0215 2388	WANARP ( UnsignedFile.Multi.Generic ) - warning
13:31:37.0215 2388	WANARP - detected UnsignedFile.Multi.Generic (1)
13:31:37.0225 2388	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:31:37.0255 2388	Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
13:31:37.0255 2388	Wanarpv6 - detected UnsignedFile.Multi.Generic (1)
13:31:37.0365 2388	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:31:37.0385 2388	Wd - ok
13:31:37.0415 2388	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:31:37.0445 2388	Wdf01000 - ok
13:31:37.0595 2388	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:31:37.0615 2388	WfpLwf ( UnsignedFile.Multi.Generic ) - warning
13:31:37.0615 2388	WfpLwf - detected UnsignedFile.Multi.Generic (1)
13:31:37.0735 2388	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:31:37.0745 2388	WIMMount - ok
13:31:37.0895 2388	WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
13:31:37.0915 2388	WinUsb ( UnsignedFile.Multi.Generic ) - warning
13:31:37.0915 2388	WinUsb - detected UnsignedFile.Multi.Generic (1)
13:31:38.0045 2388	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:31:38.0065 2388	WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
13:31:38.0065 2388	WmiAcpi - detected UnsignedFile.Multi.Generic (1)
13:31:38.0195 2388	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:31:38.0215 2388	ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
13:31:38.0215 2388	ws2ifsl - detected UnsignedFile.Multi.Generic (1)
13:31:38.0245 2388	WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:31:38.0275 2388	WudfPf ( UnsignedFile.Multi.Generic ) - warning
13:31:38.0275 2388	WudfPf - detected UnsignedFile.Multi.Generic (1)
13:31:38.0385 2388	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:31:38.0405 2388	WUDFRd ( UnsignedFile.Multi.Generic ) - warning
13:31:38.0405 2388	WUDFRd - detected UnsignedFile.Multi.Generic (1)
13:31:38.0805 2388	{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
13:31:38.0815 2388	{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
13:31:38.0865 2388	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:31:39.0535 2388	\Device\Harddisk0\DR0 - ok
13:31:39.0565 2388	Boot (0x1200)   (472bc8eb05d07c9e13d8349f38ab9d01) \Device\Harddisk0\DR0\Partition0
13:31:39.0565 2388	\Device\Harddisk0\DR0\Partition0 - ok
13:31:39.0585 2388	Boot (0x1200)   (7e2bed643425068eedfcec0453becb4a) \Device\Harddisk0\DR0\Partition1
13:31:39.0585 2388	\Device\Harddisk0\DR0\Partition1 - ok
13:31:39.0605 2388	Boot (0x1200)   (43614343699ba275d7bc216b5d597426) \Device\Harddisk0\DR0\Partition2
13:31:39.0605 2388	\Device\Harddisk0\DR0\Partition2 - ok
13:31:39.0605 2388	============================================================
13:31:39.0605 2388	Scan finished
13:31:39.0605 2388	============================================================
13:31:39.0625 4756	Detected object count: 150
13:31:39.0625 4756	Actual detected object count: 150
13:31:55.0215 4756	1394ohci ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0215 4756	1394ohci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0215 4756	AcpiPmi ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0215 4756	AcpiPmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0215 4756	AFD ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0215 4756	AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0215 4756	altausb ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0215 4756	altausb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0225 4756	AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0225 4756	AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0225 4756	AmdPPM ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0225 4756	AmdPPM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0225 4756	AppID ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0225 4756	AppID ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0225 4756	AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0225 4756	AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0225 4756	b06bdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0225 4756	b06bdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0235 4756	b57nd60a ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0235 4756	b57nd60a ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0235 4756	Beep ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0235 4756	Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0235 4756	blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0235 4756	blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0235 4756	bowser ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0235 4756	bowser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0235 4756	BrFiltLo ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0235 4756	BrFiltLo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0245 4756	BrFiltUp ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0245 4756	BrFiltUp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0245 4756	Brserid ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0245 4756	Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0245 4756	BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0245 4756	BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0245 4756	BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0245 4756	BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0245 4756	BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0245 4756	BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0255 4756	BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0255 4756	BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0255 4756	cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0255 4756	cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0255 4756	cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0255 4756	cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0255 4756	circlass ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0255 4756	circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0255 4756	CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0255 4756	CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0265 4756	CompositeBus ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0265 4756	CompositeBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0265 4756	CSC ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0265 4756	CSC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0265 4756	DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0265 4756	DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0265 4756	discache ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0265 4756	discache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0265 4756	drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0265 4756	drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0275 4756	ebdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0275 4756	ebdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0275 4756	ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0275 4756	ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0275 4756	exfat ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0275 4756	exfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0275 4756	fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0275 4756	fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0275 4756	fdc ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0275 4756	fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0285 4756	Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0285 4756	Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0285 4756	flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0285 4756	flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0285 4756	hcw85cir ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0285 4756	hcw85cir ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0285 4756	HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0285 4756	HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0285 4756	HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0285 4756	HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0285 4756	HidBatt ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0285 4756	HidBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0295 4756	HidBth ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0295 4756	HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0295 4756	HidIr ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0295 4756	HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0295 4756	HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0295 4756	HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0295 4756	HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0295 4756	HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0295 4756	i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0295 4756	i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0305 4756	intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0305 4756	intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0305 4756	IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0305 4756	IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0305 4756	IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0305 4756	IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0305 4756	IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0305 4756	IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0305 4756	IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0305 4756	IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0315 4756	kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0315 4756	kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0315 4756	ksthunk ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0315 4756	ksthunk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0315 4756	lltdio ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0315 4756	lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0315 4756	luafv ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0315 4756	luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0315 4756	Modem ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0315 4756	Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0325 4756	monitor ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0325 4756	monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0325 4756	mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0325 4756	mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0325 4756	mpsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0325 4756	mpsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0325 4756	MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0325 4756	MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0325 4756	mrxsmb ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0325 4756	mrxsmb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0335 4756	mrxsmb10 ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0335 4756	mrxsmb10 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0335 4756	mrxsmb20 ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0335 4756	mrxsmb20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0335 4756	Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0335 4756	Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0335 4756	mshidkmdf ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0335 4756	mshidkmdf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0335 4756	MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0335 4756	MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0335 4756	MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0335 4756	MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0345 4756	MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0345 4756	MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0345 4756	MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0345 4756	MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0345 4756	MTConfig ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0345 4756	MTConfig ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0345 4756	NativeWifiP ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0345 4756	NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0345 4756	NdisCap ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0345 4756	NdisCap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0355 4756	NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0355 4756	NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0355 4756	Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0355 4756	Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0355 4756	NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0355 4756	NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0355 4756	NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0355 4756	NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0355 4756	NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0355 4756	NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0365 4756	NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0365 4756	NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0365 4756	netw5v64 ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0365 4756	netw5v64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0365 4756	Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0365 4756	Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0365 4756	nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0365 4756	nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0365 4756	Null ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0365 4756	Null ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0365 4756	ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0365 4756	ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0375 4756	Parport ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0375 4756	Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0375 4756	PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0375 4756	PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0375 4756	PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0375 4756	PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0375 4756	Processor ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0375 4756	Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0375 4756	Psched ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0375 4756	Psched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0385 4756	QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0385 4756	QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0385 4756	RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0385 4756	RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0385 4756	RasAgileVpn ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0385 4756	RasAgileVpn ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0385 4756	Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0385 4756	Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0385 4756	RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0385 4756	RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0395 4756	RasSstp ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0395 4756	RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0395 4756	rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0395 4756	rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0395 4756	rdpbus ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0395 4756	rdpbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0395 4756	RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0395 4756	RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0395 4756	RDPDR ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0395 4756	RDPDR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0405 4756	RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0405 4756	RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0405 4756	RDPREFMP ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0405 4756	RDPREFMP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0405 4756	RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0405 4756	RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0405 4756	rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0405 4756	rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0415 4756	RTL8167 ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0415 4756	RTL8167 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0415 4756	s3cap ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0415 4756	s3cap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0415 4756	scfilter ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0415 4756	scfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0415 4756	sdbus ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0415 4756	sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0425 4756	secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0425 4756	secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0425 4756	Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0425 4756	Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0425 4756	Serial ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0425 4756	Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0425 4756	sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0425 4756	sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0435 4756	sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0435 4756	sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0435 4756	sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0435 4756	sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0435 4756	sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0435 4756	sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0435 4756	sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0435 4756	sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0445 4756	silabser ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0445 4756	silabser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0445 4756	Smb ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0445 4756	Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0445 4756	smserial ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0445 4756	smserial ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0445 4756	srv ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0445 4756	srv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0455 4756	srv2 ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0455 4756	srv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0455 4756	srvnet ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0455 4756	srvnet ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0455 4756	tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0455 4756	tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0455 4756	TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0455 4756	TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0465 4756	TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0465 4756	TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0465 4756	tdx ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0465 4756	tdx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0465 4756	tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0465 4756	tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0465 4756	tunnel ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0465 4756	tunnel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0465 4756	udfs ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0465 4756	udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0475 4756	umbus ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0475 4756	umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0475 4756	UmPass ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0475 4756	UmPass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0475 4756	usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0475 4756	usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0475 4756	usbcir ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0475 4756	usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0485 4756	usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0485 4756	usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0485 4756	usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0485 4756	usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0485 4756	usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0485 4756	usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0485 4756	usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0485 4756	usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0495 4756	USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0495 4756	USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0495 4756	usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0495 4756	usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0495 4756	usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0495 4756	usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0495 4756	vga ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0495 4756	vga ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0495 4756	VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0495 4756	VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0505 4756	VMBusHID ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0505 4756	VMBusHID ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0505 4756	vwifibus ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0505 4756	vwifibus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0505 4756	WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0505 4756	WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0505 4756	WANARP ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0505 4756	WANARP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0515 4756	Wanarpv6 ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0515 4756	Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0515 4756	WfpLwf ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0515 4756	WfpLwf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0515 4756	WinUsb ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0515 4756	WinUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0515 4756	WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0515 4756	WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0525 4756	ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0525 4756	ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0525 4756	WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0525 4756	WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:31:55.0525 4756	WUDFRd ( UnsignedFile.Multi.Generic ) - skipped by user
13:31:55.0525 4756	WUDFRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 27.11.2011, 22:07   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Dann bitte jetzt CF ausführen, unter kontrollierten Bedingungen!!

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.11.2011, 18:06   #24
Badgerli
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Hm... Das Problem vom Anfang mit Combofix trat wieder auf... Aber hab inzwischen die Lösung gefunden, nach dem restart als Admin anmelden... Allerdings bereitet Combofix nun schon seit ner knappen Stunde angeblich das Logfile vor... Ist das normal?

Offensichtlich hats nu doch geklappt

Code:
ATTFilter
ComboFix 11-11-28.02 - Badger 28.11.2011  17:15:52.2.2 - x64
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.4091.2809 [GMT 1:00]
ausgeführt von:: c:\users\Badger_2\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
C:\install.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-10-28 bis 2011-11-28  ))))))))))))))))))))))))))))))
.
.
2011-11-28 16:24 . 2011-11-28 16:26	--------	d-----w-	c:\users\Badger\AppData\Local\temp
2011-11-28 16:24 . 2011-11-28 16:24	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-11-28 16:24 . 2011-11-28 16:24	--------	d-----w-	c:\users\Carstinho\AppData\Local\temp
2011-11-28 16:24 . 2011-11-28 16:24	--------	d-----w-	c:\users\Angy\AppData\Local\temp
2011-11-28 16:11 . 2011-11-28 16:11	--------	d-----w-	c:\users\Badger\AppData\Roaming\Avira
2011-11-27 11:36 . 2011-11-27 11:36	--------	d-----w-	C:\_OTL
2011-11-27 07:59 . 2011-11-27 07:59	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-26 13:49 . 2011-11-26 13:49	--------	d-----w-	c:\program files (x86)\ESET
2011-11-26 09:15 . 2011-11-26 09:15	525544	----a-w-	c:\windows\system32\deployJava1.dll
2011-11-26 09:15 . 2011-11-26 09:15	--------	d-----w-	c:\program files\Java
2011-11-26 08:29 . 2011-11-26 08:29	--------	d-----w-	c:\users\Badger_2\AppData\Local\Apple Computer
2011-11-25 12:23 . 2011-11-25 16:04	--------	d-----w-	C:\Combo-Fix
2011-11-20 06:42 . 2011-11-20 06:42	--------	d-----w-	c:\users\Angy\AppData\Roaming\Malwarebytes
2011-11-19 10:51 . 2011-11-19 10:51	--------	d-----w-	c:\users\Badger_2\AppData\Roaming\Malwarebytes
2011-11-19 10:44 . 2011-11-19 10:44	--------	d-----w-	c:\users\Badger\AppData\Roaming\Malwarebytes
2011-11-19 10:43 . 2011-11-19 10:43	--------	d-----w-	c:\programdata\Malwarebytes
2011-11-19 10:43 . 2011-08-31 16:00	25416	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-11-17 13:55 . 2011-11-17 13:55	--------	d-----w-	c:\users\Carstinho\AppData\Local\Intel
2011-11-17 11:00 . 2011-11-20 09:57	--------	d-----w-	c:\users\Badger_2\AppData\Roaming\fityk
2011-11-17 10:57 . 2011-11-17 11:00	--------	d-----w-	c:\users\Badger\AppData\Roaming\fityk
2011-11-17 10:56 . 2011-11-17 10:56	--------	d-----w-	c:\program files (x86)\Fityk
2011-11-13 18:50 . 2011-11-13 18:50	--------	d-----w-	c:\users\Angy\AppData\Local\ColdCut
2011-11-11 17:27 . 2011-11-25 07:23	--------	d-----w-	c:\users\Badger_2\AppData\Roaming\components
2011-11-09 20:23 . 2011-11-17 18:27	--------	d-----w-	c:\users\Badger_2\AppData\Roaming\xmldm
2011-11-09 20:23 . 2011-11-09 20:23	--------	d-----w-	c:\users\Badger_2\AppData\Roaming\kock
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-10 06:35 . 2011-07-02 12:11	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-11 13:00 . 2011-10-18 05:29	97312	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-10-11 13:00 . 2011-10-18 05:29	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2011-10-11 13:00 . 2011-10-18 05:29	130760	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-09-01 20:25 . 2011-09-01 20:25	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys
[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\system32\drivers\asyncmac.sys
.
[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys
[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\system32\drivers\null.sys
.
[-] 2009-07-14 . 94FBC06F294D58D02361918418F996E3 . 136192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7600.16385_none_d4de1860b7af7c14\browser.dll
[-] 2009-07-14 . 94FBC06F294D58D02361918418F996E3 . 136192 . . [6.1.7600.16385] .. c:\windows\system32\browser.dll
.
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\system32\lsass.exe
.
[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll
[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\system32\netman.dll
.
[-] 2009-07-14 . 7F0C323FE3DA28AA4AA1BDA3F575707F . 848384 . . [7.5.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll
[-] 2009-07-14 . 7F0C323FE3DA28AA4AA1BDA3F575707F . 848384 . . [7.5.7600.16385] .. c:\windows\system32\qmgr.dll
.
[-] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[-] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\system32\rpcss.dll
.
[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\system32\services.exe
.
[-] 2010-08-21 . F8E1FA03CB70D54A9892AC88B91D1E7B . 558592 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe
[-] 2010-08-20 . 8547491BE7086EE317163365D83A37D2 . 559104 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[-] 2009-07-14 . 89E8550C5862999FCF482EA562B0E98E . 558080 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[-] 2010-08-21 . F8E1FA03CB70D54A9892AC88B91D1E7B . 558592 . . [6.1.7600.16385] .. c:\windows\system32\spoolsv.exe
.
[-] 2009-10-28 . A93D41A4D4B0D91C072D11DD8AF266DE . 389632 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[-] 2009-10-28 . DA3E2A6FA9660CC75B471530CE88453A . 389632 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[-] 2009-07-14 . 132328DF455B0028F13BF0ABEE51A63A . 389120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[-] 2009-10-28 . DA3E2A6FA9660CC75B471530CE88453A . 389632 . . [6.1.7600.16385] .. c:\windows\system32\winlogon.exe
.
[-] 2009-07-14 . 0C12A2B863FEA45598134E3B6E379F88 . 51200 . . [7.3.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.3.7600.16385_none_8ca5655e8bc7dae9\wuauclt.exe
[-] 2009-07-14 . 0C12A2B863FEA45598134E3B6E379F88 . 51200 . . [7.3.7600.16385] .. c:\windows\system32\wuauclt.exe
.
[-] 2009-07-14 . 7E8AB50AB7F2F81F30DCC8A98025B73A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16385_none_959110a7f1a88a21\comctl32.dll
[-] 2009-07-14 . 7E8AB50AB7F2F81F30DCC8A98025B73A . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_a44af8ec57f961cf\comctl32.dll
[-] 2009-07-14 . C093E7835C1372D6D70A6675EDAA97B5 . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6\comctl32.dll
[-] 2009-07-14 . 7E8AB50AB7F2F81F30DCC8A98025B73A . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll
[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\system32\comres.dll
.
[-] 2009-07-14 . 8C57411B66282C01533CB776F98AD384 . 175104 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[-] 2009-07-14 . 8C57411B66282C01533CB776F98AD384 . 175104 . . [6.1.7600.16385] .. c:\windows\system32\cryptsvc.dll
.
[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\system32\es.dll
.
[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll
[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\system32\imm32.dll
.
[-] 2009-07-14 . 5F2BDCA5FA0F20A6F452CF0EE2A2B18C . 801280 . . [1.0626.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_08ef6ab5722d66d5\usp10.dll
[-] 2009-07-14 . 5F2BDCA5FA0F20A6F452CF0EE2A2B18C . 801280 . . [1.0626.7600.16385] .. c:\windows\system32\usp10.dll
.
[-] 2009-07-14 . 5B4B379AD10DEDA4EDA01B8C6961B193 . 1162240 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_efb2d6e86ffc8f55\kernel32.dll
[-] 2009-07-14 . 5B4B379AD10DEDA4EDA01B8C6961B193 . 1162240 . . [6.1.7600.16385] .. c:\windows\system32\kernel32.dll
.
[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_945a23c3bf051859\linkinfo.dll
[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\system32\linkinfo.dll
.
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_05c80a1f743763f3\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_061b8a8773f9358d\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_05f24b6b7417d7ff\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16600_none_06198dbf73fafd2d\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_0649d7dc8d5a6bb3\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_067018008d3e7a63\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20720_none_068d8ab28d28d4d9\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\system32\lpk.dll
.
[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_0c2b375bae4a8d38\hnetcfg.dll
[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\system32\hnetcfg.dll
.
[-] 2010-06-30 . E16D240876BAD97B05DCAD346AC734F6 . 9295360 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_8aa72da7cbd9a1bb\mshtml.dll
[-] 2010-06-30 . 74DA18BB61FE98FC002866F032329265 . 9298432 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_8a3330b4b2abca0f\mshtml.dll
[-] 2009-07-14 . 12C3F25EA578DAA752024E1918D59313 . 9271296 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_89f24b7ab2dc7a40\mshtml.dll
[-] 2010-06-30 . 74DA18BB61FE98FC002866F032329265 . 9298432 . . [8.00.7600.16385] .. c:\windows\system32\mshtml.dll
.
[-] 2009-07-14 . 7319BB10FA1F86E49E3DCF4136F6C957 . 634880 . . [7.0.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll
[-] 2009-07-14 . 7319BB10FA1F86E49E3DCF4136F6C957 . 634880 . . [7.0.7600.16385] .. c:\windows\system32\msvcrt.dll
.
[-] 2009-07-14 . FC76FE3C1E1FDB761244D4F74EF560FD . 320000 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll
[-] 2009-07-14 . FC76FE3C1E1FDB761244D4F74EF560FD . 320000 . . [6.1.7600.16385] .. c:\windows\system32\mswsock.dll
.
[-] 2009-07-14 . 956D030D375F207B22FB111E06EF9C35 . 692736 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[-] 2009-07-14 . 956D030D375F207B22FB111E06EF9C35 . 692736 . . [6.1.7600.16385] .. c:\windows\system32\netlogon.dll
.
[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_ff0e900816896618\powrprof.dll
[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\system32\powrprof.dll
.
[-] 2009-07-14 . 398712DDDAEFB85EDF61DF6A07B65C79 . 232448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[-] 2009-07-14 . 398712DDDAEFB85EDF61DF6A07B65C79 . 232448 . . [6.1.7600.16385] .. c:\windows\system32\scecli.dll
.
[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll
[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\system32\sfc.dll
.
[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\system32\svchost.exe
.
[-] 2009-07-14 . 884264AC597B690C5707C89723BB8E7B . 316416 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7600.16385_none_3f31ca82fea39f26\tapisrv.dll
[-] 2009-07-14 . 884264AC597B690C5707C89723BB8E7B . 316416 . . [6.1.7600.16385] .. c:\windows\system32\tapisrv.dll
.
[-] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2009-07-14 . 6F8F1376A13114CC10C0E69274F5A4DE . 30208 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[-] 2009-07-14 . 6F8F1376A13114CC10C0E69274F5A4DE . 30208 . . [6.1.7600.16385] .. c:\windows\system32\userinit.exe
.
[-] 2010-06-30 . DBC6EC40DDEDF875C0576CF2C0CAF9C3 . 1196544 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_794d0e894b833885\wininet.dll
[-] 2010-06-30 . 3DEB428ACD3D4DECD1619C24E4628DD2 . 1192960 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_78d91196325560d9\wininet.dll
[-] 2009-07-14 . B1037F0131C9A010D611F6914E03CD92 . 1193472 . . [8.00.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_78982c5c3286110a\wininet.dll
[-] 2010-06-30 . 3DEB428ACD3D4DECD1619C24E4628DD2 . 1192960 . . [8.00.7600.16385] .. c:\windows\system32\wininet.dll
.
[-] 2009-07-14 . 7083F463788CB34FCC42F565D56F89E8 . 296448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[-] 2009-07-14 . 7083F463788CB34FCC42F565D56F89E8 . 296448 . . [6.1.7600.16385] .. c:\windows\system32\ws2_32.dll
.
[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\ws2help.dll
[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\system32\ws2help.dll
.
[-] 2009-07-14 . 4B25DDE615AC2CABAB73169CA7DA96E6 . 2084352 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16385_none_081299030c02672b\ole32.dll
[-] 2009-07-14 . 4B25DDE615AC2CABAB73169CA7DA96E6 . 2084352 . . [6.1.7600.16385] .. c:\windows\system32\ole32.dll
.
[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\system32\cngaudit.dll
.
[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\system32\wininit.exe
.
[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\system32\ctfmon.exe
.
[-] 2009-07-14 . 0298AC45D0EFFFB2DB4BAA7DD186E7BF . 369664 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7600.16385_none_29254ed1369e9d89\shsvcs.dll
[-] 2009-07-14 . 0298AC45D0EFFFB2DB4BAA7DD186E7BF . 369664 . . [6.1.7600.16385] .. c:\windows\system32\shsvcs.dll
.
[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8\regsvc.dll
[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\system32\regsvc.dll
.
[-] 2009-07-14 . EC56B171F85C7E855E7B0588AC503EEA . 1104384 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7600.16385_none_8af61038b0b37f5f\schedsvc.dll
[-] 2009-07-14 . EC56B171F85C7E855E7B0588AC503EEA . 1104384 . . [6.1.7600.16385] .. c:\windows\system32\schedsvc.dll
.
[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_dbbe6492eae9505c\ssdpsrv.dll
[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\system32\ssdpsrv.dll
.
[-] 2009-07-14 . 0F05EC2887BFE197AD82A13287D2F404 . 706560 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_ea94336f6df51e09\termsrv.dll
[-] 2009-07-14 . 0F05EC2887BFE197AD82A13287D2F404 . 706560 . . [6.1.7600.16385] .. c:\windows\system32\termsrv.dll
.
[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7600.16385_none_43f68e03b0fd4b38\ksuser.dll
[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\system32\ksuser.dll
.
[-] 2009-07-14 . B62AA1BB1F63839051441D2C6DD7B775 . 530432 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[-] 2009-07-14 . B62AA1BB1F63839051441D2C6DD7B775 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16385_none_39727524394b18eb\comctl32.dll
[-] 2009-07-14 . B62AA1BB1F63839051441D2C6DD7B775 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll
[-] 2009-07-14 . 0FA436A553408CBEBA070E3182658DE3 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
.
[-] 2009-07-14 . 9C231178CE4FB385F4B54B0A9080B8A4 . 135680 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cryptsvc.dll
[-] 2009-07-14 . 9C231178CE4FB385F4B54B0A9080B8A4 . 135680 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
.
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\SysWOW64\es.dll
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll
.
[-] 2009-07-14 . 0DE3069D6E09BA262856EF31C941BEFE . 119808 . . [6.1.7600.16385] .. c:\windows\SysWOW64\imm32.dll
[-] 2009-07-14 . 0DE3069D6E09BA262856EF31C941BEFE . 119808 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_c29fba0fc87cc5a4\imm32.dll
.
[-] 2009-07-14 . 606ECB76A424CC535407E7A24E2A34BC . 836608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\kernel32.dll
[-] 2009-07-14 . 606ECB76A424CC535407E7A24E2A34BC . 836608 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_fa07813aa45d5150\kernel32.dll
.
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\SysWOW64\linkinfo.dll
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_9eaece15f365da54\linkinfo.dll
.
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\SysWOW64\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_101cb471a89825ee\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_107034d9a859f788\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_1046f5bda87899fa\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16600_none_106e3811a85bbf28\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_109e822ec1bb2dae\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_10c4c252c19f3c5e\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20720_none_10e23504c18996d4\lpk.dll
.
[-] 2010-06-30 . BDFD710842C8A25DD27254D91DE60AC6 . 5971456 . . [8.00.7600.16385] .. c:\windows\SysWOW64\mshtml.dll
[-] 2010-06-30 . BDFD710842C8A25DD27254D91DE60AC6 . 5971456 . . [8.00.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_9487db06e70c8c0a\mshtml.dll
[-] 2010-06-30 . 25C1646ADC24C371B594544C3D530967 . 5972992 . . [8.00.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_94fbd7fa003a63b6\mshtml.dll
[-] 2009-07-14 . 43592D31AFF84DD957199248898D9430 . 5957632 . . [8.00.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_9446f5cce73d3c3b\mshtml.dll
.
[-] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] .. c:\windows\SysWOW64\msvcrt.dll
[-] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll
.
[-] 2009-07-14 . 11A41F17527ED75D6B758FDD7F4FD00D . 232448 . . [6.1.7600.16385] .. c:\windows\SysWOW64\mswsock.dll
[-] 2009-07-14 . 11A41F17527ED75D6B758FDD7F4FD00D . 232448 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
.
[-] 2009-07-14 . EAA75D9000B71F10EEC04D2AE6C60E81 . 563712 . . [6.1.7600.16385] .. c:\windows\SysWOW64\netlogon.dll
[-] 2009-07-14 . EAA75D9000B71F10EEC04D2AE6C60E81 . 563712 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
.
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\SysWOW64\powrprof.dll
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll
.
[-] 2009-07-14 . 26073302DAEA83CC5B944C546D6B47D2 . 175616 . . [6.1.7600.16385] .. c:\windows\SysWOW64\scecli.dll
[-] 2009-07-14 . 26073302DAEA83CC5B944C546D6B47D2 . 175616 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
.
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\SysWOW64\sfc.dll
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll
.
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\SysWOW64\svchost.exe
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
.
[-] 2009-07-14 . 2F46B0C70A4ADC8C90CF825DA3B4FEAF . 241664 . . [6.1.7600.16385] .. c:\windows\SysWOW64\tapisrv.dll
[-] 2009-07-14 . 2F46B0C70A4ADC8C90CF825DA3B4FEAF . 241664 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7600.16385_none_e3132eff46462df0\tapisrv.dll
.
[-] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[-] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
[-] 2009-07-14 . 6DE80F60D7DE9CE6B8C2DDFDF79EF175 . 26112 . . [6.1.7600.16385] .. c:\windows\SysWOW64\userinit.exe
[-] 2009-07-14 . 6DE80F60D7DE9CE6B8C2DDFDF79EF175 . 26112 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
.
[-] 2010-06-30 . 250267CE6217C1AB4517F22FB7EA13E8 . 978432 . . [8.00.7600.16385] .. c:\windows\SysWOW64\wininet.dll
[-] 2010-06-30 . 250267CE6217C1AB4517F22FB7EA13E8 . 978432 . . [8.00.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_1cba761279f7efa3\wininet.dll
[-] 2010-06-30 . 91A9CCAD9829A89C840899932B9EC2DF . 980480 . . [8.00.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_1d2e73059325c74f\wininet.dll
[-] 2009-07-14 . 0D874F3BC751CC2198AF2E6783FB8B35 . 977920 . . [8.00.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll
.
[-] 2009-07-14 . DAAE8A9B8C0ACC7F858454132553C30D . 206336 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2_32.dll
[-] 2009-07-14 . DAAE8A9B8C0ACC7F858454132553C30D . 206336 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
.
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2help.dll
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\ws2help.dll
.
[-] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[-] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[-] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[-] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[-] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
.
[-] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 427008 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[-] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 398336 . . [6.1.7600.16385] .. c:\windows\regedit.exe
.
[-] 2009-07-14 . 4ACB903AD1693858A918907358CBD9E4 . 1412608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ole32.dll
[-] 2009-07-14 . 4ACB903AD1693858A918907358CBD9E4 . 1412608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7600.16385_none_abf3fd7f53a4f5f5\ole32.dll
.
[-] 2009-07-14 . 0BA19F3198C40AC4E8CC66EE02EDA6C6 . 627200 . . [1.0626.7600.16385] .. c:\windows\SysWOW64\usp10.dll
[-] 2009-07-14 . 0BA19F3198C40AC4E8CC66EE02EDA6C6 . 627200 . . [1.0626.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7600.16385_none_acd0cf31b9cff59f\usp10.dll
.
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ksuser.dll
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7600.16385_none_e7d7f27ff89fda02\ksuser.dll
.
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ctfmon.exe
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe
.
[-] 2009-07-14 . CD2E48FA5B29EE2B3B5858056D246EF2 . 328192 . . [6.1.7600.16385] .. c:\windows\SysWOW64\shsvcs.dll
[-] 2009-07-14 . CD2E48FA5B29EE2B3B5858056D246EF2 . 328192 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7600.16385_none_3379f9236aff5f84\shsvcs.dll
.
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cngaudit.dll
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
.
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\SysWOW64\wininit.exe
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
.
[-] 2009-07-14 . A45D184DF6A8803DA13A0B329517A64A . 149504 . . [6.1.7600.16385] .. c:\windows\SysWOW64\appmgmts.dll
[-] 2009-07-14 . A45D184DF6A8803DA13A0B329517A64A . 149504 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_e818845daa1b69db\appmgmts.dll
.
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ias.dll
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7600.16385_none_f8d730c7a3d9d889\ias.dll
.
[-] 2009-07-14 01:15 . F8742FC618ECBDA92A406725197E93AE . 924944 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[-] 2009-07-14 01:15 . F8742FC618ECBDA92A406725197E93AE . 924944 . . [4.1.6140] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7600.16385_none_f2e96828b6e3cefa\mfc40u.dll
.
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\SysWOW64\upnphost.dll
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_2831d06e8295c671\upnphost.dll
.
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\SysWOW64\dsound.dll
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll
.
[-] 2009-07-14 . 7459301D21C2E21468823F73042D9F87 . 1826816 . . [6.1.7600.16385] .. c:\windows\SysWOW64\d3d9.dll
[-] 2009-07-14 . 7459301D21C2E21468823F73042D9F87 . 1826816 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7600.16385_none_c223c2c8c219cb6a\d3d9.dll
.
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ddraw.dll
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll
.
[-] 2009-07-14 01:16 . C10459DBDC2099C5A8428CB7D87DB85F . 90112 . . [6.1.7600.16385] .. c:\windows\SysWOW64\olepro32.dll
[-] 2009-07-14 01:16 . C10459DBDC2099C5A8428CB7D87DB85F . 90112 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7600.16385_none_39ea10b66307dbef\olepro32.dll
.
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\SysWOW64\perfctrs.dll
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_97bcd9bcab2b9b3a\perfctrs.dll
.
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\SysWOW64\version.dll
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll
.
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\SysWOW64\midimap.dll
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll
.
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\SysWOW64\rasadhlp.dll
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_76239aafb364e805\rasadhlp.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}"= "c:\program files (x86)\vShare.tv plugin\BarLcher.dll" [2011-09-22 177712]
.
[HKEY_CLASSES_ROOT\clsid\{7ac3e13b-3bca-4158-b330-f66dbb03c1b5}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher.1]
[HKEY_CLASSES_ROOT\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"InstantBurn"="c:\progra~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2007-10-26 681256]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]
"P2Go_Menu"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-29 210216]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-05-27 413696]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-07-16 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-12-29 75048]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" [2011-02-09 1298]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hotkey.lnk - c:\program files (x86)\Hotkey\Hotkey.exe [2009-9-16 2409472]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-9-17 1207312]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 altausb;altausb;c:\windows\system32\DRIVERS\altausb.sys [2009-10-09 15360]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys [x]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2009-08-13 147968]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/01/08 22:59];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-12-29 10:26 146928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 CLBUDF;CyberLink InstantBurn UDF Filesystem; [x]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [x]
S2 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe [2009-08-31 37784]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys [2010-09-15 14352]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-619731557-10252568-3936735321-1002Core.job
- c:\users\Badger_2\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-07 05:23]
.
2011-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-619731557-10252568-3936735321-1002UA.job
- c:\users\Badger_2\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-07 05:23]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-15 7981088]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Badger\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Badger\AppData\Roaming\Mozilla\Firefox\Profiles\2ilz1vf0.default\
FF - prefs.js: browser.startup.homepage - 
FF - prefs.js: browser.search.selectedEngine - 
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-amd_dc_opt - c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\lkads.exe
c:\windows\SysWOW64\lktsrv.exe
c:\program files (x86)\National Instruments\MAX\nimxs.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\SysWOW64\nisvcloc.exe
c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\RMClock\RMClock.exe
c:\program files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
c:\program files (x86)\Intel\IntelAppStore\bin\serviceManager.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-28  18:14:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-11-28 17:14
.
Vor Suchlauf: 20 Verzeichnis(se), 156.802.498.560 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 156.157.333.504 Bytes frei
.
- - End Of File - - C849A254A9890407E638C829263A5A2C
         

Geändert von Badgerli (28.11.2011 um 18:18 Uhr)

Alt 28.11.2011, 18:41   #25
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.11.2011, 19:00   #26
Badgerli
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Code:
ATTFilter
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-28 18:45:32
-----------------------------
18:45:32.545    OS Version: Windows x64 6.1.7600 
18:45:32.545    Number of processors: 2 586 0x170A
18:45:32.546    ComputerName: BADGERLI  UserName: Badger
18:45:33.794    Initialize success
18:53:43.306    AVAST engine defs: 11112801
18:54:13.493    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:54:13.496    Disk 0 Vendor: TOSHIBA_ GN00 Size: 715404MB BusType: 3
18:54:13.507    Disk 0 MBR read successfully
18:54:13.510    Disk 0 MBR scan
18:54:13.517    Disk 0 Windows 7 default MBR code
18:54:13.521    Service scanning
18:54:14.774    Modules scanning
18:54:14.778    Disk 0 trace - called modules:
18:54:14.818    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
18:54:14.823    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057be060]
18:54:14.827    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800470b050]
18:54:16.299    AVAST engine scan C:\Windows
18:54:22.612    AVAST engine scan C:\Windows\system32
18:56:27.745    AVAST engine scan C:\Windows\system32\drivers
18:56:37.702    AVAST engine scan C:\Users\Badger
18:56:52.705    AVAST engine scan C:\ProgramData
18:57:34.831    Scan finished successfully
18:59:45.445    Disk 0 MBR has been saved successfully to "C:\Users\Badger_2\Desktop\MBR.dat"
18:59:45.452    The log file has been saved successfully to "C:\Users\Badger_2\Desktop\aswMBR.txt"
         

Alt 28.11.2011, 20:02   #27
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.11.2011, 16:42   #28
Badgerli
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Code:
ATTFilter
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8259

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.11.2011 21:32:40
mbam-log-2011-11-28 (21-32-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 482100
Laufzeit: 1 Stunde(n), 21 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 11/29/2011 at 12:15 PM

Application Version : 5.0.1136

Core Rules Database Version : 7996
Trace Rules Database Version: 5808

Scan type       : Complete Scan
Total Scan Time : 03:23:13

Operating System Information
Windows 7 Professional 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned      : 536
Memory threats detected   : 0
Registry items scanned    : 73462
Registry threats detected : 21
File items scanned        : 288505
File threats detected     : 236

Adware.Tracking Cookie
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@ad3.adfarm1.adition[1].txt [ /ad3.adfarm1.adition ]
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@adfarm1.adition[2].txt [ /adfarm1.adition ]
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@arcsoft-totalmedia-theatre.softonic[2].txt [ /arcsoft-totalmedia-theatre.softonic ]
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@atdmt[1].txt [ /atdmt ]
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@doubleclick[1].txt [ /doubleclick ]
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@fastclick[1].txt [ /fastclick ]
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@im.banner.t-online[1].txt [ /im.banner.t-online ]
	C:\Users\Badger\AppData\Roaming\Microsoft\Windows\Cookies\badger@interclick[1].txt [ /interclick ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@traffictrack[1].txt [ Cookie:angy@traffictrack.de/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@webmasterplan[2].txt [ Cookie:angy@webmasterplan.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@ad.zanox[1].txt [ Cookie:angy@ad.zanox.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@msnportal.112.2o7[1].txt [ Cookie:angy@msnportal.112.2o7.net/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@www.zanox-affiliate[1].txt [ Cookie:angy@www.zanox-affiliate.de/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@studivz.adfarm1.adition[2].txt [ Cookie:angy@studivz.adfarm1.adition.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@mediaplex[1].txt [ Cookie:angy@mediaplex.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@googleads.g.doubleclick[1].txt [ Cookie:angy@googleads.g.doubleclick.net/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@adviva[1].txt [ Cookie:angy@adviva.net/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@tracking.quisma[1].txt [ Cookie:angy@tracking.quisma.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@zanox[1].txt [ Cookie:angy@zanox.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@atdmt[1].txt [ Cookie:angy@atdmt.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@adtech[1].txt [ Cookie:angy@adtech.de/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@c.atdmt[2].txt [ Cookie:angy@c.atdmt.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@zbox.zanox[1].txt [ Cookie:angy@zbox.zanox.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@www6.addfreestats[2].txt [ Cookie:angy@www6.addfreestats.com/cgi-bin ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@doubleclick[2].txt [ Cookie:angy@doubleclick.net/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@apmebf[1].txt [ Cookie:angy@apmebf.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@serving-sys[2].txt [ Cookie:angy@serving-sys.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@adbrite[2].txt [ Cookie:angy@adbrite.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@specificclick[2].txt [ Cookie:angy@specificclick.net/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@tradedoubler[1].txt [ Cookie:angy@tradedoubler.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@bs.serving-sys[1].txt [ Cookie:angy@bs.serving-sys.com/ ]
	C:\USERS\ANGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\angy@invitemedia[1].txt [ Cookie:angy@invitemedia.com/ ]
	C:\USERS\BADGER\Cookies\badger@fastclick[1].txt [ Cookie:badger@fastclick.net/ ]
	C:\USERS\BADGER\Cookies\badger@doubleclick[1].txt [ Cookie:badger@doubleclick.net/ ]
	C:\USERS\BADGER\Cookies\badger@interclick[1].txt [ Cookie:badger@interclick.com/ ]
	C:\USERS\BADGER\Cookies\badger@ad3.adfarm1.adition[1].txt [ Cookie:badger@ad3.adfarm1.adition.com/ ]
	C:\USERS\BADGER\Cookies\badger@atdmt[1].txt [ Cookie:badger@atdmt.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@revsci[1].txt [ Cookie:badger_2@revsci.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@c.atdmt[2].txt [ Cookie:badger_2@c.atdmt.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@doubleclick[3].txt [ Cookie:badger_2@doubleclick.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@msnportal.112.2o7[1].txt [ Cookie:badger_2@msnportal.112.2o7.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@eyewonder[2].txt [ Cookie:badger_2@eyewonder.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@content.yieldmanager[4].txt [ Cookie:badger_2@content.yieldmanager.com/ak/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@statcounter[1].txt [ Cookie:badger_2@statcounter.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@mediaplex[1].txt [ Cookie:badger_2@mediaplex.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@ad1.adfarm1.adition[1].txt [ Cookie:badger_2@ad1.adfarm1.adition.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@media6degrees[1].txt [ Cookie:badger_2@media6degrees.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@smartadserver[1].txt [ Cookie:badger_2@smartadserver.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@ad2.adfarm1.adition[2].txt [ Cookie:badger_2@ad2.adfarm1.adition.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@tradedoubler[3].txt [ Cookie:badger_2@tradedoubler.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@imrworldwide[3].txt [ Cookie:badger_2@imrworldwide.com/cgi-bin ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@webmasterplan[2].txt [ Cookie:badger_2@webmasterplan.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@bs.serving-sys[1].txt [ Cookie:badger_2@bs.serving-sys.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@apmebf[1].txt [ Cookie:badger_2@apmebf.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@doubleclick[2].txt [ Cookie:badger_2@doubleclick.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@hotlog[1].txt [ Cookie:badger_2@hotlog.ru/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@ad3.adfarm1.adition[3].txt [ Cookie:badger_2@ad3.adfarm1.adition.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@leetmedia[1].txt [ Cookie:badger_2@leetmedia.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@ad4.adfarm1.adition[2].txt [ Cookie:badger_2@ad4.adfarm1.adition.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@sevenoneintermedia.112.2o7[1].txt [ Cookie:badger_2@sevenoneintermedia.112.2o7.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@rambler[1].txt [ Cookie:badger_2@rambler.ru/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@content.yieldmanager[3].txt [ Cookie:badger_2@content.yieldmanager.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@atdmt[2].txt [ Cookie:badger_2@atdmt.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@ww251.smartadserver[1].txt [ Cookie:badger_2@ww251.smartadserver.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@ad.yieldmanager[1].txt [ Cookie:badger_2@ad.yieldmanager.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@fastclick[1].txt [ Cookie:badger_2@fastclick.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@invitemedia[1].txt [ Cookie:badger_2@invitemedia.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@adx.chip[1].txt [ Cookie:badger_2@adx.chip.de/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\badger_2@specificclick[1].txt [ Cookie:badger_2@specificclick.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@c.atdmt[2].txt [ Cookie:badger_2@c.atdmt.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@doubleclick[1].txt [ Cookie:badger_2@doubleclick.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@msnportal.112.2o7[1].txt [ Cookie:badger_2@msnportal.112.2o7.net/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@statcounter[1].txt [ Cookie:badger_2@statcounter.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@mediaplex[1].txt [ Cookie:badger_2@mediaplex.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@media6degrees[1].txt [ Cookie:badger_2@media6degrees.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@smartadserver[1].txt [ Cookie:badger_2@smartadserver.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@tradedoubler[2].txt [ Cookie:badger_2@tradedoubler.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@imrworldwide[2].txt [ Cookie:badger_2@imrworldwide.com/cgi-bin ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@webmasterplan[2].txt [ Cookie:badger_2@webmasterplan.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@bs.serving-sys[1].txt [ Cookie:badger_2@bs.serving-sys.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@apmebf[1].txt [ Cookie:badger_2@apmebf.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@hotlog[1].txt [ Cookie:badger_2@hotlog.ru/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@leetmedia[1].txt [ Cookie:badger_2@leetmedia.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@rambler[1].txt [ Cookie:badger_2@rambler.ru/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@content.yieldmanager[1].txt [ Cookie:badger_2@content.yieldmanager.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@atdmt[2].txt [ Cookie:badger_2@atdmt.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@ww251.smartadserver[1].txt [ Cookie:badger_2@ww251.smartadserver.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@ad.yieldmanager[1].txt [ Cookie:badger_2@ad.yieldmanager.com/ ]
	C:\USERS\BADGER_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\badger_2@fastclick[1].txt [ Cookie:badger_2@fastclick.net/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@revsci[1].txt [ Cookie:badger_2@revsci.net/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@c.atdmt[2].txt [ Cookie:badger_2@c.atdmt.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@doubleclick[3].txt [ Cookie:badger_2@doubleclick.net/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@msnportal.112.2o7[1].txt [ Cookie:badger_2@msnportal.112.2o7.net/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@eyewonder[2].txt [ Cookie:badger_2@eyewonder.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@content.yieldmanager[4].txt [ Cookie:badger_2@content.yieldmanager.com/ak/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@statcounter[1].txt [ Cookie:badger_2@statcounter.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@mediaplex[1].txt [ Cookie:badger_2@mediaplex.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@ad1.adfarm1.adition[1].txt [ Cookie:badger_2@ad1.adfarm1.adition.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@media6degrees[1].txt [ Cookie:badger_2@media6degrees.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@smartadserver[1].txt [ Cookie:badger_2@smartadserver.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@ad2.adfarm1.adition[2].txt [ Cookie:badger_2@ad2.adfarm1.adition.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@tradedoubler[3].txt [ Cookie:badger_2@tradedoubler.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@imrworldwide[3].txt [ Cookie:badger_2@imrworldwide.com/cgi-bin ]
	C:\USERS\BADGER_2\Cookies\badger_2@webmasterplan[2].txt [ Cookie:badger_2@webmasterplan.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@bs.serving-sys[1].txt [ Cookie:badger_2@bs.serving-sys.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@apmebf[1].txt [ Cookie:badger_2@apmebf.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@doubleclick[2].txt [ Cookie:badger_2@doubleclick.net/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@hotlog[1].txt [ Cookie:badger_2@hotlog.ru/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@ad3.adfarm1.adition[3].txt [ Cookie:badger_2@ad3.adfarm1.adition.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@leetmedia[1].txt [ Cookie:badger_2@leetmedia.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@ad4.adfarm1.adition[2].txt [ Cookie:badger_2@ad4.adfarm1.adition.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@sevenoneintermedia.112.2o7[1].txt [ Cookie:badger_2@sevenoneintermedia.112.2o7.net/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@rambler[1].txt [ Cookie:badger_2@rambler.ru/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@content.yieldmanager[3].txt [ Cookie:badger_2@content.yieldmanager.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@atdmt[2].txt [ Cookie:badger_2@atdmt.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@ww251.smartadserver[1].txt [ Cookie:badger_2@ww251.smartadserver.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@ad.yieldmanager[1].txt [ Cookie:badger_2@ad.yieldmanager.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@fastclick[1].txt [ Cookie:badger_2@fastclick.net/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@invitemedia[1].txt [ Cookie:badger_2@invitemedia.com/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@adx.chip[1].txt [ Cookie:badger_2@adx.chip.de/ ]
	C:\USERS\BADGER_2\Cookies\badger_2@specificclick[1].txt [ Cookie:badger_2@specificclick.net/ ]
	C:\USERS\ANGY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ANGY@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
	C:\USERS\ANGY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ANGY@AD2.ADFARM1.ADITION[1].TXT [ /AD2.ADFARM1.ADITION ]
	C:\USERS\ANGY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ANGY@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
	C:\USERS\ANGY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ANGY@ADS.CLUBPORTAL[1].TXT [ /ADS.CLUBPORTAL ]
	.doubleclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.ehg-techtarget.hitbox.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.hitbox.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.kontera.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.adxpose.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	studivz.adfarm1.adition.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wnmiuhcpsho.stats.esomniture.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.discountfan.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.discountfan.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.4stats.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad.adserver01.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	www6.addfreestats.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.secmedia.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	user.lucidmedia.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\BADGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ILZ1VF0.DEFAULT\COOKIES.SQLITE ]
	aka-cdn-ns.adtech.de [ C:\USERS\BADGER_2\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\33MVTAQG ]
	delivery.ibanner.de [ C:\USERS\BADGER_2\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\33MVTAQG ]
	media.mtvnservices.com [ C:\USERS\BADGER_2\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\33MVTAQG ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@AD.AD-SRV[2].TXT [ /AD.AD-SRV ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@SERVING-SYS[2].TXT [ /SERVING-SYS ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@MYWEBSEARCH[1].TXT [ /MYWEBSEARCH ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@ADS.CREATIVE-SERVING[2].TXT [ /ADS.CREATIVE-SERVING ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@INTERCLICK[1].TXT [ /INTERCLICK ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@ZANOX-AFFILIATE[1].TXT [ /ZANOX-AFFILIATE ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@AD4.ADFARM1.ADITION[1].TXT [ /AD4.ADFARM1.ADITION ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@ZANOX[2].TXT [ /ZANOX ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@TRADEDOUBLER[2].TXT [ /TRADEDOUBLER ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@TRACKING.MINDSHARE[1].TXT [ /TRACKING.MINDSHARE ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@AD3.ADFARM1.ADITION[1].TXT [ /AD3.ADFARM1.ADITION ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\BADGER_2@ATWOLA[1].TXT [ /ATWOLA ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BADGER_2@AD.AD-SRV[2].TXT [ /AD.AD-SRV ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BADGER_2@SERVING-SYS[2].TXT [ /SERVING-SYS ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BADGER_2@MYWEBSEARCH[1].TXT [ /MYWEBSEARCH ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BADGER_2@INTERCLICK[1].TXT [ /INTERCLICK ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BADGER_2@ZANOX-AFFILIATE[1].TXT [ /ZANOX-AFFILIATE ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BADGER_2@AD2.ADFARM1.ADITION[1].TXT [ /AD2.ADFARM1.ADITION ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BADGER_2@ZANOX[2].TXT [ /ZANOX ]
	C:\USERS\BADGER_2\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BADGER_2@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]

Adware.ActivShopper
	(x86) HKLM\Software\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
	(x86) HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
	(x86) HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
	(x86) HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\InprocServer32
	(x86) HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\InprocServer32#ThreadingModel
	(x86) HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ProgID
	(x86) HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\Programmable
	(x86) HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\TypeLib
	(x86) HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\VersionIndependentProgID
	(x86) HKCR\MyNewsBarLauncher.IE5BarLauncher.1
	(x86) HKCR\MyNewsBarLauncher.IE5BarLauncher
	(x86) HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
	(x86) HKLM\Software\Microsoft\Internet Explorer\Toolbar#{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
	(x86) HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
	(x86) HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}\ProxyStubClsid32
	(x86) HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}\TypeLib
	(x86) HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}\TypeLib#Version
	(x86) HKCR\Interface\{DB1F5554-582C-4F53-82CC-458D2C04A2F1}
	(x86) HKCR\Interface\{DB1F5554-582C-4F53-82CC-458D2C04A2F1}\ProxyStubClsid32
	(x86) HKCR\Interface\{DB1F5554-582C-4F53-82CC-458D2C04A2F1}\TypeLib
	(x86) HKCR\Interface\{DB1F5554-582C-4F53-82CC-458D2C04A2F1}\TypeLib#Version
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=21628609aa0aec4aa5e28c152566ff91
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-26 05:47:30
# local_time=2011-11-26 06:47:30 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=1792 16777215 100 0 3399907 3399907 0 0
# compatibility_mode=5893 16776574 100 94 36967324 74721349 0 0
# compatibility_mode=8192 67108863 100 0 3915 3915 0 0
# scanned=310119
# found=7
# cleaned=0
# scan_time=13972
C:\Program Files (x86)\Win7codecs\Tools\Settings32.exe	Win32/Packed.Autoit.C.Gen application (unable to clean)	00000000000000000000000000000000	I
C:\ProgramData\Win7codecs\{6B010B4A-EBD4-491C-A6A9-BC1063E2A432}\Win7codecs.msi	Win32/Packed.Autoit.C.Gen application (unable to clean)	00000000000000000000000000000000	I
C:\Users\All Users\Win7codecs\{6B010B4A-EBD4-491C-A6A9-BC1063E2A432}\Win7codecs.msi	Win32/Packed.Autoit.C.Gen application (unable to clean)	00000000000000000000000000000000	I
C:\Windows\Installer\315564.msi	Win32/Packed.Autoit.C.Gen application (unable to clean)	00000000000000000000000000000000	I
D:\Downloads\Alte Festplatte\Downloads\gbsetup120.exe	Win32/Induc virus (unable to clean)	00000000000000000000000000000000	I
D:\Downloads\Alte Festplatte\Downloads\SoftonicDownloader22948.exe	a variant of Win32/SoftonicDownloader.A application (unable to clean)	00000000000000000000000000000000	I
D:\Downloads\Software\SoftonicDownloader92616.exe	a variant of Win32/SoftonicDownloader.A application (unable to clean)	00000000000000000000000000000000	I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=21628609aa0aec4aa5e28c152566ff91
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-29 03:34:30
# local_time=2011-11-29 04:34:30 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=1792 16777215 100 0 3653102 3653102 0 0
# compatibility_mode=5893 16776574 100 94 37220519 74974544 0 0
# compatibility_mode=8192 67108863 100 0 257110 257110 0 0
# scanned=256112
# found=6
# cleaned=0
# scan_time=11997
C:\_OTL\MovedFiles\11272011_123629\C_Program Files (x86)\Win7codecs\Tools\Settings32.exe	Win32/Packed.Autoit.C.Gen application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\11272011_123629\C_ProgramData\Win7codecs\{6B010B4A-EBD4-491C-A6A9-BC1063E2A432}\Win7codecs.msi	Win32/Packed.Autoit.C.Gen application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\11272011_123629\C_Windows\Installer\315564.msi	Win32/Packed.Autoit.C.Gen application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\11272011_123629\D_Downloads\Software\SoftonicDownloader92616.exe	a variant of Win32/SoftonicDownloader.A application (unable to clean)	00000000000000000000000000000000	I
D:\Downloads\Alte Festplatte\Downloads\gbsetup120.exe	Win32/Induc virus (unable to clean)	00000000000000000000000000000000	I
D:\Downloads\Alte Festplatte\Downloads\SoftonicDownloader22948.exe	a variant of Win32/SoftonicDownloader.A application (unable to clean)	00000000000000000000000000000000	I
         

Alt 29.11.2011, 17:23   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Überreste und ein paar Cookies.
Kann alles weg.
Rechner ansonsten wieder im Lot?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.11.2011, 21:35   #30
Badgerli
 
System nach Spy.Banker.Gen2 wieder sauber? - Standard

System nach Spy.Banker.Gen2 wieder sauber?



Bis gerade eben wollte ich ja schreiben, doch gerade beim Systemstart hatte ich nen schwarzen Bilschirm mit nem Fenster, dass mein Windows möglicherweise nicht legal sei, da es nicht aktiviert wurde (nutze das System seit nem knappen Jahr von daher wundert mich der Zeitpunkt)... Hatte nur die Möglichkeit auf OK zu klicken, danach kam dann "Windows wurde aktiviert" und alles läuft normal... Nur Windows Update nicht (sagt immer, dass es nicht gestartet werden kann, weil der Dienst nicht gestartet sei, was er aber ist...) Können aber vom Rest völlig unabhängige Probleme sein...

Den Softonic Downloader kann ich nach dem Laden der Software auch bedenkenlos zernichten und verstören, richtig?

Danke für deine Mühen auf jeden Fall schonmal

Antwort

Themen zu System nach Spy.Banker.Gen2 wieder sauber?
alarm, appdata, avira, beendet, combofix, datei, dauernd, einträge, erfolglos, firefox, gelöscht, guten, hilfe!, laufe, laufen, log, löschen, namen, neu, ordner, rechner, registry, roaming, runtergeladen, scan, scanner, seitdem, seite, seiten, sofort, start, system, troja, trojaner, versuch, versucht, virenscanner, öffnen, öffnet



Ähnliche Themen: System nach Spy.Banker.Gen2 wieder sauber?


  1. Wahrscheinlich Ransomware. System wieder sauber nach Erstmaßnahmen?
    Plagegeister aller Art und deren Bekämpfung - 21.09.2015 (5)
  2. Windows 7: tr/atraps.gen2; System sauber nach einer Neuinstallation?
    Plagegeister aller Art und deren Bekämpfung - 16.09.2013 (7)
  3. Avira findet TR/Spy.Banker.Gen8 und TR/Crypt.EPACK.Gen2 - wie werd ich die wieder los?
    Log-Analyse und Auswertung - 14.11.2012 (8)
  4. TR/Spy.Banker.Gen nach Entfernung wieder da
    Plagegeister aller Art und deren Bekämpfung - 12.08.2012 (7)
  5. erst TR/Spy.Banker.Gen2 gefunden, dann TR/PSW.Banker.O.33
    Log-Analyse und Auswertung - 28.03.2012 (26)
  6. Nicht sicher, ob PC nach "System Fix" Entfernung wieder "sauber"
    Log-Analyse und Auswertung - 07.01.2012 (18)
  7. mediashifting.com: system neu aufgesetzt - unsicher, ob system wieder sauber ist
    Plagegeister aller Art und deren Bekämpfung - 05.01.2012 (7)
  8. Nach Windows-Wiederherstellung: Angst ob System wieder sauber
    Plagegeister aller Art und deren Bekämpfung - 15.04.2011 (3)
  9. System nach Weiterleitungsfehlern bei der Internetsuche wieder sauber?
    Plagegeister aller Art und deren Bekämpfung - 13.03.2011 (9)
  10. System wieder sauber?
    Log-Analyse und Auswertung - 06.01.2011 (3)
  11. System nach Bereinigung wieder sauber?
    Plagegeister aller Art und deren Bekämpfung - 27.01.2010 (8)
  12. H8SRT - System wieder sauber?
    Plagegeister aller Art und deren Bekämpfung - 07.01.2010 (4)
  13. Nach Trojaner-Befall System neu aufgesetzt - Wieder alles sauber?
    Mülltonne - 14.12.2008 (0)
  14. System wieder sauber? BOO/Sinowal.A
    Plagegeister aller Art und deren Bekämpfung - 21.10.2008 (2)
  15. System wieder sauber?
    Log-Analyse und Auswertung - 15.06.2008 (6)
  16. Ist mein System wieder sauber?
    Log-Analyse und Auswertung - 15.06.2008 (2)
  17. Log nach Virenbefall -System wieder sauber?
    Log-Analyse und Auswertung - 10.05.2007 (1)

Zum Thema System nach Spy.Banker.Gen2 wieder sauber? - Finde keinen Combofix Log, aber der Ordner ist vorhanden, ja... In der \Lastrun\drev_.txt stehen "C:\install.exe" "C:\Users\Badger_2\AppData\Roaming\AcroIEHelpe.txt" "C:\Users\Badger_2\AppData\Roaming\srvblck2.tmp" "C:\Windows\pkunzip.pif" "C:\Windows\pkzip.pif" Und befinden sich nu alle im Quarantine Ordner in Qoobox - System nach Spy.Banker.Gen2 wieder sauber?...
Archiv
Du betrachtest: System nach Spy.Banker.Gen2 wieder sauber? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.