Bundespolizei Trojaner

sspellmell · 23.04.2012, 09:55

Hallo,

seit gestern Abend öffnet sich nach dem Hochfahren von Windows der sogenannte "Bundespolizei-Trojaner". Ich habe mein System im abgesicherten Modus gestartet und bisher noch nichts weiter unternommen.
Google hat mich dann in dieses Forum geführt und Ich habe bereits folgenden Link durchgelesen:

http://www.trojaner-board.de/69886-a...-beachten.html

Hier die dds.txt:
[CODE].DDS Logfile:

Code:

ATTFilter

DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_24
Run by sspellmell at 10:38:06 on 2012-04-23
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3956.3163 [GMT 2:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Opera\opera.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.icq.com/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360810h516l0468z1h5t65k1d141
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360810h516l0468z1h5t65k1d141
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360810h516l0468z1h5t65k1d141
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
mRunOnce: [AvgUninstallURL] cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-appf?lic=NFVORUYtUEI2M0YtWDlaQVMtQU8zVEItSEk5Sk8tM0xQMkM"&"inst=NzctOTEzMDM2NzI1LUZMKzktRjlNNisxLVhPMzYrMS1GOU03Qys1LVhPOSsxLUY5TTMrMS1ERFQrNTU5MzktU1Q5MEZBUFArMS1ERDkwRisxLUVVTEErMS1TV
mExplorerRun: [54626] C:\PROGRA~3\LOCALS~1\Temp\mstouv.cmd
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - C:\Users\sspellmell\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\sspellmell\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79} : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{FEEF675E-7BD8-4136-92E7-58DE7F3424B6} : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{FEEF675E-7BD8-4136-92E7-58DE7F3424B6}\645736B695F657 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FEEF675E-7BD8-4136-92E7-58DE7F3424B6}\75C414E4D2136433636383 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{FEEF675E-7BD8-4136-92E7-58DE7F3424B6}\75C414E4D2335463436333 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{FEEF675E-7BD8-4136-92E7-58DE7F3424B6}\75C414E4D2648393541343 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{FEEF675E-7BD8-4136-92E7-58DE7F3424B6}\B416E64756D27486F63747E2E65647 : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{855F3B16-6D32-4FE6-8A56-BBB695989046}
EB-X64: {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-appf?lic=NFVORUYtUEI2M0YtWDlaQVMtQU8zVEItSEk5Sk8tM0xQMkM"&"inst=NzctOTEzMDM2NzI1LUZMKzktRjlNNisxLVhPMzYrMS1GOU03Qys1LVhPOSsxLUY5TTMrMS1ERFQrNTU5MzktU1Q5MEZBUFArMS1ERDkwRisxLUVVTEErMS1TV
IE-X64: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/03/27 09:15:18];C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [2010-3-27 146928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv_x64.sys --> C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [?]
S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys --> C:\Windows\system32\drivers\mcaudrv_x64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VCam_WDM;e2eSoft VCam;C:\Windows\system32\DRIVERS\VCam_WDM.sys --> C:\Windows\system32\DRIVERS\VCam_WDM.sys [?]
S3 VCam_WDM01;e2eSoft VCam 01;C:\Windows\system32\DRIVERS\VCam_WDM01.sys --> C:\Windows\system32\DRIVERS\VCam_WDM01.sys [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 253088]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S4 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-3-27 844320]
S4 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-11-8 166400]
S4 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-11-8 128512]
S4 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
S4 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-8-14 246520]
S4 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S4 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-18 50432]
S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-18 144640]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe" --> C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [?]
S4 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-4-25 2280312]
S4 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S4 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-5 2320920]
S4 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-5 240160]
.
=============== Created Last 30 ================
.
2012-04-22 19:56:29	--------	d-----w-	C:\Windows\SysWow64\wbem\en-US
2012-04-22 19:56:27	--------	d-----w-	C:\Windows\System32\wbem\en-US
2012-04-22 11:49:34	--------	d-----w-	C:\Users\sspellmell\AppData\Local\ManyCam
2012-04-22 11:49:34	--------	d-----w-	C:\ProgramData\ManyCam
2012-04-22 11:49:33	--------	d-----w-	C:\Users\sspellmell\AppData\Roaming\ManyCam
2012-04-22 11:49:27	--------	d-----w-	C:\Program Files (x86)\ManyCam
2012-04-22 11:48:57	--------	d-----w-	C:\ProgramData\Ask
2012-04-22 10:54:25	--------	d-----w-	C:\Users\sspellmell\AppData\Roaming\gizza
2012-04-22 10:53:35	106424	----a-w-	C:\Windows\System32\drivers\VCam_WDM01.sys
2012-04-22 10:53:35	106424	----a-w-	C:\Windows\System32\drivers\VCam_WDM.sys
2012-04-20 17:13:57	--------	d-----w-	C:\Program Files (x86)\SplitMediaLabs
2012-04-20 16:20:10	--------	d-----w-	C:\Program Files (x86)\Diablo III Beta
2012-04-20 16:19:26	--------	d-----w-	C:\ProgramData\Battle.net
2012-04-12 22:04:07	8741536	----a-w-	C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-12 01:04:22	5559152	----a-w-	C:\Windows\System32\ntoskrnl.exe
2012-04-12 01:04:21	3968368	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-12 01:04:21	3913072	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2012-04-12 01:00:46	81408	----a-w-	C:\Windows\System32\imagehlp.dll
2012-04-12 01:00:46	23408	----a-w-	C:\Windows\System32\drivers\fs_rec.sys
2012-04-12 01:00:46	159232	----a-w-	C:\Windows\SysWow64\imagehlp.dll
2012-04-12 01:00:45	5120	----a-w-	C:\Windows\SysWow64\wmi.dll
2012-04-12 01:00:45	5120	----a-w-	C:\Windows\System32\wmi.dll
2012-04-12 01:00:45	220672	----a-w-	C:\Windows\System32\wintrust.dll
2012-04-12 01:00:45	172544	----a-w-	C:\Windows\SysWow64\wintrust.dll
2012-04-11 21:15:36	--------	d-----w-	C:\Users\sspellmell\AppData\Local\SplitMediaLabs
2012-04-11 21:13:53	--------	d-----w-	C:\ProgramData\SplitMediaLabs
2012-04-11 21:12:25	--------	d-----w-	C:\Users\sspellmell\AppData\Roaming\SplitMediaLabs
2012-04-09 09:55:39	--------	d-----w-	C:\Program Files (x86)\Diablo II
2012-04-08 19:27:44	--------	d-----w-	C:\Users\sspellmell\AppData\Local\Chromium
2012-04-08 18:52:30	--------	d-----w-	C:\Program Files (x86)\Stunlock Studios
2012-04-07 14:09:03	--------	d-----w-	C:\Perfect World Entertainment
2012-04-07 00:42:29	--------	d-----w-	C:\Program Files (x86)\NVIDIA Corporation
2012-04-07 00:41:11	3130440	----a-w-	C:\Windows\SysWow64\pbsvc_blr.exe
2012-04-04 05:53:56	182160	----a-w-	C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2012-04-03 09:08:29	418464	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M  ====================
.
2012-04-14 05:04:11	70304	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-07 22:07:03	298016	----a-w-	C:\Windows\SysWow64\PnkBstrB.xtr
2012-04-07 22:07:03	298016	----a-w-	C:\Windows\SysWow64\PnkBstrB.exe
2012-04-07 16:33:30	298016	----a-w-	C:\Windows\SysWow64\PnkBstrB.ex0
2012-04-07 14:59:34	76888	----a-w-	C:\Windows\SysWow64\PnkBstrA.exe
2012-02-22 10:34:36	28160	----a-w-	C:\Windows\System32\drivers\mcaudrv_x64.sys
2012-02-17 06:38:26	1031680	----a-w-	C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22	826880	----a-w-	C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24	210944	----a-w-	C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32	23552	----a-w-	C:\Windows\System32\drivers\tdtcp.sys
2012-02-10 06:36:07	1544192	----a-w-	C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43	1077248	----a-w-	C:\Windows\SysWow64\DWrite.dll
2012-02-07 09:02:40	1070352	----a-w-	C:\Windows\SysWow64\MSCOMCTL.OCX
2012-02-03 04:34:34	3145728	----a-w-	C:\Windows\System32\win32k.sys
2012-01-25 06:38:39	77312	----a-w-	C:\Windows\System32\rdpwsx.dll
2012-01-25 06:38:38	149504	----a-w-	C:\Windows\System32\rdpcorekmts.dll
2012-01-25 06:33:30	9216	----a-w-	C:\Windows\System32\rdrmemptylst.exe
.
============= FINISH: 10:39:59,08 ===============

--- --- ---

Vielen Dank im Voraus,

shipshape pellmell

Edit:

Da Ich die Attach vergessen habe und man (meines Wissens) die im nachhinein nicht mehr anhängen kann schreibe Ich die jetzt auch als Code:

Code:

ATTFilter

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 14.08.2010 12:48:48
System Uptime: 23.04.2012 09:43:58 (1 hours ago)
.
Motherboard: Acer            |  | Aspire 5740                    
Processor: Intel(R) Core(TM) i5 CPU       M 430  @ 2.27GHz | CPU 1 | 2261/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 583 GiB total, 213,529 GiB free.
D: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer: 
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: sptd
Device ID: ROOT\LEGACY_SPTD\0000
Manufacturer: 
Name: sptd
PNP Device ID: ROOT\LEGACY_SPTD\0000
Service: sptd
.
==== System Restore Points ===================
.
RP188: 19.04.2012 17:54:38 - Geplanter Prüfpunkt
RP189: 20.04.2012 19:12:08 - Installed XSplit
RP190: 22.04.2012 12:23:57 - Windows Update
RP191: 22.04.2012 12:45:52 - Installed Adobe Flash Media Live Encoder 3.2.
RP192: 22.04.2012 12:53:44 - Gerätetreiber-Paketinstallation: e2eSoft Audio-, Video- und Gamecontroller
RP193: 22.04.2012 12:54:09 - Gerätetreiber-Paketinstallation: e2eSoft Audio-, Video- und Gamecontroller
RP194: 22.04.2012 13:49:31 - Installed WeatherBug Alert
RP195: 22.04.2012 15:27:08 - Removed WeatherBug Alert
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Acer Arcade Deluxe
Acer Crystal Eye webcam Ver:1.1.124.1120
Acer ePower Management
Acer eRecovery Management
Acer GridVista
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Media Live Encoder 3.2
Adobe Reader X (10.1.3) - Deutsch
Alcor Micro USB Card Reader
Anno 1404
ANNO 1404 - Venedig
Apple Application Support
Apple Software Update
ArcaniA - Gothic 4
Blacklight Retribution
Bloodline Champions
Call of Duty Modern Warfare 2
Call of Duty Modern Warfare 3 (c) Activision version 1
Call of Duty: Black Ops
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CLICK & LEARN DiDi 360° 3.0
Click to Call with Skype
Command & Conquer Generals
Command and Conquer(TM) Generäle Die Stunde Null 
Compatibility Pack für 2007 Office System
Contenta Converter PREMIUM
Crysis(R)
DAEMON Tools Pro
Diablo II
Diablo III Beta
Didi V3
eSobi v2
Fraps (remove only)
Free Video to MP3 Converter version 4.2.22.602
Free YouTube Download 2.9
Free YouTube Download 3 version 3.0.12.804
Free YouTube to MP3 Converter version 3.10.11.923
Game Booster
Google Chrome
Heroes of Newerth
ICQ Toolbar
ICQ7.7
Identity Card
Intel(R) Management Engine Components
Intel(R) Turbo Boost Technology Driver
Java Auto Updater
Java(TM) 6 Update 24
Junk Mail filter update
Launch Manager
League of Legends
League of Legends - ACE Client
LOCO EU
LOLReplay
ManyCam 3.0.68 (remove only)
McAfee Security Scan Plus
Medal of Honor (TM)
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (German) 2007
Microsoft Office InfoPath MUI (German) 2007
Microsoft Office Language Pack 2007 - German/Deutsch
Microsoft Office Live Add-in 1.5
Microsoft Office O MUI (German) 2007
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office PowerPoint Viewer 2007 (German)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Office X MUI (German) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft XNA Framework Redistributable 3.1
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA PhysX
Opera 11.62
Pando Media Booster
PDF24 Creator 2.9.7
PDFCreator
PixiePack Codec Pack
PMB
PunkBuster Services
QuickTime
Radiotracker USB
Realtek High Definition Audio Driver
S4 League_EU
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Shattered Galaxy
Skype™ 5.5
Smart Defrag 2
Star Trek Online
Tactical Ops
TeamSpeak 2 RC2
TeamSpeak 3 Client
TeamViewer 6
Uninstall 1.0.0.1
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
UT Cache Cleaner v3.0
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
VLC media player 0.9.9
Warcraft III
Warcraft III: All Products
Windows Live-Uploadtool
Windows Live Anmelde-Assistent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Sync
Windows Live Writer
WinRAR
WolfTeam International
World of Warcraft
XSplit
.
==== End Of File ===========================

Chris4You · 23.04.2012, 10:25

Hi,

lass mal bitte OTL laufen ...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe

Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen

Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output

Unter Extra Registry, wähle bitte Use SafeList

Klicke nun auf Run Scan links oben

Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)

Poste die Logfiles hier in den Thread

chris

sspellmell · 23.04.2012, 10:39

OTL:

Code:

ATTFilter

OTL logfile created on: 23.04.2012 11:28:03 - Run 1
OTL by OldTimer - Version 3.2.41.0     Folder = C:\Users\sspellmell\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,95 Gb Available Physical Memory | 76,23% Memory free
7,73 Gb Paging File | 6,92 Gb Available in Paging File | 89,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583,38 Gb Total Space | 213,53 Gb Free Space | 36,60% Space Free | Partition Type: NTFS
 
Computer Name: sspellmell-PC | User Name: sspellmell| Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\sspellmell\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
MOD - C:\Program Files (x86)\PixiePack Codec Pack\ffdshow.ax ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (EPSON_EB_RPCV4_04) EPSON V5 Service4(04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) EPSON V3 Service4(04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (AgereModemAudio) -- C:\Programme\LSI SoftModem\agr64svc.exe (LSI Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:64bit: - (VCam_WDM01) -- C:\Windows\SysNative\drivers\VCam_WDM01.sys (e2eSoft)
DRV:64bit: - (VCam_WDM) -- C:\Windows\SysNative\drivers\VCam_WDM.sys (e2eSoft)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl (CyberLink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360810h516l0468z1h5t65k1d141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360810h516l0468z1h5t65k1d141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360810h516l0468z1h5t65k1d141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360810h516l0468z1h5t65k1d141
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5740&r=27360810h516l0468z1h5t65k1d141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\sspellmell\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\sspellmell\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
[2011.11.01 16:21:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.09.23 12:51:11 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.11.01 21:58:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.07 00:43:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.23 17:10:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\sspellmell\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\sspellmell\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\sspellmell\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\sspellmell\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\sspellmell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.1.0_0\
CHR - Extension: YouTube = C:\Users\sspellmell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\sspellmell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\sspellmell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.04.22 12:24:00 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 54626 = C:\PROGRA~3\LOCALS~1\Temp\mstouv.cmd (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\sspellmell\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\sspellmell\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\sspellmell\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\sspellmell\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEEF675E-7BD8-4136-92E7-58DE7F3424B6}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c38b75c0-0961-11e1-a938-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c38b75c0-0961-11e1-a938-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Set-up.exe
O33 - MountPoints2\{c38b81f5-0961-11e1-a938-00262d996d14}\Shell - "" = AutoRun
O33 - MountPoints2\{c38b81f5-0961-11e1-a938-00262d996d14}\Shell\AutoRun\command - "" = F:\Set-up.exe
O33 - MountPoints2\{d7c9f925-b53b-11df-94b3-00262d996d14}\Shell - "" = AutoRun
O33 - MountPoints2\{d7c9f925-b53b-11df-94b3-00262d996d14}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\Shell - "" = AutoRun
O33 - MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.23 11:26:42 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\sspellmell\Desktop\OTL.exe
[2012.04.23 10:37:32 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\sspellmell\Desktop\dds.scr
[2012.04.23 10:13:12 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\Desktop\Desktop
[2012.04.22 13:49:34 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\AppData\Local\ManyCam
[2012.04.22 13:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam
[2012.04.22 13:49:33 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\AppData\Roaming\ManyCam
[2012.04.22 13:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2012.04.22 13:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.04.22 12:54:25 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\AppData\Roaming\gizza
[2012.04.22 12:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings
[2012.04.22 12:53:35 | 000,106,424 | ---- | C] (e2eSoft) -- C:\Windows\SysNative\drivers\VCam_WDM01.sys
[2012.04.22 12:53:35 | 000,106,424 | ---- | C] (e2eSoft) -- C:\Windows\SysNative\drivers\VCam_WDM.sys
[2012.04.22 12:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012.04.22 12:29:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.04.22 12:27:47 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.04.22 12:27:47 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.04.22 12:27:46 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.04.22 12:27:46 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.04.22 12:27:46 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.04.22 12:27:46 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.04.22 12:27:46 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.04.22 12:27:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.22 12:27:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.22 12:27:46 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.04.22 12:27:46 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.04.22 12:27:46 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.04.22 12:27:46 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.04.22 12:27:46 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.04.22 12:27:46 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.04.22 12:27:46 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.04.22 12:27:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.04.22 12:27:46 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.04.22 12:27:46 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.04.22 12:27:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.04.22 12:27:46 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.04.22 12:27:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.04.22 12:27:46 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.04.22 12:27:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.04.22 12:27:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.04.22 12:27:45 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.04.22 12:27:45 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.04.22 12:27:45 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.04.22 12:27:45 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.04.22 12:27:45 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.04.22 12:27:45 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.04.22 12:27:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.04.22 12:27:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.04.22 12:27:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.04.22 12:27:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.04.22 12:27:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.04.22 12:27:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.04.22 12:27:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.04.22 12:27:45 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.04.22 12:27:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.04.22 12:27:45 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.04.22 12:27:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.04.22 12:27:45 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.04.22 12:27:45 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.04.22 12:27:45 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.04.22 12:27:45 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.04.22 12:27:45 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.04.22 12:27:45 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.04.22 12:27:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.04.22 12:27:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.04.22 12:27:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.22 12:27:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.04.22 12:27:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.04.22 12:27:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.04.22 12:27:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.04.22 12:27:45 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.04.22 12:27:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.04.22 12:27:44 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.04.22 12:27:44 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.04.22 12:27:44 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.04.22 12:27:44 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.04.22 12:27:44 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.04.22 12:27:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.04.22 12:27:44 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.04.22 12:27:44 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.04.22 12:27:44 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.04.22 12:27:44 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.22 12:27:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.04.22 12:27:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.04.22 12:27:44 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.04.22 12:27:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.04.22 12:27:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.04.22 12:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012.04.21 02:08:21 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\Documents\Diablo III
[2012.04.20 19:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2012.04.20 19:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2012.04.20 18:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Beta
[2012.04.20 18:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III Beta
[2012.04.20 18:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.04.13 00:04:07 | 008,741,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.04.12 03:04:22 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.04.12 03:04:21 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.04.12 03:04:21 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.04.12 03:00:46 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.04.12 03:00:46 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.04.12 03:00:45 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.04.11 23:15:36 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\AppData\Local\SplitMediaLabs
[2012.04.11 23:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2012.04.11 23:12:25 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\AppData\Roaming\SplitMediaLabs
[2012.04.09 11:59:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
[2012.04.09 11:55:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo II
[2012.04.08 21:27:44 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\AppData\Local\Chromium
[2012.04.08 20:53:45 | 000,000,000 | ---D | C] -- C:\Users\sspellmell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bloodline Champions
[2012.04.08 20:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stunlock Studios
[2012.04.07 16:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2012.04.07 16:09:03 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2012.04.07 02:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.04.03 11:08:29 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.23 11:26:42 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\sspellmell\Desktop\OTL.exe
[2012.04.23 10:44:24 | 000,003,145 | ---- | M] () -- C:\Users\sspellmell\Desktop\Attach.zip
[2012.04.23 10:37:32 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\sspellmell\Desktop\dds.scr
[2012.04.23 10:36:59 | 000,000,020 | ---- | M] () -- C:\Users\sspellmell\defogger_reenable
[2012.04.23 10:35:27 | 000,050,477 | ---- | M] () -- C:\Users\sspellmell\Desktop\Defogger.exe
[2012.04.23 09:44:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.23 09:44:18 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.23 09:41:23 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.23 09:41:23 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.22 21:10:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1288430511-2812207666-2117316510-1000UA.job
[2012.04.22 21:04:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.22 18:40:16 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.22 18:40:16 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.04.22 18:40:16 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.22 18:40:16 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.04.22 18:40:16 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.22 18:10:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1288430511-2812207666-2117316510-1000Core.job
[2012.04.22 14:40:47 | 000,007,613 | ---- | M] () -- C:\Users\sspellmell\AppData\Local\Resmon.ResmonCfg
[2012.04.22 12:56:36 | 000,006,144 | ---- | M] () -- C:\Users\sspellmell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.22 12:27:47 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.04.22 12:27:47 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.04.22 12:27:46 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.04.22 12:27:46 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.04.22 12:27:46 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.04.22 12:27:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.04.22 12:27:46 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.04.22 12:27:46 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.22 12:27:46 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.22 12:27:46 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.04.22 12:27:46 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.04.22 12:27:46 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.04.22 12:27:46 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.04.22 12:27:46 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.04.22 12:27:46 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.04.22 12:27:46 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.04.22 12:27:46 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.04.22 12:27:46 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.04.22 12:27:46 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.04.22 12:27:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.04.22 12:27:46 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.04.22 12:27:46 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.04.22 12:27:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.04.22 12:27:46 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.04.22 12:27:46 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.04.22 12:27:46 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.04.22 12:27:45 | 002,308,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.04.22 12:27:45 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.04.22 12:27:45 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.04.22 12:27:45 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.04.22 12:27:45 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.04.22 12:27:45 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.04.22 12:27:45 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.04.22 12:27:45 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.04.22 12:27:45 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.04.22 12:27:45 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.04.22 12:27:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.04.22 12:27:45 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.04.22 12:27:45 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.04.22 12:27:45 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.04.22 12:27:45 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.04.22 12:27:45 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.04.22 12:27:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.04.22 12:27:45 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.04.22 12:27:45 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.04.22 12:27:45 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.04.22 12:27:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.04.22 12:27:45 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.04.22 12:27:45 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.04.22 12:27:45 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.04.22 12:27:45 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.04.22 12:27:45 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.22 12:27:45 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.04.22 12:27:45 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.04.22 12:27:45 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.04.22 12:27:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.04.22 12:27:45 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.04.22 12:27:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.04.22 12:27:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.04.22 12:27:44 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.04.22 12:27:44 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.04.22 12:27:44 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.04.22 12:27:44 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.04.22 12:27:44 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.04.22 12:27:44 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.04.22 12:27:44 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.04.22 12:27:44 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.04.22 12:27:44 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.22 12:27:44 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.04.22 12:27:44 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.04.22 12:27:44 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.04.22 12:27:44 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.04.22 12:27:44 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.04.22 12:27:44 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.04.14 07:04:11 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.04.14 07:04:11 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.04.14 07:04:08 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.04.08 00:07:03 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.04.08 00:07:03 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.04.07 18:33:30 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.04.07 16:59:34 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.23 10:44:24 | 000,003,145 | ---- | C] () -- C:\Users\sspellmell\Desktop\Attach.zip
[2012.04.23 10:36:59 | 000,000,020 | ---- | C] () -- C:\Users\sspellmell\defogger_reenable
[2012.04.23 10:35:27 | 000,050,477 | ---- | C] () -- C:\Users\sspellmell\Desktop\Defogger.exe
[2012.04.22 12:27:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.04.22 12:27:44 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.04.07 02:41:11 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.04.03 11:08:35 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011.11.19 19:33:54 | 000,000,000 | ---- | C] () -- C:\Users\sspellmell\AppData\Roaming\chrtmp
[2011.11.07 14:40:32 | 000,000,809 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2011.08.22 22:49:56 | 000,141,736 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.08.07 23:31:38 | 000,007,613 | ---- | C] () -- C:\Users\sspellmell\AppData\Local\Resmon.ResmonCfg
[2011.04.09 14:31:56 | 000,000,164 | ---- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2011.01.02 01:15:40 | 001,591,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.10 20:48:05 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.11.13 16:56:13 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.11.13 16:55:50 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.08.24 19:41:11 | 000,000,996 | ---- | C] () -- C:\Windows\eReg.dat
[2010.08.21 21:26:56 | 000,059,393 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.08.17 20:36:33 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.16 19:59:57 | 000,006,144 | ---- | C] () -- C:\Users\sspellmell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.14 13:10:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:76650B61

< End of report >

Extras:

Code:

ATTFilter

OTL Extras logfile created on: 23.04.2012 11:28:03 - Run 1
OTL by OldTimer - Version 3.2.41.0     Folder = C:\Users\sspellmell\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,95 Gb Available Physical Memory | 76,23% Memory free
7,73 Gb Paging File | 6,92 Gb Available in Paging File | 89,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583,38 Gb Total Space | 213,53 Gb Free Space | 36,60% Space Free | Partition Type: NTFS
 
Computer Name: sspellmell-PC | User Name: sspellmell| Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11F38253-8940-FFDA-D131-B14120C357E4}" = ATI Catalyst Install Manager
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}" = Broadcom Gigabit NetLink Controller
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BD41C9CA-7722-7C0F-8BFE-E88A81865287}" = ccc-utility64
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"EPSON S22 Series" = Druckerdeinstallation für EPSON S22 Series
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14D6085A-9A42-C0B5-823E-8C9619AC1026}" = Catalyst Control Center Graphics Full New
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16DAC0EC-E011-4CCF-B116-B9239D8927AB}" = Radiotracker USB
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1AC872E3-CB78-4D67-B00C-18DD5FFB9F47}" = S4 League_EU
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF12BFD-84AC-4E81-9A8F-496E5C2DDA79}_is1" = Didi V3
"{1FF19BBD-554D-733C-3BDF-B55C99349198}" = Catalyst Control Center Core Implementation
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{346D6B7A-4AD8-5C2C-E249-34CA3CD7D34B}" = CCC Help Polish
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{357C0C30-051F-FE77-4709-025786123FB1}" = ccc-core-static
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{41BC23C5-157F-77A0-6662-17A5096E7946}" = Catalyst Control Center Graphics Previews Vista
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4507185D-FAB8-B77D-4546-2CF31DA906AD}" = Catalyst Control Center Graphics Full Existing
"{4967ADB1-27A6-635F-A217-754BD9A05E2E}" = CCC Help Czech
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54DFD48E-0E0D-5D0C-BD93-CE3DF090EC1C}" = CCC Help Japanese
"{5528C69D-4018-C4BD-7D00-67F90623EB33}" = CCC Help Italian
"{5582C24D-5597-42D2-537E-BA329164D78D}" = CCC Help Thai
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6C90C4C4-559D-4FE8-A4BF-37550E74D1FC}" = Bloodline Champions
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{785F975B-50FB-C523-5E58-C6EFE9E62424}" = CCC Help Portuguese
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D62622F-78B7-91B0-5B75-4082DDFAC775}" = CCC Help Swedish
"{7DE2B39B-97F0-EC01-06D6-E25C6D4164DF}" = CCC Help German
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.9.7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{878789F8-276E-4D98-20E6-78DCBD77AD7D}" = CCC Help Turkish
"{89EC64D9-3BB6-4777-A877-475E3F361B2A}" = S4 League_EU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F2AE892-C036-C2F8-0D45-0ED891440D68}" = CCC Help French
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95D40BD8-2EA7-C51E-A218-B2F863481573}" = CCC Help Chinese Standard
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98A7C691-304F-31DC-A21C-3675E1D68501}" = CCC Help Chinese Traditional
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A33B56D0-F273-F6C2-C335-50AE0C83C85C}" = CCC Help Finnish
"{A44721BB-80BE-45A0-8679-F71E94400CAC}" = UT Cache Cleaner v3.0
"{A8CB3994-B273-D81E-315C-CA3A8376415E}" = Catalyst Control Center Localization All
"{A8D450FB-F8F7-4250-7CE3-A3C24CDE5722}" = CCC Help Hungarian
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{AA56BFBE-E1D1-435D-A805-52A7F788D057}_is1" = CLICK & LEARN DiDi 360° 3.0
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB82BA59-B05B-70DC-992B-D2D7A2AF4EE5}" = CCC Help Korean
"{AC2F8B30-0236-486D-A549-30BD50086BAB}" = XSplit
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{BFB59706-4FEC-37A8-96CD-C7F6932AD6DD}" = CCC Help Norwegian
"{C09EECFB-8925-5E54-1580-3FAEB6A78856}" = Catalyst Control Center Graphics Light
"{C0ED2557-8BCC-71B6-253C-BDFE26A9B37D}" = CCC Help Spanish
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C585E652-0CBC-4276-9FE7-047078677904}" = Blacklight Retribution
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CC62C6C8-0D7F-3F0D-9BD6-49CB16029A6A}" = CCC Help Greek
"{CC6D2A70-B152-E250-ABEA-5D7D681469F8}" = CCC Help English
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DAFFBC42-ABA2-882C-68CB-593B9CF9ACF5}" = CCC Help Russian
"{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"{DFF2D0B9-1706-6AA8-85CD-A70DF44AE3F8}" = CCC Help Danish
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E6AAFC37-EB31-768D-A9A5-AA8A84612615}" = CCC Help Dutch
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6B7BF58-36D0-A76E-53E2-F65DBD4A6A52}" = Catalyst Control Center InstallProxy
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"ACE LoL Client" = League of Legends - ACE Client
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"ArcaniA" = ArcaniA - Gothic 4
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"Call of Duty Modern Warfare 3 (c) Activision_is1" = Call of Duty Modern Warfare 3 (c) Activision version 1
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"ContentaConverter-PREMIUM" = Contenta Converter PREMIUM
"DAEMON Tools Pro" = DAEMON Tools Pro
"Diablo II" = Diablo II
"Diablo III Beta" = Diablo III Beta
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps (remove only)
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.2.22.602
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.12.804
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"Game Booster_is1" = Game Booster
"GridVista" = Acer GridVista
"hon" = Heroes of Newerth
"ICQToolbar" = ICQ Toolbar
"Identity Card" = Identity Card
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"League of Legends_is1" = League of Legends
"LManager" = Launch Manager
"LOCO" = LOCO EU
"LOLReplay" = LOLReplay
"ManyCam" = ManyCam 3.0.68 (remove only)
"McAfee Security Scan" = McAfee Security Scan Plus
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Opera 11.62.1347" = Opera 11.62
"PunkBusterSvc" = PunkBuster Services
"Shattered Galaxy" = Shattered Galaxy
"Smart Defrag 2_is1" = Smart Defrag 2
"Star Trek Online" = Star Trek Online
"Tactical Ops" = Tactical Ops
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 6" = TeamViewer 6
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.9
"Warcraft III" = Warcraft III
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WolfTeam International_is1" = WolfTeam International
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 10.07.2011 08:14:20 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3151
 
Error - 10.07.2011 08:23:25 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 10.07.2011 08:23:25 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 548156
 
Error - 10.07.2011 08:23:25 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 548156
 
Error - 10.07.2011 09:23:03 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 10.07.2011 09:23:03 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1139
 
Error - 10.07.2011 09:23:03 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1139
 
Error - 10.07.2011 09:23:04 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 10.07.2011 09:23:04 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2137
 
Error - 10.07.2011 09:23:04 | Computer Name = sspellmell-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2137
 
[ OSession Events ]
Error - 05.12.2010 09:19:05 | Computer Name = sspellmell-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session 
lasted 36 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 05.12.2010 09:22:47 | Computer Name = sspellmell-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session 
lasted 97 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 05.12.2010 09:23:09 | Computer Name = sspellmell-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session 
lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 11.05.2011 08:02:56 | Computer Name = sspellmell-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2750
 seconds with 2100 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 23.04.2012 03:44:48 | Computer Name = sspellmell-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23.04.2012 03:44:58 | Computer Name = sspellmell-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23.04.2012 03:45:05 | Computer Name = sspellmell-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23.04.2012 03:45:08 | Computer Name = sspellmell-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 23.04.2012 03:45:08 | Computer Name = sspellmell-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 23.04.2012 03:45:08 | Computer Name = sspellmell-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 23.04.2012 03:45:14 | Computer Name = sspellmell-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23.04.2012 03:45:14 | Computer Name = sspellmell-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 23.04.2012 03:49:57 | Computer Name = sspellmell-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23.04.2012 03:49:57 | Computer Name = sspellmell-PC | Source = DCOM | ID = 10005
Description = 
 
 
< End of report >

Chris4You · 23.04.2012, 10:54

Hi,

Fix für OTL:

Doppelklick auf die OTL.exe, um das Programm auszuführen.

Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.

Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:

ATTFilter

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 54626 = C:\PROGRA~3\LOCALS~1\Temp\mstouv.cmd (Sun Microsystems, Inc.)
O33 - MountPoints2\{c38b75c0-0961-11e1-a938-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c38b75c0-0961-11e1-a938-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Set-up.exe
O33 - MountPoints2\{c38b81f5-0961-11e1-a938-00262d996d14}\Shell - "" = AutoRun
O33 - MountPoints2\{c38b81f5-0961-11e1-a938-00262d996d14}\Shell\AutoRun\command - "" = F:\Set-up.exe
O33 - MountPoints2\{d7c9f925-b53b-11df-94b3-00262d996d14}\Shell - "" = AutoRun
O33 - MountPoints2\{d7c9f925-b53b-11df-94b3-00262d996d14}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\Shell - "" = AutoRun
O33 - MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\Shell\install\command - "" = F:\SETUP.EXE
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:76650B61

FILES:
C:\Users\sspellmell\AppData\Roaming\gizza

:Commands
[emptytemp]
[Reboot]

Den roten Run Fixes! Button anklicken.

Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.

Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:

%systemroot%\_OTL

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

chris
Ps.: Was macht denn der Eintrag:
O1 - Hosts: 127.0.0.1 activate.adobe.com
im Hostsfile??????

sspellmell · 23.04.2012, 11:21

Hier die Log von OTL:

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\AvgUninstallURL deleted successfully.
File move failed. C:\Windows\SysWOW64\cmd.exe scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\54626 deleted successfully.
C:\ProgramData\Local Settings\Temp\mstouv.cmd moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c38b75c0-0961-11e1-a938-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c38b75c0-0961-11e1-a938-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c38b75c0-0961-11e1-a938-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c38b75c0-0961-11e1-a938-806e6f6e6963}\ not found.
File E:\Set-up.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c38b81f5-0961-11e1-a938-00262d996d14}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c38b81f5-0961-11e1-a938-00262d996d14}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c38b81f5-0961-11e1-a938-00262d996d14}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c38b81f5-0961-11e1-a938-00262d996d14}\ not found.
File F:\Set-up.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c9f925-b53b-11df-94b3-00262d996d14}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d7c9f925-b53b-11df-94b3-00262d996d14}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c9f925-b53b-11df-94b3-00262d996d14}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d7c9f925-b53b-11df-94b3-00262d996d14}\ not found.
File E:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d7c9f927-b53b-11df-94b3-00262d996d14}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d7c9f927-b53b-11df-94b3-00262d996d14}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d7c9f927-b53b-11df-94b3-00262d996d14}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c9f927-b53b-11df-94b3-00262d996d14}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d7c9f927-b53b-11df-94b3-00262d996d14}\ not found.
File F:\SETUP.EXE not found.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:76650B61 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: sspellmell
->Temp folder emptied: 169229844 bytes
->Temporary Internet Files folder emptied: 118116561 bytes
->Java cache emptied: 1697875 bytes
->Google Chrome cache emptied: 330014531 bytes
->Opera cache emptied: 25646948 bytes
->Flash cache emptied: 158963 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 265191743 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50300 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 868,00 mb
 
 
OTL by OldTimer - Version 3.2.41.0 log created on 04232012_120255

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysWOW64\cmd.exe scheduled to be moved on reboot.
C:\Users\sspellmell\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

und die Log von malwarebytes:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.23.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sspellmell:: sspellmell-PC [Administrator]

Schutz: Aktiviert

23.04.2012 12:13:00
mbam-log-2012-04-23 (12-13-00).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 199829
Laufzeit: 4 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

PS:

Chris4You · 23.04.2012, 11:24

Hi,

MAM bitte mir Fullscan, nicht quickscann...
Gib bitte mal bei Ausführen CMD ein, läuft die Commandline noch?

chris

sspellmell · 23.04.2012, 12:36

Also die cmd funktioniert.

Hier die Full-Scan-Log:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.23.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sspellmell:: sspellmell-PC [Administrator]

Schutz: Deaktiviert

23.04.2012 12:32:09
mbam-log-2012-04-23 (12-32-09).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 382340
Laufzeit: 54 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Bin ich jetzt clean ? :-)

Chris4You · 23.04.2012, 13:02

Hi,

bootet der Rechner normal? Gibt es Umleitungen, z. B. Google ?

Wenn ja, dann hat MAM den kleinen Scherzkecks nicht erkannt..., daher:

Datei hochladen:
http://www.trojaner-board.de/54791-a...ner-board.html
Folge den Anweisungen dort und lade die Datei (am Besten das Verzeichnis packen):

Code:

ATTFilter

C:\_OTL\MovedFiles

hoch.

Schau mir das mal an...

chris

sspellmell · 23.04.2012, 13:28

Der PC bootet normal und Ich kann auch keinerlei "Virus" entdecken.
Ich habe das Verzeichnis hochgeladen.

Chris4You · 23.04.2012, 14:34

Hi,

von 42 Scannern wird er nur von 3 erkannt... soweit so schlecht... von wegen CMD....

Wir prüfen noch auf TDSS...

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

Das Verzeichnis C:\_OTL kannst Du löschen...

chris

sspellmell · 23.04.2012, 14:52

Also CMD hat und funktioniert immernoch...starten und auch Befehle wie ping oder ipconfig...

Hier der Report:

Code:

ATTFilter

15:53:34.0875 3632	TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
15:53:35.0255 3632	============================================================
15:53:35.0255 3632	Current date / time: 2012/04/23 15:53:35.0255
15:53:35.0255 3632	SystemInfo:
15:53:35.0255 3632	
15:53:35.0255 3632	OS Version: 6.1.7601 ServicePack: 1.0
15:53:35.0255 3632	Product type: Workstation
15:53:35.0255 3632	ComputerName: sspellmell-PC
15:53:35.0265 3632	UserName: sspellmell
15:53:35.0265 3632	Windows directory: C:\Windows
15:53:35.0265 3632	System windows directory: C:\Windows
15:53:35.0265 3632	Running under WOW64
15:53:35.0265 3632	Processor architecture: Intel x64
15:53:35.0265 3632	Number of processors: 4
15:53:35.0265 3632	Page size: 0x1000
15:53:35.0265 3632	Boot type: Normal boot
15:53:35.0265 3632	============================================================
15:53:35.0715 3632	Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:35.0720 3632	\Device\Harddisk0\DR0:
15:53:35.0720 3632	MBR partitions:
15:53:35.0720 3632	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
15:53:35.0720 3632	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x48EC12B0
15:53:35.0760 3632	C: <-> \Device\Harddisk0\DR0\Partition1
15:53:35.0760 3632	Initialize success
15:53:35.0760 3632	============================================================
15:53:41.0470 3232	============================================================
15:53:41.0470 3232	Scan started
15:53:41.0470 3232	Mode: Manual; SigCheck; TDLFS; 
15:53:41.0470 3232	============================================================
15:53:42.0165 3232	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:53:42.0255 3232	1394ohci - ok
15:53:42.0355 3232	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:53:42.0375 3232	ACPI - ok
15:53:42.0485 3232	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:53:42.0505 3232	AcpiPmi - ok
15:53:42.0655 3232	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:53:42.0675 3232	AdobeARMservice - ok
15:53:42.0855 3232	AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:53:42.0875 3232	AdobeFlashPlayerUpdateSvc - ok
15:53:43.0005 3232	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:53:43.0035 3232	adp94xx - ok
15:53:43.0155 3232	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:53:43.0185 3232	adpahci - ok
15:53:43.0305 3232	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:53:43.0325 3232	adpu320 - ok
15:53:43.0415 3232	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:53:43.0465 3232	AeLookupSvc - ok
15:53:43.0555 3232	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:53:43.0575 3232	AFD - ok
15:53:43.0665 3232	AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
15:53:43.0683 3232	AgereModemAudio - ok
15:53:43.0810 3232	AgereSoftModem  (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
15:53:43.0843 3232	AgereSoftModem - ok
15:53:43.0965 3232	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:53:43.0985 3232	agp440 - ok
15:53:44.0085 3232	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:53:44.0115 3232	ALG - ok
15:53:44.0245 3232	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:53:44.0255 3232	aliide - ok
15:53:44.0345 3232	AMD External Events Utility (41a0813f22d3330c0ca71ce5bbd42b12) C:\Windows\system32\atiesrxx.exe
15:53:44.0375 3232	AMD External Events Utility - ok
15:53:44.0485 3232	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:53:44.0505 3232	amdide - ok
15:53:44.0625 3232	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:53:44.0645 3232	AmdK8 - ok
15:53:44.0765 3232	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:53:44.0785 3232	AmdPPM - ok
15:53:44.0935 3232	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:53:44.0955 3232	amdsata - ok
15:53:45.0095 3232	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:53:45.0115 3232	amdsbs - ok
15:53:45.0245 3232	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:53:45.0265 3232	amdxata - ok
15:53:45.0385 3232	AmUStor         (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
15:53:45.0395 3232	AmUStor - ok
15:53:45.0515 3232	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:53:45.0565 3232	AppID - ok
15:53:45.0620 3232	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:53:45.0678 3232	AppIDSvc - ok
15:53:45.0780 3232	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:53:45.0830 3232	Appinfo - ok
15:53:45.0950 3232	Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:53:45.0960 3232	Apple Mobile Device - ok
15:53:46.0100 3232	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:53:46.0120 3232	arc - ok
15:53:46.0200 3232	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:53:46.0220 3232	arcsas - ok
15:53:46.0350 3232	aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:53:46.0370 3232	aspnet_state - ok
15:53:46.0460 3232	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:53:46.0520 3232	AsyncMac - ok
15:53:46.0620 3232	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:53:46.0630 3232	atapi - ok
15:53:46.0750 3232	athr            (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
15:53:46.0790 3232	athr - ok
15:53:47.0000 3232	atikmdag        (37456be85384e4cc38dc899f07f88c45) C:\Windows\system32\DRIVERS\atikmdag.sys
15:53:47.0070 3232	atikmdag - ok
15:53:47.0200 3232	atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
15:53:47.0250 3232	atksgt - ok
15:53:47.0360 3232	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:53:47.0420 3232	AudioEndpointBuilder - ok
15:53:47.0470 3232	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:53:47.0530 3232	AudioSrv - ok
15:53:47.0593 3232	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:53:47.0623 3232	AxInstSV - ok
15:53:47.0703 3232	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:53:47.0730 3232	b06bdrv - ok
15:53:47.0835 3232	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:53:47.0855 3232	b57nd60a - ok
15:53:48.0015 3232	BCM43XX         (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
15:53:48.0055 3232	BCM43XX - ok
15:53:48.0125 3232	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:53:48.0145 3232	BDESVC - ok
15:53:48.0215 3232	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:53:48.0265 3232	Beep - ok
15:53:48.0385 3232	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:53:48.0425 3232	BFE - ok
15:53:48.0475 3232	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:53:48.0525 3232	BITS - ok
15:53:48.0585 3232	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:53:48.0605 3232	blbdrive - ok
15:53:48.0705 3232	Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
15:53:48.0735 3232	Bonjour Service - ok
15:53:48.0835 3232	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:53:48.0855 3232	bowser - ok
15:53:48.0895 3232	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:53:48.0915 3232	BrFiltLo - ok
15:53:48.0935 3232	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:53:48.0955 3232	BrFiltUp - ok
15:53:49.0005 3232	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:53:49.0055 3232	Browser - ok
15:53:49.0095 3232	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:53:49.0125 3232	Brserid - ok
15:53:49.0165 3232	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:53:49.0195 3232	BrSerWdm - ok
15:53:49.0215 3232	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:53:49.0235 3232	BrUsbMdm - ok
15:53:49.0245 3232	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:53:49.0255 3232	BrUsbSer - ok
15:53:49.0355 3232	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
15:53:49.0375 3232	BthEnum - ok
15:53:49.0435 3232	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:53:49.0455 3232	BTHMODEM - ok
15:53:49.0505 3232	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:53:49.0535 3232	BthPan - ok
15:53:49.0605 3232	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
15:53:49.0630 3232	BTHPORT - ok
15:53:49.0668 3232	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:53:49.0710 3232	bthserv - ok
15:53:49.0773 3232	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
15:53:49.0790 3232	BTHUSB - ok
15:53:49.0833 3232	btusbflt        (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
15:53:49.0843 3232	btusbflt - ok
15:53:49.0853 3232	btwaudio        (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys
15:53:49.0873 3232	btwaudio - ok
15:53:49.0893 3232	btwavdt         (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
15:53:49.0903 3232	btwavdt - ok
15:53:50.0033 3232	btwdins         (dcf8d8f1f87743509d9c0207cb28637d) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:53:50.0063 3232	btwdins - ok
15:53:50.0193 3232	btwl2cap        (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:53:50.0203 3232	btwl2cap - ok
15:53:50.0313 3232	btwrchid        (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
15:53:50.0323 3232	btwrchid - ok
15:53:50.0443 3232	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:53:50.0493 3232	cdfs - ok
15:53:50.0623 3232	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:53:50.0653 3232	cdrom - ok
15:53:50.0713 3232	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:53:50.0763 3232	CertPropSvc - ok
15:53:50.0863 3232	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:53:50.0883 3232	circlass - ok
15:53:51.0053 3232	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:53:51.0073 3232	CLFS - ok
15:53:51.0193 3232	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:53:51.0203 3232	clr_optimization_v2.0.50727_32 - ok
15:53:51.0293 3232	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:53:51.0313 3232	clr_optimization_v2.0.50727_64 - ok
15:53:51.0473 3232	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:53:51.0483 3232	clr_optimization_v4.0.30319_32 - ok
15:53:51.0625 3232	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:53:51.0640 3232	clr_optimization_v4.0.30319_64 - ok
15:53:51.0743 3232	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:53:51.0763 3232	CmBatt - ok
15:53:51.0818 3232	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:53:51.0828 3232	cmdide - ok
15:53:51.0898 3232	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:53:51.0938 3232	CNG - ok
15:53:52.0048 3232	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:53:52.0058 3232	Compbatt - ok
15:53:52.0188 3232	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:53:52.0208 3232	CompositeBus - ok
15:53:52.0248 3232	COMSysApp - ok
15:53:52.0288 3232	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:53:52.0308 3232	crcdisk - ok
15:53:52.0398 3232	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:53:52.0458 3232	CryptSvc - ok
15:53:52.0528 3232	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:53:52.0578 3232	DcomLaunch - ok
15:53:52.0628 3232	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:53:52.0678 3232	defragsvc - ok
15:53:52.0758 3232	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:53:52.0818 3232	DfsC - ok
15:53:52.0928 3232	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:53:52.0988 3232	Dhcp - ok
15:53:53.0028 3232	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:53:53.0068 3232	discache - ok
15:53:53.0178 3232	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:53:53.0198 3232	Disk - ok
15:53:53.0258 3232	DKbFltr         (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
15:53:53.0268 3232	DKbFltr - ok
15:53:53.0328 3232	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:53:53.0348 3232	Dnscache - ok
15:53:53.0408 3232	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:53:53.0468 3232	dot3svc - ok
15:53:53.0478 3232	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:53:53.0518 3232	DPS - ok
15:53:53.0558 3232	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:53:53.0578 3232	drmkaud - ok
15:53:53.0635 3232	dtsoftbus01     (821bf177a24172f5f0ee9b322f58516c) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:53:53.0655 3232	dtsoftbus01 - ok
15:53:53.0788 3232	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:53:53.0828 3232	DXGKrnl - ok
15:53:53.0868 3232	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:53:53.0910 3232	EapHost - ok
15:53:54.0008 3232	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:53:54.0068 3232	ebdrv - ok
15:53:54.0118 3232	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:53:54.0138 3232	EFS - ok
15:53:54.0208 3232	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:53:54.0228 3232	ehRecvr - ok
15:53:54.0248 3232	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:53:54.0258 3232	ehSched - ok
15:53:54.0348 3232	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:53:54.0368 3232	elxstor - ok
15:53:54.0528 3232	ePowerSvc       (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:53:54.0558 3232	ePowerSvc - ok
15:53:54.0628 3232	EPSON_EB_RPCV4_04 (7db097f4f6786307168c0dddec43a565) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
15:53:54.0638 3232	EPSON_EB_RPCV4_04 ( UnsignedFile.Multi.Generic ) - warning
15:53:54.0638 3232	EPSON_EB_RPCV4_04 - detected UnsignedFile.Multi.Generic (1)
15:53:54.0658 3232	EPSON_PM_RPCV4_04 (258aa65a0862e19b7de6981fda3758ad) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
15:53:54.0668 3232	EPSON_PM_RPCV4_04 ( UnsignedFile.Multi.Generic ) - warning
15:53:54.0668 3232	EPSON_PM_RPCV4_04 - detected UnsignedFile.Multi.Generic (1)
15:53:54.0778 3232	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:53:54.0798 3232	ErrDev - ok
15:53:54.0858 3232	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:53:54.0898 3232	EventSystem - ok
15:53:54.0988 3232	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:53:55.0038 3232	exfat - ok
15:53:55.0078 3232	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:53:55.0108 3232	fastfat - ok
15:53:55.0178 3232	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:53:55.0198 3232	Fax - ok
15:53:55.0278 3232	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:53:55.0298 3232	fdc - ok
15:53:55.0328 3232	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:53:55.0378 3232	fdPHost - ok
15:53:55.0388 3232	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:53:55.0418 3232	FDResPub - ok
15:53:55.0468 3232	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:53:55.0488 3232	FileInfo - ok
15:53:55.0518 3232	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:53:55.0558 3232	Filetrace - ok
15:53:55.0588 3232	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:53:55.0598 3232	flpydisk - ok
15:53:55.0650 3232	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:53:55.0663 3232	FltMgr - ok
15:53:55.0718 3232	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:53:55.0755 3232	FontCache - ok
15:53:55.0833 3232	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:53:55.0843 3232	FontCache3.0.0.0 - ok
15:53:55.0893 3232	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:53:55.0903 3232	FsDepends - ok
15:53:55.0953 3232	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:53:55.0963 3232	Fs_Rec - ok
15:53:56.0083 3232	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:53:56.0113 3232	fvevol - ok
15:53:56.0153 3232	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:53:56.0163 3232	gagp30kx - ok
15:53:56.0303 3232	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:53:56.0313 3232	GEARAspiWDM - ok
15:53:56.0383 3232	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:53:56.0443 3232	gpsvc - ok
15:53:56.0533 3232	Greg_Service    (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
15:53:56.0563 3232	Greg_Service - ok
15:53:56.0673 3232	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:53:56.0693 3232	hcw85cir - ok
15:53:56.0813 3232	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:53:56.0843 3232	HdAudAddService - ok
15:53:56.0973 3232	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:53:57.0003 3232	HDAudBus - ok
15:53:57.0033 3232	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:53:57.0033 3232	HECIx64 - ok
15:53:57.0133 3232	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:53:57.0153 3232	HidBatt - ok
15:53:57.0183 3232	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:53:57.0193 3232	HidBth - ok
15:53:57.0303 3232	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:53:57.0333 3232	HidIr - ok
15:53:57.0413 3232	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:53:57.0463 3232	hidserv - ok
15:53:57.0593 3232	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:53:57.0613 3232	HidUsb - ok
15:53:57.0660 3232	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:53:57.0713 3232	hkmsvc - ok
15:53:57.0748 3232	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:53:57.0760 3232	HomeGroupListener - ok
15:53:57.0798 3232	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:53:57.0808 3232	HomeGroupProvider - ok
15:53:57.0898 3232	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:53:57.0918 3232	HpSAMD - ok
15:53:57.0998 3232	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:53:58.0048 3232	HTTP - ok
15:53:58.0098 3232	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:53:58.0108 3232	hwpolicy - ok
15:53:58.0158 3232	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:53:58.0178 3232	i8042prt - ok
15:53:58.0258 3232	IAANTMON        (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:53:58.0278 3232	IAANTMON - ok
15:53:58.0368 3232	iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
15:53:58.0388 3232	iaStor - ok
15:53:58.0518 3232	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:53:58.0538 3232	iaStorV - ok
15:53:58.0638 3232	ICQ Service     (86b750cc384f3a8b8c1d12f3188307ae) C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
15:53:58.0658 3232	ICQ Service - ok
15:53:58.0758 3232	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:53:58.0798 3232	idsvc - ok
15:53:58.0968 3232	igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:53:59.0048 3232	igfx - ok
15:53:59.0168 3232	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:53:59.0188 3232	iirsp - ok
15:53:59.0258 3232	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:53:59.0308 3232	IKEEXT - ok
15:53:59.0438 3232	Impcd           (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
15:53:59.0458 3232	Impcd - ok
15:53:59.0720 3232	IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys
15:53:59.0763 3232	IntcAzAudAddService - ok
15:53:59.0963 3232	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:53:59.0983 3232	intelide - ok
15:54:00.0143 3232	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:54:00.0163 3232	intelppm - ok
15:54:00.0283 3232	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:54:00.0333 3232	IPBusEnum - ok
15:54:00.0463 3232	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:54:00.0513 3232	IpFilterDriver - ok
15:54:00.0633 3232	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:54:00.0683 3232	iphlpsvc - ok
15:54:00.0753 3232	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:54:00.0773 3232	IPMIDRV - ok
15:54:00.0833 3232	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:54:00.0893 3232	IPNAT - ok
15:54:00.0973 3232	iPod Service    (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
15:54:01.0003 3232	iPod Service - ok
15:54:01.0103 3232	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:54:01.0133 3232	IRENUM - ok
15:54:01.0173 3232	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:54:01.0193 3232	isapnp - ok
15:54:01.0243 3232	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:54:01.0263 3232	iScsiPrt - ok
15:54:01.0353 3232	k57nd60a        (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
15:54:01.0373 3232	k57nd60a - ok
15:54:01.0423 3232	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:54:01.0443 3232	kbdclass - ok
15:54:01.0563 3232	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:54:01.0583 3232	kbdhid - ok
15:54:01.0643 3232	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:54:01.0663 3232	KeyIso - ok
15:54:01.0728 3232	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:54:01.0748 3232	KSecDD - ok
15:54:01.0770 3232	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:54:01.0790 3232	KSecPkg - ok
15:54:01.0828 3232	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:54:01.0868 3232	ksthunk - ok
15:54:01.0958 3232	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:54:02.0028 3232	KtmRm - ok
15:54:02.0108 3232	L1E             (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
15:54:02.0128 3232	L1E - ok
15:54:02.0178 3232	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:54:02.0228 3232	LanmanServer - ok
15:54:02.0298 3232	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:54:02.0348 3232	LanmanWorkstation - ok
15:54:02.0488 3232	lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
15:54:02.0508 3232	lirsgt - ok
15:54:02.0548 3232	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:54:02.0598 3232	lltdio - ok
15:54:02.0688 3232	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:54:02.0738 3232	lltdsvc - ok
15:54:02.0808 3232	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:54:02.0848 3232	lmhosts - ok
15:54:02.0978 3232	LMS             (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:54:02.0998 3232	LMS - ok
15:54:03.0098 3232	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:54:03.0118 3232	LSI_FC - ok
15:54:03.0158 3232	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:54:03.0178 3232	LSI_SAS - ok
15:54:03.0208 3232	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:54:03.0218 3232	LSI_SAS2 - ok
15:54:03.0238 3232	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:54:03.0248 3232	LSI_SCSI - ok
15:54:03.0268 3232	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:54:03.0308 3232	luafv - ok
15:54:03.0438 3232	ManyCam         (922cbac7b992b9614cab7122f4bf9406) C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
15:54:03.0458 3232	ManyCam - ok
15:54:03.0608 3232	MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:54:03.0628 3232	MBAMProtector - ok
15:54:03.0738 3232	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:54:03.0763 3232	MBAMService - ok
15:54:03.0898 3232	mcaudrv_simple  (34a42dd7cf525d0d2c5232916496e4b8) C:\Windows\system32\drivers\mcaudrv_x64.sys
15:54:03.0915 3232	mcaudrv_simple - ok
15:54:04.0018 3232	McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
15:54:04.0038 3232	McComponentHostService - ok
15:54:04.0128 3232	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:54:04.0148 3232	Mcx2Svc - ok
15:54:04.0198 3232	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:54:04.0208 3232	megasas - ok
15:54:04.0238 3232	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:54:04.0258 3232	MegaSR - ok
15:54:04.0338 3232	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:54:04.0358 3232	Microsoft Office Groove Audit Service - ok
15:54:04.0438 3232	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:54:04.0488 3232	MMCSS - ok
15:54:04.0538 3232	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:54:04.0578 3232	Modem - ok
15:54:04.0608 3232	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:54:04.0618 3232	monitor - ok
15:54:04.0728 3232	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:54:04.0748 3232	mouclass - ok
15:54:04.0778 3232	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:54:04.0798 3232	mouhid - ok
15:54:04.0908 3232	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:54:04.0928 3232	mountmgr - ok
15:54:04.0958 3232	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:54:04.0978 3232	mpio - ok
15:54:05.0008 3232	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:54:05.0058 3232	mpsdrv - ok
15:54:05.0108 3232	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:54:05.0168 3232	MpsSvc - ok
15:54:05.0228 3232	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:54:05.0258 3232	MRxDAV - ok
15:54:05.0288 3232	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:54:05.0308 3232	mrxsmb - ok
15:54:05.0348 3232	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:54:05.0368 3232	mrxsmb10 - ok
15:54:05.0398 3232	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:54:05.0418 3232	mrxsmb20 - ok
15:54:05.0528 3232	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:54:05.0538 3232	msahci - ok
15:54:05.0588 3232	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:54:05.0608 3232	msdsm - ok
15:54:05.0643 3232	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:54:05.0663 3232	MSDTC - ok
15:54:05.0708 3232	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:54:05.0760 3232	Msfs - ok
15:54:05.0833 3232	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:54:05.0883 3232	mshidkmdf - ok
15:54:05.0923 3232	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:54:05.0943 3232	msisadrv - ok
15:54:05.0983 3232	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:54:06.0033 3232	MSiSCSI - ok
15:54:06.0033 3232	msiserver - ok
15:54:06.0083 3232	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:54:06.0133 3232	MSKSSRV - ok
15:54:06.0183 3232	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:54:06.0213 3232	MSPCLOCK - ok
15:54:06.0233 3232	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:54:06.0263 3232	MSPQM - ok
15:54:06.0313 3232	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:54:06.0343 3232	MsRPC - ok
15:54:06.0393 3232	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:54:06.0403 3232	mssmbios - ok
15:54:06.0433 3232	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:54:06.0483 3232	MSTEE - ok
15:54:06.0513 3232	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:54:06.0523 3232	MTConfig - ok
15:54:06.0543 3232	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:54:06.0553 3232	Mup - ok
15:54:06.0593 3232	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:54:06.0633 3232	napagent - ok
15:54:06.0733 3232	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:54:06.0763 3232	NativeWifiP - ok
15:54:06.0853 3232	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:54:06.0893 3232	NDIS - ok
15:54:06.0923 3232	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:54:06.0963 3232	NdisCap - ok
15:54:06.0993 3232	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:54:07.0043 3232	NdisTapi - ok
15:54:07.0183 3232	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:54:07.0243 3232	Ndisuio - ok
15:54:07.0293 3232	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:54:07.0333 3232	NdisWan - ok
15:54:07.0383 3232	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:54:07.0433 3232	NDProxy - ok
15:54:07.0473 3232	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:54:07.0523 3232	NetBIOS - ok
15:54:07.0613 3232	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:54:07.0670 3232	NetBT - ok
15:54:07.0710 3232	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:54:07.0720 3232	Netlogon - ok
15:54:07.0758 3232	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:54:07.0798 3232	Netman - ok
15:54:07.0948 3232	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:07.0968 3232	NetMsmqActivator - ok
15:54:08.0038 3232	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:08.0048 3232	NetPipeActivator - ok
15:54:08.0258 3232	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:54:08.0308 3232	netprofm - ok
15:54:08.0598 3232	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:08.0608 3232	NetTcpActivator - ok
15:54:08.0618 3232	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:08.0628 3232	NetTcpPortSharing - ok
15:54:08.0798 3232	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:54:08.0808 3232	nfrd960 - ok
15:54:09.0008 3232	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:54:09.0048 3232	NlaSvc - ok
15:54:09.0198 3232	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:54:09.0248 3232	Npfs - ok
15:54:09.0368 3232	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:54:09.0408 3232	nsi - ok
15:54:09.0518 3232	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:54:09.0568 3232	nsiproxy - ok
15:54:09.0793 3232	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:54:09.0833 3232	Ntfs - ok
15:54:09.0983 3232	NTIBackupSvc    (fd324cce1d4d5bb5af65f8e55b462c7e) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:54:10.0003 3232	NTIBackupSvc - ok
15:54:10.0233 3232	NTIDrvr         (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
15:54:10.0243 3232	NTIDrvr - ok
15:54:10.0393 3232	NTISchedulerSvc (3f6268a2ec33cd38cf75c880af8ded42) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:54:10.0413 3232	NTISchedulerSvc - ok
15:54:10.0533 3232	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:54:10.0583 3232	Null - ok
15:54:10.0873 3232	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:54:10.0893 3232	nvraid - ok
15:54:11.0083 3232	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:54:11.0103 3232	nvstor - ok
15:54:11.0343 3232	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:54:11.0363 3232	nv_agp - ok
15:54:11.0613 3232	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:54:11.0645 3232	odserv - ok
15:54:11.0815 3232	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:54:11.0833 3232	ohci1394 - ok
15:54:11.0998 3232	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:54:12.0018 3232	ose - ok
15:54:12.0138 3232	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:54:12.0168 3232	p2pimsvc - ok
15:54:12.0318 3232	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:54:12.0348 3232	p2psvc - ok
15:54:12.0458 3232	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:54:12.0468 3232	Parport - ok
15:54:12.0508 3232	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:54:12.0518 3232	partmgr - ok
15:54:12.0608 3232	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:54:12.0638 3232	PcaSvc - ok
15:54:12.0718 3232	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:54:12.0748 3232	pci - ok
15:54:12.0858 3232	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:54:12.0868 3232	pciide - ok
15:54:12.0908 3232	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:54:12.0918 3232	pcmcia - ok
15:54:12.0958 3232	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:54:12.0978 3232	pcw - ok
15:54:13.0008 3232	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:54:13.0068 3232	PEAUTH - ok
15:54:13.0138 3232	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:54:13.0168 3232	PerfHost - ok
15:54:13.0258 3232	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:54:13.0328 3232	pla - ok
15:54:13.0358 3232	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:54:13.0378 3232	PlugPlay - ok
15:54:13.0428 3232	PMBDeviceInfoProvider - ok
15:54:13.0508 3232	PnkBstrA - ok
15:54:13.0538 3232	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:54:13.0558 3232	PNRPAutoReg - ok
15:54:13.0588 3232	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:54:13.0598 3232	PNRPsvc - ok
15:54:13.0638 3232	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:54:13.0690 3232	PolicyAgent - ok
15:54:13.0718 3232	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:54:13.0755 3232	Power - ok
15:54:13.0833 3232	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:54:13.0883 3232	PptpMiniport - ok
15:54:13.0958 3232	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:54:13.0978 3232	Processor - ok
15:54:14.0018 3232	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:54:14.0068 3232	ProfSvc - ok
15:54:14.0108 3232	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:54:14.0128 3232	ProtectedStorage - ok
15:54:14.0188 3232	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:54:14.0248 3232	Psched - ok
15:54:14.0318 3232	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:54:14.0358 3232	ql2300 - ok
15:54:14.0468 3232	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:54:14.0488 3232	ql40xx - ok
15:54:14.0528 3232	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:54:14.0558 3232	QWAVE - ok
15:54:14.0618 3232	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:54:14.0648 3232	QWAVEdrv - ok
15:54:14.0668 3232	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:54:14.0718 3232	RasAcd - ok
15:54:14.0758 3232	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:54:14.0808 3232	RasAgileVpn - ok
15:54:14.0888 3232	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:54:14.0938 3232	RasAuto - ok
15:54:14.0998 3232	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:54:15.0048 3232	Rasl2tp - ok
15:54:15.0208 3232	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:54:15.0278 3232	RasMan - ok
15:54:15.0348 3232	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:54:15.0398 3232	RasPppoe - ok
15:54:15.0418 3232	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:54:15.0458 3232	RasSstp - ok
15:54:15.0498 3232	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:54:15.0538 3232	rdbss - ok
15:54:15.0568 3232	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:54:15.0598 3232	rdpbus - ok
15:54:15.0628 3232	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:54:15.0670 3232	RDPCDD - ok
15:54:15.0688 3232	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:54:15.0723 3232	RDPENCDD - ok
15:54:15.0743 3232	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:54:15.0780 3232	RDPREFMP - ok
15:54:15.0823 3232	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:54:15.0833 3232	RDPWD - ok
15:54:15.0903 3232	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:54:15.0923 3232	rdyboost - ok
15:54:15.0953 3232	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:54:16.0013 3232	RemoteAccess - ok
15:54:16.0053 3232	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:54:16.0093 3232	RemoteRegistry - ok
15:54:16.0203 3232	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:54:16.0233 3232	RFCOMM - ok
15:54:16.0273 3232	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:54:16.0323 3232	RpcEptMapper - ok
15:54:16.0343 3232	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:54:16.0353 3232	RpcLocator - ok
15:54:16.0413 3232	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:54:16.0463 3232	RpcSs - ok
15:54:16.0563 3232	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:54:16.0613 3232	rspndr - ok
15:54:16.0723 3232	RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
15:54:16.0733 3232	RTHDMIAzAudService - ok
15:54:16.0773 3232	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:54:16.0793 3232	SamSs - ok
15:54:16.0833 3232	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:54:16.0853 3232	sbp2port - ok
15:54:16.0893 3232	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:54:16.0953 3232	SCardSvr - ok
15:54:17.0003 3232	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:54:17.0053 3232	scfilter - ok
15:54:17.0103 3232	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:54:17.0153 3232	Schedule - ok
15:54:17.0193 3232	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:54:17.0223 3232	SCPolicySvc - ok
15:54:17.0263 3232	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:54:17.0283 3232	SDRSVC - ok
15:54:17.0343 3232	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:54:17.0393 3232	secdrv - ok
15:54:17.0473 3232	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:54:17.0513 3232	seclogon - ok
15:54:17.0553 3232	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:54:17.0583 3232	SENS - ok
15:54:17.0603 3232	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:54:17.0613 3232	SensrSvc - ok
15:54:17.0690 3232	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:54:17.0710 3232	Serenum - ok
15:54:17.0733 3232	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:54:17.0750 3232	Serial - ok
15:54:17.0793 3232	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:54:17.0810 3232	sermouse - ok
15:54:17.0858 3232	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:54:17.0918 3232	SessionEnv - ok
15:54:17.0978 3232	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:54:17.0998 3232	sffdisk - ok
15:54:18.0018 3232	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:54:18.0038 3232	sffp_mmc - ok
15:54:18.0058 3232	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:54:18.0078 3232	sffp_sd - ok
15:54:18.0108 3232	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:54:18.0128 3232	sfloppy - ok
15:54:18.0168 3232	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:54:18.0228 3232	SharedAccess - ok
15:54:18.0268 3232	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:54:18.0308 3232	ShellHWDetection - ok
15:54:18.0378 3232	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:54:18.0398 3232	SiSRaid2 - ok
15:54:18.0418 3232	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:54:18.0438 3232	SiSRaid4 - ok
15:54:18.0578 3232	SmartDefragDriver (94ce7845af6a2065b829e0126cd56236) C:\Windows\system32\Drivers\SmartDefragDriver.sys
15:54:18.0588 3232	SmartDefragDriver - ok
15:54:18.0638 3232	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:54:18.0688 3232	Smb - ok
15:54:18.0728 3232	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:54:18.0748 3232	SNMPTRAP - ok
15:54:18.0798 3232	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:54:18.0818 3232	spldr - ok
15:54:18.0878 3232	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:54:18.0928 3232	Spooler - ok
15:54:19.0038 3232	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:54:19.0118 3232	sppsvc - ok
15:54:19.0148 3232	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:54:19.0188 3232	sppuinotify - ok
15:54:19.0238 3232	sptd - ok
15:54:19.0308 3232	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:54:19.0338 3232	srv - ok
15:54:19.0438 3232	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:54:19.0458 3232	srv2 - ok
15:54:19.0488 3232	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:54:19.0508 3232	srvnet - ok
15:54:19.0588 3232	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:54:19.0648 3232	SSDPSRV - ok
15:54:19.0660 3232	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:54:19.0698 3232	SstpSvc - ok
15:54:19.0735 3232	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:54:19.0745 3232	stexstor - ok
15:54:19.0808 3232	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:54:19.0843 3232	stisvc - ok
15:54:19.0883 3232	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:54:19.0903 3232	swenum - ok
15:54:19.0933 3232	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:54:19.0983 3232	swprv - ok
15:54:20.0043 3232	SynTP           (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
15:54:20.0063 3232	SynTP - ok
15:54:20.0183 3232	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:54:20.0233 3232	SysMain - ok
15:54:20.0273 3232	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:54:20.0293 3232	TabletInputService - ok
15:54:20.0333 3232	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:54:20.0383 3232	TapiSrv - ok
15:54:20.0413 3232	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:54:20.0453 3232	TBS - ok
15:54:20.0563 3232	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:54:20.0613 3232	Tcpip - ok
15:54:20.0753 3232	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:54:20.0803 3232	TCPIP6 - ok
15:54:20.0843 3232	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:54:20.0873 3232	tcpipreg - ok
15:54:20.0913 3232	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:54:20.0923 3232	TDPIPE - ok
15:54:20.0963 3232	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:54:20.0973 3232	TDTCP - ok
15:54:21.0013 3232	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:54:21.0063 3232	tdx - ok
15:54:21.0203 3232	TeamViewer6     (efd6843c137991cd253ca959e300e886) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
15:54:21.0253 3232	TeamViewer6 - ok
15:54:21.0363 3232	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:54:21.0373 3232	TermDD - ok
15:54:21.0433 3232	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:54:21.0483 3232	TermService - ok
15:54:21.0513 3232	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:54:21.0523 3232	Themes - ok
15:54:21.0563 3232	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:54:21.0593 3232	THREADORDER - ok
15:54:21.0623 3232	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:54:21.0663 3232	TrkWks - ok
15:54:21.0728 3232	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:54:21.0780 3232	TrustedInstaller - ok
15:54:21.0878 3232	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:54:21.0918 3232	tssecsrv - ok
15:54:22.0048 3232	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:54:22.0068 3232	TsUsbFlt - ok
15:54:22.0128 3232	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:54:22.0178 3232	tunnel - ok
15:54:22.0218 3232	TurboB          (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
15:54:22.0228 3232	TurboB - ok
15:54:22.0298 3232	TurboBoost      (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:54:22.0318 3232	TurboBoost - ok
15:54:22.0408 3232	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:54:22.0428 3232	uagp35 - ok
15:54:22.0528 3232	UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
15:54:22.0538 3232	UBHelper - ok
15:54:22.0598 3232	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:54:22.0648 3232	udfs - ok
15:54:22.0688 3232	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:54:22.0708 3232	UI0Detect - ok
15:54:22.0778 3232	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:54:22.0798 3232	uliagpkx - ok
15:54:22.0898 3232	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:54:22.0918 3232	umbus - ok
15:54:22.0958 3232	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:54:22.0978 3232	UmPass - ok
15:54:23.0108 3232	UNS             (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:54:23.0158 3232	UNS - ok
15:54:23.0268 3232	Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:54:23.0288 3232	Updater Service - ok
15:54:23.0368 3232	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:54:23.0428 3232	upnphost - ok
15:54:23.0498 3232	USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:54:23.0508 3232	USBAAPL64 - ok
15:54:23.0638 3232	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:54:23.0668 3232	usbaudio - ok
15:54:23.0700 3232	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:54:23.0718 3232	usbccgp - ok
15:54:23.0758 3232	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:54:23.0780 3232	usbcir - ok
15:54:23.0800 3232	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:54:23.0818 3232	usbehci - ok
15:54:23.0840 3232	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:54:23.0860 3232	usbhub - ok
15:54:23.0888 3232	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:54:23.0900 3232	usbohci - ok
15:54:23.0938 3232	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:54:23.0968 3232	usbprint - ok
15:54:24.0008 3232	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:54:24.0028 3232	USBSTOR - ok
15:54:24.0058 3232	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:54:24.0078 3232	usbuhci - ok
15:54:24.0158 3232	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:54:24.0178 3232	usbvideo - ok
15:54:24.0278 3232	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:54:24.0338 3232	UxSms - ok
15:54:24.0388 3232	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:54:24.0398 3232	VaultSvc - ok
15:54:24.0478 3232	VCam_WDM        (71ca94f344f1631ec25521b3f7fcbe29) C:\Windows\system32\DRIVERS\VCam_WDM.sys
15:54:24.0498 3232	VCam_WDM - ok
15:54:24.0558 3232	VCam_WDM01      (5e882726f634a09c5870ff3081dcfad2) C:\Windows\system32\DRIVERS\VCam_WDM01.sys
15:54:24.0578 3232	VCam_WDM01 - ok
15:54:24.0638 3232	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:54:24.0658 3232	vdrvroot - ok
15:54:24.0698 3232	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:54:24.0758 3232	vds - ok
15:54:24.0798 3232	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:54:24.0808 3232	vga - ok
15:54:24.0838 3232	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:54:24.0878 3232	VgaSave - ok
15:54:24.0918 3232	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:54:24.0928 3232	vhdmp - ok
15:54:24.0958 3232	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:54:24.0968 3232	viaide - ok
15:54:25.0008 3232	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:54:25.0018 3232	volmgr - ok
15:54:25.0068 3232	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:54:25.0088 3232	volmgrx - ok
15:54:25.0128 3232	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:54:25.0158 3232	volsnap - ok
15:54:25.0198 3232	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:54:25.0218 3232	vsmraid - ok
15:54:25.0278 3232	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:54:25.0338 3232	VSS - ok
15:54:25.0378 3232	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:54:25.0388 3232	vwifibus - ok
15:54:25.0398 3232	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:54:25.0418 3232	vwififlt - ok
15:54:25.0528 3232	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:54:25.0558 3232	vwifimp - ok
15:54:25.0638 3232	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:54:25.0703 3232	W32Time - ok
15:54:25.0763 3232	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:54:25.0780 3232	WacomPen - ok
15:54:25.0828 3232	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:54:25.0870 3232	WANARP - ok
15:54:25.0883 3232	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:54:25.0933 3232	Wanarpv6 - ok
15:54:25.0983 3232	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:54:26.0013 3232	wbengine - ok
15:54:26.0043 3232	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:54:26.0063 3232	WbioSrvc - ok
15:54:26.0103 3232	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:54:26.0123 3232	wcncsvc - ok
15:54:26.0143 3232	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:54:26.0153 3232	WcsPlugInService - ok
15:54:26.0213 3232	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:54:26.0223 3232	Wd - ok
15:54:26.0253 3232	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:54:26.0293 3232	Wdf01000 - ok
15:54:26.0313 3232	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:54:26.0343 3232	WdiServiceHost - ok
15:54:26.0343 3232	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:54:26.0363 3232	WdiSystemHost - ok
15:54:26.0393 3232	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:54:26.0413 3232	WebClient - ok
15:54:26.0443 3232	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:54:26.0483 3232	Wecsvc - ok
15:54:26.0503 3232	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:54:26.0543 3232	wercplsupport - ok
15:54:26.0583 3232	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:54:26.0623 3232	WerSvc - ok
15:54:26.0683 3232	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:54:26.0733 3232	WfpLwf - ok
15:54:26.0753 3232	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:54:26.0763 3232	WIMMount - ok
15:54:26.0793 3232	WinDefend - ok
15:54:26.0803 3232	WinHttpAutoProxySvc - ok
15:54:26.0903 3232	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:54:26.0963 3232	Winmgmt - ok
15:54:27.0043 3232	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:54:27.0103 3232	WinRM - ok
15:54:27.0243 3232	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:54:27.0263 3232	WinUsb - ok
15:54:27.0303 3232	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:54:27.0333 3232	Wlansvc - ok
15:54:27.0403 3232	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:54:27.0423 3232	WmiAcpi - ok
15:54:27.0493 3232	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:54:27.0513 3232	wmiApSrv - ok
15:54:27.0553 3232	WMPNetworkSvc - ok
15:54:27.0633 3232	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:54:27.0653 3232	WPCSvc - ok
15:54:27.0683 3232	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:54:27.0713 3232	WPDBusEnum - ok
15:54:27.0763 3232	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:54:27.0818 3232	ws2ifsl - ok
15:54:27.0853 3232	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:54:27.0868 3232	wscsvc - ok
15:54:27.0875 3232	WSearch - ok
15:54:27.0968 3232	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:54:28.0038 3232	wuauserv - ok
15:54:28.0098 3232	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:54:28.0158 3232	WudfPf - ok
15:54:28.0278 3232	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:54:28.0338 3232	WUDFRd - ok
15:54:28.0368 3232	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:54:28.0408 3232	wudfsvc - ok
15:54:28.0448 3232	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:54:28.0478 3232	WwanSvc - ok
15:54:28.0588 3232	X6va003 - ok
15:54:28.0618 3232	X6va005 - ok
15:54:28.0718 3232	{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl
15:54:28.0738 3232	{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
15:54:28.0768 3232	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:54:28.0958 3232	\Device\Harddisk0\DR0 - ok
15:54:28.0958 3232	Boot (0x1200)   (9693aae52c1d1e7a2ed192c81b47f531) \Device\Harddisk0\DR0\Partition0
15:54:28.0968 3232	\Device\Harddisk0\DR0\Partition0 - ok
15:54:28.0998 3232	Boot (0x1200)   (708386a38cfaf9b7ce494f568960424d) \Device\Harddisk0\DR0\Partition1
15:54:28.0998 3232	\Device\Harddisk0\DR0\Partition1 - ok
15:54:28.0998 3232	============================================================
15:54:28.0998 3232	Scan finished
15:54:28.0998 3232	============================================================
15:54:29.0018 2388	Detected object count: 2
15:54:29.0018 2388	Actual detected object count: 2
15:54:31.0818 2388	EPSON_EB_RPCV4_04 ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:31.0818 2388	EPSON_EB_RPCV4_04 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:54:31.0821 2388	EPSON_PM_RPCV4_04 ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:31.0821 2388	EPSON_PM_RPCV4_04 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Chris4You · 23.04.2012, 14:56

Hi,

Du hast den Scan unterbrochen, bitte vollständig durchlaufen lassen...

chris

sspellmell · 23.04.2012, 15:01

Tschuldigung. Ich hatte ausversehen das falsche kopiert und unterbrochen weil Ich den mehrmals gemacht habe, da Ich den Report Button übersehen hatte.
Ich habe den jetzt Editiert.

Chris4You · 23.04.2012, 15:20

Hi,

ist i. O....
Damit sollten wir durch sein...
Und kauf Dir bei Gelegenheit mal eine Adobe-Lizenz!

chris

sspellmell · 23.04.2012, 15:26

Vielen Dank!

Bundespolizei Trojaner

Plagegeister aller Art und deren Bekämpfung: Bundespolizei Trojaner