Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Internetprobleme. Ein Schädling oder falsche Einstellungen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.09.2012, 16:45   #1
Kékfrankos
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



Hallo,

Ich habe ein Internetproblem. Denn es funktioniert sogut wie garnicht mehr. Cache ist gelöscht. Bei anderen Browser besteht das gleiche Problem. Die Ladezeiten sind sehr lang. Meist kommt dann...."Die Website kann nicht angezeigt werden". Manchmal läd es die Seiten nicht richtig, wobei dann nicht alles angezeigt wird. Kaltstart hilft auch nicht.
Meine Freundin geht ebenfalls über gleichen Router ins Internet. Da besteht das Problem nicht. Manchmal habe ich die Möglichkeit, den Router zurückzusetzen. Das funktioniert dann. Das kommt immer dann, wenn "Die Website kann nicht angeziegt werden". Dann klicke ich auf "Problem suchen" und bekomme die Meldung, das es mit den Netzwerkadapter oder Modem ein Problem gibt. Und unten stehen dann verschiedene Auswahlmöglichkeiten. Da klicke ich immer auf "LAN- Verbindung" zurücksetzen".
Was ist denn da schon wieder los?!
Vielen Dank im voraus.

Alt 07.09.2012, 17:01   #2
markusg
/// Malware-holic
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 07.09.2012, 18:04   #3
Kékfrankos
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



Ich hoffe, das ist so korrekt.

OTL.txt

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.09.2012 18:34:49 - Run 1
OTL by OldTimer - Version 3.2.61.1     Folder = C:\Users\Melanie\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 62,40% Memory free
6,09 Gb Paging File | 4,82 Gb Available in Paging File | 79,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 22,80 Gb Free Space | 15,81% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 84,81 Gb Free Space | 58,83% Space Free | Partition Type: NTFS
 
Computer Name: MELANIE-PC | User Name: Melanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.07 18:31:33 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Melanie\Desktop\OTL.exe
PRC - [2012.08.09 02:38:14 | 003,414,680 | ---- | M] (Electronic Arts) -- C:\Program Files\Origin\Origin.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.04.22 13:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.04.22 13:50:36 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012.04.22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.02.02 19:41:44 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Melanie\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2011.12.24 18:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.09 14:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010.08.25 20:03:02 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010.08.10 16:10:58 | 002,349,776 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.25 05:40:24 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008.05.14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.05.14 17:05:22 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.05.08 02:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.30 19:02:40 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.03.18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.03.05 11:56:30 | 001,216,512 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2008.01.10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007.03.27 12:00:32 | 000,196,608 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Acer VCM\acp2HID.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.07 17:30:58 | 000,052,736 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012.09.01 11:01:42 | 000,063,488 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.06.16 06:59:48 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll
MOD - [2012.06.15 17:02:27 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.15 17:02:03 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.05.16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.05.16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.05.16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.05.16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.05.16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.05.16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.05.16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.05.16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.05.16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.05.16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.05.16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.05.16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.05.16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.05.16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.05.16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.05.16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.05.16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2012.05.16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.05.16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.05.16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.05.16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.05.13 19:29:31 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012.05.13 17:28:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.13 08:37:42 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.13 08:36:54 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012.05.13 08:36:01 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.13 08:35:39 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2010.01.22 15:13:30 | 000,323,160 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\winSkinD7R.bpl
MOD - [2010.01.22 15:13:16 | 000,045,656 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl
MOD - [2010.01.22 15:11:36 | 000,150,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\STFix.dll
MOD - [2010.01.22 15:11:30 | 000,057,432 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\NtfsData.dll
MOD - [2009.08.16 18:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.03.30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.05.14 17:05:10 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.05.07 20:06:48 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
MOD - [2008.05.07 20:06:48 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2008.05.07 20:06:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2008.04.30 16:00:02 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008.04.04 03:00:58 | 000,003,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
MOD - [2007.09.11 11:12:08 | 000,475,136 | ---- | M] () -- C:\Program Files\Acer\Acer VCM\AcerControl.dll
MOD - [2003.06.07 23:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.08.15 16:42:17 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.12.24 18:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2008.05.14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\Melanie\AppData\Local\Temp\5776.sys -- (5776)
DRV - [2012.04.22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.01.17 20:04:28 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.12.10 16:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.05.07 18:23:00 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2008.10.21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.10.21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008.10.21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008.10.21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.10.21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008.10.21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008.10.21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.05.16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008.03.21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.03.01 01:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.10 19:23:50 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE2Emdm.sys -- (SE2Emdm)
DRV - [2006.11.10 19:23:48 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE2Emdfl.sys -- (SE2Emdfl)
DRV - [2006.11.10 19:23:42 | 000,061,600 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE2Ebus.sys -- (SE2Ebus)
DRV - [2002.07.17 17:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\URLSearchHook: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 20 68 53 4C 41 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{33884283-6AFC-47E6-8E99-97A67428C427}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7_____de
IE - HKCU\..\SearchScopes\{9E0543C7-01AB-4629-AADE-14618AE20644}: "URL" = hxxp://de.search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4
FF - prefs.js..extensions.enabledAddons: OneClickDownload@OneClickDownload.com:1.0
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.100006
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Melanie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.20 18:28:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.15 02:20:22 | 000,000,000 | ---D | M]
 
[2010.08.03 14:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\mozilla\Extensions
[2012.08.03 12:41:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions
[2011.02.11 17:02:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.04 16:48:49 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.08.03 12:41:41 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.01.20 19:33:03 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.12.23 20:27:02 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\engine@conduit.com
[2012.08.03 12:40:27 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\OneClickDownload@OneClickDownload.com
[2012.08.03 12:40:33 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\plugin@yontoo.com
[2010.12.08 16:47:52 | 000,000,927 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\mozilla\firefox\profiles\uoiz31cn.default\searchplugins\conduit.xml
[2012.01.20 18:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.21 09:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.21 07:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 07:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.21 07:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 07:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 07:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 07:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.09.01 10:30:07 | 000,000,761 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (TranslatorBar 1.2 Toolbar) - {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 1.2 Toolbar) - {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (TranslatorBar 1.2 Toolbar) - {548F6736-8FE4-4680-82F2-170D6C07E1D2} - C:\Program Files\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E811D30-5B9D-459A-9418-1DAB9B194607}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C83C2E58-E41D-4A49-AB9B-A0B62AE8C939}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^Users^Melanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.8087520392255758.exe.lnk -  - File not found
MsConfig - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= -  File not found
MsConfig - StartUpReg: SweetIM - hkey= - key= - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.07 18:31:31 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\Melanie\Desktop\OTL.exe
[2012.09.05 16:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.09.05 03:01:20 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.09.05 03:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.05 03:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.09.01 11:00:59 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\SUPERAntiSpyware.com
[2012.09.01 11:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.09.01 11:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.07 18:42:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.07 18:33:59 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.07 18:31:33 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Melanie\Desktop\OTL.exe
[2012.09.07 17:30:36 | 000,002,299 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\acervcmtmp.ini
[2012.09.07 17:30:29 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.09.07 17:30:27 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.07 17:30:22 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2012.09.07 17:30:13 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.07 17:30:13 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.07 17:30:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.07 17:30:05 | 3146,633,216 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.07 17:15:44 | 000,194,749 | ---- | M] () -- C:\Users\Melanie\Desktop\Unbenannt.jpg
[2012.09.02 10:22:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.09.01 10:30:07 | 000,000,761 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.08.19 16:40:09 | 000,000,000 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\FileOut.cns
[2012.08.19 16:40:09 | 000,000,000 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\FileIn.cns
[2012.08.16 02:17:58 | 003,682,016 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.12 18:15:50 | 000,628,914 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.12 18:15:50 | 000,596,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.12 18:15:50 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.12 18:15:50 | 000,104,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.09.07 17:15:44 | 000,194,749 | ---- | C] () -- C:\Users\Melanie\Desktop\Unbenannt.jpg
[2011.03.22 16:52:49 | 000,000,312 | ---- | C] () -- C:\Windows\Demex.INI
[2011.02.11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.01.26 17:57:21 | 000,009,063 | ---- | C] () -- C:\Users\Melanie\.recently-used.xbel
[2011.01.21 15:52:42 | 000,096,346 | ---- | C] () -- C:\Program Files\Viktigt om Photoshop CS5.pdf
[2011.01.21 15:52:42 | 000,092,906 | ---- | C] () -- C:\Program Files\Photoshop CS5 - Bitte lesen.pdf
[2011.01.21 15:52:42 | 000,086,075 | ---- | C] () -- C:\Program Files\Photoshop CS5 — Lisez-moi.pdf
[2011.01.21 15:52:42 | 000,085,584 | ---- | C] () -- C:\Program Files\Léame de Photoshop CS5.pdf
[2011.01.21 15:52:42 | 000,079,176 | ---- | C] () -- C:\Program Files\Photoshop CS5 - Lueminut.pdf
[2011.01.21 15:52:42 | 000,079,067 | ---- | C] () -- C:\Program Files\Vigtigt-fil til Photoshop CS5.pdf
[2011.01.21 15:52:42 | 000,078,485 | ---- | C] () -- C:\Program Files\Viktig om Photoshop CS5.pdf
[2011.01.21 15:52:41 | 000,096,852 | ---- | C] () -- C:\Program Files\Leia-me do Photoshop CS5.pdf
[2011.01.21 15:52:41 | 000,086,462 | ---- | C] () -- C:\Program Files\Lees mij voor Photoshop CS5.pdf
[2011.01.21 15:52:41 | 000,085,462 | ---- | C] () -- C:\Program Files\Leggimi di Photoshop CS5.pdf
[2010.10.06 16:53:05 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.10.04 09:59:30 | 000,000,052 | ---- | C] () -- C:\Windows\wininit.ini
[2010.10.02 07:23:54 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.09.29 11:32:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2010.09.29 11:32:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2010.09.28 09:06:14 | 000,005,056 | ---- | C] () -- C:\ProgramData\drctchbl.xvi
[2010.08.28 00:47:58 | 000,002,299 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\acervcmtmp.ini
[2010.02.24 12:57:19 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.01.23 14:50:06 | 000,007,052 | ---- | C] () -- C:\Users\Melanie\AppData\Local\d3d9caps.dat
[2009.11.01 16:35:56 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\FileOut.cns
[2009.11.01 16:35:56 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\FileIn.cns
[2008.10.05 00:05:18 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\wklnhst.dat
[2008.10.04 21:55:48 | 000,102,912 | ---- | C] () -- C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.04 16:31:59 | 000,000,669 | ---- | C] () -- C:\Users\Melanie\Sample Pictures.lnk
 
========== LOP Check ==========
 
[2008.10.08 18:17:35 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Acer
[2008.05.07 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Acer GameZone Console
[2010.09.09 16:18:04 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\ASCOMP Software
[2010.09.30 09:07:26 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Axfeoh
[2008.10.12 20:08:34 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Big Fish Games
[2012.01.17 20:18:46 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Canneverbe Limited
[2011.01.21 17:09:44 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.11.03 16:13:09 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\DAEMON Tools Pro
[2012.03.10 17:04:21 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\DVDVideoSoft
[2011.08.21 17:11:18 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.22 14:55:54 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\EAC
[2008.10.04 20:47:32 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\eSobi
[2008.10.10 18:12:11 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\FloodLightGames
[2008.10.15 23:19:55 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Gaijin Ent
[2008.10.10 14:58:35 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Gearbox Software
[2010.12.27 21:57:58 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\GetRightToGo
[2012.01.20 18:43:41 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\GHISLER
[2011.01.25 14:35:44 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\gtk-2.0
[2010.12.15 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\ICQ
[2010.10.12 06:22:34 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\IObit
[2008.10.13 19:37:42 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\iWin
[2011.03.16 15:56:19 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Jasc
[2010.05.09 19:29:15 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\MAGIX
[2012.03.25 13:18:11 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Nokia
[2012.03.25 13:18:12 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Nokia Suite
[2012.08.09 02:40:01 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Origin
[2011.09.02 17:23:20 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\PC Suite
[2012.01.17 15:17:32 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\PhotoFiltre
[2008.10.11 23:33:04 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\PlayFirst
[2012.03.11 11:22:29 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Systweak
[2009.12.21 09:29:22 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\temp
[2008.10.05 00:05:56 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Template
[2011.01.09 23:35:27 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\TubeBox
[2010.03.12 19:05:41 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\TuneUp Software
[2010.09.14 12:46:21 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\UDC Profiles
[2010.03.15 12:20:46 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Uniblue
[2010.09.29 11:49:10 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\Yqmii
[2012.09.07 17:30:22 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2012.09.07 17:29:23 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.01.18 22:13:28 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.10.04 13:05:22 | 000,000,000 | ---D | M] -- C:\Acer
[2011.12.24 15:46:36 | 000,000,000 | ---D | M] -- C:\ActivityChanger
[2008.09.10 18:43:54 | 000,000,000 | ---D | M] -- C:\Book
[2009.07.27 22:07:07 | 000,000,000 | ---D | M] -- C:\Boot
[2010.12.08 16:45:31 | 000,000,000 | ---D | M] -- C:\CabMakerFiles
[2009.05.18 12:41:45 | 000,000,000 | ---D | M] -- C:\CDHOME
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008.10.04 16:27:30 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.06.30 18:04:13 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft
[2010.09.06 20:53:33 | 000,000,000 | ---D | M] -- C:\EGIS_Drive
[2008.10.04 16:35:54 | 000,000,000 | ---D | M] -- C:\Elements
[2012.07.22 19:06:36 | 000,000,000 | ---D | M] -- C:\engine
[2008.04.30 09:21:30 | 000,000,000 | ---D | M] -- C:\Intel
[2008.05.07 19:46:17 | 000,000,000 | R--D | M] -- C:\MSOCache
[2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.09.05 03:01:20 | 000,000,000 | ---D | M] -- C:\Program Files
[2012.09.01 10:59:52 | 000,000,000 | ---D | M] -- C:\ProgramData
[2008.10.04 16:27:30 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.02.01 21:00:24 | 000,000,000 | R--D | M] -- C:\Sandbox
[2011.01.24 23:04:09 | 000,000,000 | ---D | M] -- C:\SETUP
[2012.07.22 19:06:36 | 000,000,000 | -H-D | M] -- C:\SETUP.1
[2012.07.22 19:09:43 | 000,000,000 | -H-D | M] -- C:\SETUP.2
[2012.08.03 23:06:01 | 000,000,000 | -H-D | M] -- C:\SETUP.3
[2012.09.07 18:43:21 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.08.19 16:40:24 | 000,000,000 | ---D | M] -- C:\Train Store
[2010.08.16 04:36:42 | 000,000,000 | R--D | M] -- C:\Users
[2012.07.08 10:00:49 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2006.11.02 11:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 11:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 11:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 11:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 08:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\agp440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\agp440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.09.10 18:44:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.09.10 18:44:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.09.10 18:44:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2011.12.24 18:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2011.01.26 17:57:21 | 000,009,063 | ---- | M] () -- C:\Users\Melanie\.recently-used.xbel
[2012.09.07 18:34:52 | 006,029,312 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat
[2012.09.07 18:34:52 | 000,262,144 | ---- | M] () -- C:\Users\Melanie\ntuser.dat.LOG1
[2010.08.24 13:25:56 | 000,262,144 | ---- | M] () -- C:\Users\Melanie\ntuser.dat.LOG2
[2012.09.07 17:29:21 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{37f50bb9-ee82-11e0-a4e4-001d72c6155e}.TM.blf
[2012.09.07 17:29:21 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{37f50bb9-ee82-11e0-a4e4-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms
[2011.10.04 23:05:42 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{37f50bb9-ee82-11e0-a4e4-001d72c6155e}.TMContainer00000000000000000002.regtrans-ms
[2010.05.29 08:32:40 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.29 08:32:40 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2008.10.04 16:31:01 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2011.10.04 14:31:47 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{59c42f6b-cef9-11df-893a-001d72c6155e}.TM.blf
[2011.10.04 14:31:47 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{59c42f6b-cef9-11df-893a-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms
[2010.10.03 21:08:07 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{59c42f6b-cef9-11df-893a-001d72c6155e}.TMContainer00000000000000000002.regtrans-ms
[2010.10.03 15:57:08 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{86966b68-6af0-11df-adb2-001d72c6155e}.TM.blf
[2010.10.03 15:57:08 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{86966b68-6af0-11df-adb2-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms
[2010.05.29 09:06:59 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{86966b68-6af0-11df-adb2-001d72c6155e}.TMContainer00000000000000000002.regtrans-ms
[2010.05.29 08:52:41 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{edb220e7-6aec-11df-b273-001d72c6155e}.TM.blf
[2010.05.29 08:52:41 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{edb220e7-6aec-11df-b273-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms
[2010.05.29 08:41:10 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{edb220e7-6aec-11df-b273-001d72c6155e}.TMContainer00000000000000000002.regtrans-ms
[2008.10.04 16:31:01 | 000,000,020 | -HS- | M] () -- C:\Users\Melanie\ntuser.ini
[2008.10.04 16:31:59 | 000,000,669 | ---- | M] () -- C:\Users\Melanie\Sample Pictures.lnk
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
--- --- ---


Extras.txt

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 07.09.2012 18:34:49 - Run 1
OTL by OldTimer - Version 3.2.61.1     Folder = C:\Users\Melanie\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 62,40% Memory free
6,09 Gb Paging File | 4,82 Gb Available in Paging File | 79,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 22,80 Gb Free Space | 15,81% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 84,81 Gb Free Space | 58,83% Space Free | Partition Type: NTFS
 
Computer Name: MELANIE-PC | User Name: Melanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09E11437-59C8-4EB0-8D5E-283C8F05EF4A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{0C00CD96-E916-4407-BCF7-6DECD3A82C64}" = lport=139 | protocol=6 | dir=in | app=system | 
"{2882D68C-FC26-4BAF-A42C-E9D0ED988E14}" = rport=139 | protocol=6 | dir=out | app=system | 
"{4A032908-2B58-4F81-A93F-0620ECA91478}" = rport=138 | protocol=17 | dir=out | app=system | 
"{5E510D95-42BD-41D0-B666-AD5F613957FF}" = rport=445 | protocol=6 | dir=out | app=system | 
"{643AD0F3-9D35-4525-90C0-010A7D263420}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{784E2A77-F00D-4E1D-8586-22B145D9F9A0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{8651D672-111F-40A6-B800-1BFFF5CB1262}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{8C2D4A10-B6A1-4610-9D38-E2943BBDB40D}" = lport=137 | protocol=17 | dir=in | app=system | 
"{945B0167-FF4B-49F6-9265-2B97CF4E0E1A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A15E0144-73F5-4F5A-90D0-D7514147F6DA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{A364324E-B2E1-4000-A07D-D68078E2DB39}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AA9759AB-2735-4130-BA21-CA934597F217}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{B0CCEC36-0F68-4200-9333-07ABDC9E6849}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{B3743900-03CE-48DB-AB35-E7E997A036C3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{BBCB0133-12F2-49E1-8A9E-C87374CF6097}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C0849094-A269-43F7-A514-8A8C66D993C0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{CD6B8795-BB01-401C-A467-E540D3C6F34B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{D079FD0A-2E5D-4340-ADF7-EF1DF81D13CB}" = lport=138 | protocol=17 | dir=in | app=system | 
"{FDF55BDF-09D1-404F-8550-43F21FB73820}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046CAE90-41BD-4DFF-9F66-69CBDABEA0DC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0515AB49-D391-4A91-8DAF-53C4D3C2F355}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{057C4092-4B25-4539-939B-63111302ADC0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{07AB2621-6363-4FD4-A967-F8B970F0F8E4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0AA0CB6D-250A-497E-896F-CC4E0E01269B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0E42E275-4EDB-4BE4-9107-69835DD8382A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1078D01E-5551-4BBA-B6D4-0A4CB6DB4C87}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{13B1B061-F775-40F5-BC17-822DAEDA0C4E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{18F13C8A-2F99-4689-A939-5F2BEEEE4676}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1B31B917-3FB6-4893-AEFB-86D65F402F3B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1F4BF65C-AD70-4820-A638-34912EDC82B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{201477B6-A117-44F3-A075-F09B1F3E8CC7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2865EE00-F211-4AD9-849A-446E836A2CE9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2AEE8DF9-D92E-45A7-A7CA-60478A153D76}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{2BD739EF-A368-40D8-8694-38C445AFF41E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2BEC0200-4362-4359-8DA8-1E235BD7E646}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{2CDCF5F8-6BE7-4195-B77A-DBE6DC9C8B00}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2D6C587F-53A7-41DA-A284-844F79B44E52}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2DB9864A-7249-4E0B-9B05-84DF35F6E304}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{2E12FE3B-F0BF-4E1B-875B-01449643E220}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2E39948B-3696-4D57-A6BE-DC4061598B5E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2F95D4F7-1A70-4609-8797-1F4695C71702}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{30B1BB7C-47DA-409F-9A46-272821AD65E4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{31A2002C-2D07-4788-A180-D1FB7DF92E6E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{31EE60CF-0E6A-4F5E-A2B9-23EE956A20DA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{32C776B1-88B3-498B-BDDD-382E5DA221A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{34F8E6F2-3633-4471-8D44-EA6DD247C4BE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{357157BD-043D-4229-97C7-6BEABC42647F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{36D901B5-EADB-4255-A267-C76D8598AC78}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{381AAF77-5325-44C7-BBDF-1F1A67E76AC2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3867FFCB-159C-405B-AB2E-64EEAB55BD47}" = protocol=6 | dir=in | app=c:\gamigo\snowboundonline\run.exe | 
"{38FE7F86-9D6B-43F3-A7D0-D452EB973705}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{39543FCA-E84E-4C40-BDBD-3AD976759DFC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3F191BD8-E698-460A-8E8B-39B1F3923758}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3F2A30C2-D1C1-41BB-9EFC-ED567874373F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{405CF252-7C68-4DA7-BF60-4350E324D3AA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{40F6633E-C7F1-4B60-A140-293DB36D74F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{473D0EBB-ED72-4BCD-9868-A12242E9F7ED}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{4CBED2F2-E9DE-4B1F-A436-742C6E9F4A6D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4D013F74-3C09-499E-9EE2-04EC2B33842C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4E03B8D7-3820-4ABB-B0FD-3C8D279BE0B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4E68C5A0-5745-45E5-9D6F-310383B088EA}" = protocol=17 | dir=in | app=e:\libneap.dll | 
"{5042E790-1744-4447-AD2D-8B89F17ADD43}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5426B4D8-11C5-4418-B531-70355A855A0D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{54D9BC0D-F3EC-4491-988E-72FDCF6C729F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5AD711F2-CD42-429E-818E-E2A72FAD3FF2}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{5EB66F48-0DF4-49AE-8897-76AEDA2FA512}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5F445A37-1343-4DEB-A2C3-B705E4382C35}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{5F5DE20E-E07B-41C8-941A-1DA578BE3076}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{623F3F0C-96E3-4507-BC2C-6751D634CA79}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{63D7495B-9C2F-4C95-8ADD-8A62782781D8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{663E24DB-746F-4613-A025-711B5352DF9A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{6698C2B0-0C8C-4BB4-AC2D-76CBD39FA84B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{66EB64F4-4600-4C86-B478-2BC2E528FDAA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{686C827B-3F1E-4B91-834A-B92FBE144655}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{69E15D11-2F91-4A1A-BA60-6DFB87DF6DBE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6C6D270D-9A2E-495B-B7B3-20CCAC190787}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6CAD8071-31AD-4DBA-B819-2FEE6DD0200E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6CD629A3-AF4A-4EE4-B3DB-759E3ED6EEA3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6D9FF4BA-8651-4AE4-A762-9D7549032A22}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{700FF7C9-0677-496A-84D5-E6EAB672A274}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7342C6A4-8AC8-4854-A52A-E52D09D484B0}" = protocol=17 | dir=in | app=e:\alicesetup.exe | 
"{74BEE852-5C5F-4F60-9C63-6033F6513F06}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{769C3A4E-BB2D-46C0-967C-0602B83F3261}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7C0A7420-F5A9-4FB3-A313-79B5B5F94228}" = protocol=6 | dir=in | app=e:\libneap.dll | 
"{7EC7D901-F7A4-4E8A-8BEF-B0AA9FB84F81}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{831C7BC7-8A7C-4A3C-87B6-879B810A3C49}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8A242C81-33AC-4B6C-9D23-50A4360AC30C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8AF0D93E-83E2-460D-B674-27487D45D47D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8B2B9469-10B8-4B65-9139-D84FB2585854}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8B3488E5-E66D-4C64-A6D6-400D01F097BA}" = protocol=17 | dir=in | app=e:\dwizard615.exe | 
"{8FA528E3-1568-4DB4-A8C2-CC941BA9335F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{912C173F-76FA-43A2-9A1B-1217ADBCA054}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{92199FC9-675B-41DD-A674-A697D6DF84FF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9E00047A-456B-4324-9237-5B8996187512}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A14FF724-1692-4982-9999-8DDA3BD64CF4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A7898854-4855-42AD-A680-595A87E9CCC5}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | 
"{A7F136AA-66E0-4782-AD73-4100136243C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{ABE5CFA9-8510-4F6C-A17F-FA7AF7F79FBF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B395FF55-052E-4511-8AE5-4C79FF3318CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B5195AB3-74D6-41FD-AC3E-F13518F4641A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B5278D6D-EE48-44EB-B951-DB858009BB11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{B7750CF6-AD6A-4023-B1F8-4AFF7CC5C0E9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B77F9E97-92E6-4165-8073-C25B985F7ABA}" = protocol=17 | dir=in | app=c:\gamigo\snowboundonline\run.exe | 
"{C120845B-15ED-4155-878E-ABE812208B34}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C9D8324F-BD4A-44D3-AA49-2B99BC9E5492}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CAE458B9-6B41-469F-81C2-009550143045}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CD04A254-A2E8-4ADB-96D2-91074CD83499}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{D4B234B0-B109-4106-8A6F-C16FC6F18713}" = protocol=6 | dir=in | app=e:\dwizard615.exe | 
"{D5CB2415-F15F-4148-88D8-73081C54F0D1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D72A2A13-2176-4554-B5AB-EC4DCC6F27CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D89BC81B-F048-4FFE-A0FC-7F79DCDDF241}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DBF97DF8-19E3-4347-9A10-EBB5EAE7D1D3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DC5A5504-5DBC-44E1-9F93-576CA513434C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DFCE3B1E-5608-4F48-9692-11E4FE1FB82D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{E7626F63-126B-4076-888F-8285C87924CA}" = protocol=6 | dir=in | app=e:\alicesetup.exe | 
"{E951B1DB-74A9-4390-A214-B7CC94EA1A66}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E9BB441F-C6F6-4FBD-A10D-C7B17E32BEB5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E9D31E29-0BE1-4F04-8955-5B8661B6F271}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EF1AB119-742C-45F6-BED3-EA5389E9DED8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EF8F2DCF-6C91-4317-9FFF-5F6773A7FD87}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F25B8834-D667-4269-B7F7-932B44911059}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{F36386E8-22AB-4180-8CBF-8A7BB14BD68D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F39D629A-C59F-4EFE-8701-1FB8572EA983}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F85931DE-2FCE-4B1D-9202-52E3324F2007}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{F96C5476-AEE3-4280-A7D4-5953188EFA71}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FE697784-DB62-446A-86D7-34C40E65ABAE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{055B05DE-1E25-4A6B-8709-0BE0281B1ABA}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe | 
"TCP Query User{0A04BDCF-CCDA-4B29-B6B4-20626F0EA5B5}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe | 
"TCP Query User{0C6EA673-AC9D-4728-9464-25CB86BAB5E6}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{1C1B8E93-0AA3-4E7D-9AA6-14B67FFBE5CB}C:\program files\ea sports\fussball manager 12\online\fmonline.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 12\online\fmonline.exe | 
"TCP Query User{2986400D-C5D6-486C-9ADD-CDE44E75D3ED}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{3574FA08-1F87-4ED2-B8DC-3A7BEFF021B0}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe | 
"TCP Query User{388744BD-3526-4412-A4BB-1109BFC29F0C}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{4BF1F50E-E8AF-4079-BEEA-27C2A6AC8D50}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{5205D070-46C7-4622-93F9-779667C051B3}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{5D15C7B8-CFA4-431B-A682-A9D23FB00D13}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{A4685A39-4761-488F-AEEE-68E338D03644}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe | 
"TCP Query User{AFBF6A7F-2DA6-4B8C-8BA9-EBE64DECE3BE}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{C51BCCDF-F365-4BC2-8947-AAEF7392B2E1}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{D0F63E59-D865-4AEC-A6F3-08F091D0B961}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"TCP Query User{D1E9BC05-4850-4BB1-B835-17DF2AE04E0B}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{D38BC35D-90EE-4754-B32B-096C4A1969F4}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"TCP Query User{E13B0C81-C9EF-4B9B-9963-FBD520A40C5A}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{E79382BD-A4B3-499A-802B-41D15751A6B6}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe | 
"TCP Query User{ED6ED9CC-F340-4574-B49C-5677008F52D1}C:\program files\ea sports\fussball manager 12\online\fmonline.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 12\online\fmonline.exe | 
"TCP Query User{EF2FA0ED-34D2-4BE7-ADB8-52F4E8BB7BF4}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{0894D49F-80BA-4011-A4BB-59E5B5CB123C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{10E6197C-C817-425D-91E3-5D4A08621E48}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{24872BAB-B28E-4869-ABE8-6489FF03852D}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe | 
"UDP Query User{431C4731-6139-48D2-B95C-CB789E8D1C48}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{4483AA06-2F55-4DFC-99EA-9D0870834E90}C:\program files\ea sports\fussball manager 12\online\fmonline.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 12\online\fmonline.exe | 
"UDP Query User{54B5A8BF-7CE4-41F3-B3CD-51C0929F8BD8}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe | 
"UDP Query User{5763FB3E-FBCE-4FE8-A52D-332677094EA9}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe | 
"UDP Query User{72E33DF3-3CB6-433E-B53C-58D83282A470}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{7BC4F64D-A858-406E-B76E-880D79090B7C}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{9410DC36-2531-4B37-AC81-84863F76C926}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe | 
"UDP Query User{9A4E1845-1B11-4175-BDA4-BF598D1120CC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{A3692EF5-D088-49D7-A6E2-4804785699FB}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"UDP Query User{A588C00C-4B09-490C-8964-EFECC2E58D34}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{AFC28250-7B0E-469F-BD9F-492205F76473}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{C64DF1BC-7E98-462E-BF9C-3ACFF3AA619A}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{C8DA22EB-058E-495F-91A8-B87E94B7B5C9}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{CA796A13-5E4C-43B8-BCCD-510B80B436E6}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe | 
"UDP Query User{D3A5978F-824B-4DC7-B810-DC2C7DF357F1}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"UDP Query User{EEADDAED-B901-42C6-8941-63F704AC288E}C:\program files\ea sports\fussball manager 12\online\fmonline.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 12\online\fmonline.exe | 
"UDP Query User{FEAD0ED5-B023-4930-A4EB-EEA445753E6A}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
""Autobus ATM" per Train Simulator" = "Autobus ATM" per Train Simulator
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CFF3525-4420-48F7-981B-BF771DA53BA6}_is1" = rcPass_Pass-0002_v2_2
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 30
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}" = gmax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.8.0521 EN
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A0C1B89-04F3-4AAE-92AC-133B8D2DBEF3}_is1" = UZ_WLABmee62-001 v2.0
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EC12739-C256-4681-8E06-2FE51D4499C1}_is1" = MRCE 189 2.0
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{8226A577-657C-4961-8DDC-EAC8DF61B465}" = Microsoft Train Simulator gmax Gamepack
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1DDF160-9EE1-492B-A8D7-028B5CE0DBC8}_is1" = SZD_RIC-001 v1.0
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D16ECDF4-DA6F-418F-947A-C1652B5CFD96}" = SweetIM for Messenger 2.7
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows-Treiberpaket - Nokia Modem  (11/03/2006 6.82.0.1)
"1ClickDownload" = 1ClickDownloader
"4Musics MP3 to WAV Converter 4.3_is1" = 4Musics MP3 to WAV Converter 4.3
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"ABC Amber Audio Converter" = ABC Amber Audio Converter
"AceIt_is1" = AceIt v1.3.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AnswerWorks" = AnswerWorks Runtime
"BrothersInArms" = Brothers In Arms
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"Convoi" = Convoi 1.50
"DB Br 474 v0.1" = DB Br 474 v0.1
"Dél Alföld pálya: Béta Verzió" = Dél Alföld pálya: Béta Verzió
"DemexV1" = DEMEX
"DirectXMediaRuntime" = DirectX Media Runtime 5.1
"Druckertüchtigte IC-Wagen für den MSTS" = Druckertüchtigte IC-Wagen für den MSTS 1.0
"Eisenbahn Verkehrspläne Auskunft 3" = Eisenbahn Verkehrspläne Auskunft 3
"FormatFactory" = FormatFactory 2.90
"Free Video to Nokia Phones Converter_is1" = Free Video to Nokia Phones Converter version 2.3.815
"Free YouTube Download_is1" = Free YouTube Download version 3.0.13.815
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"FUSSBALL MANAGER 12" = FUSSBALL MANAGER 12
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"Lepsény-Rajka horgásztó-Rajka-Pápa" = Lepsény-Rajka horgásztó-Rajka-Pápa
"LManager" = Launch Manager
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"mp3-2-wav" = mp3-2-wav converter 1.14
"MSTS Activity Mover_is1" = MSTS Activity Mover, 1.0
"Nokia Suite" = Nokia Suite
"Origin" = Origin
"ProTrain 12 Karlsruhe - Basel 1.0" = ProTrain 12 Karlsruhe - Basel 1.0
"ProTrain 12 Raildriver 1.0" = ProTrain 12 Raildriver 1.0
"ProTrain 36 1.0" = ProTrain 36 1.0
"ProTrain 7 - Frankfurt-Nürnberg 1.0" = ProTrain 7 - Frankfurt-Nürnberg 1.0
"ProTrain Thema 1 - Nachtzüge 1.0" = ProTrain Thema 1 - Nachtzüge 1.0
"ProTrain Thema 1 Raildriver 1.0" = ProTrain Thema 1 Raildriver 1.0
"r8brain" = r8brain 1.9
"Revo Uninstaller" = Revo Uninstaller 1.93
"RRT_RIC_Patch_is1" = Ïàò÷ äëÿ ïàññàæèðñêèõ âàãîíîâ ãàáàðèòà RIC ¹¹ 0001-0002
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"STP DB ICE VT 605 V1.0" = STP DB ICE VT 605 V1.0
"STP DB ICE3 406 V1.0" = STP DB ICE3 406 V1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TGATool2A_is1" = TGATool2A version 4.00.34
"The route Bratislava-Brno-Praha for MSTS_is1" = The route Bratislava-Brno-Praha for MSTS version from  BP 77 / 
"Train Simulator 1.0" = Microsoft Train Simulator
"Train Store (German Language Pack)" = Train Store (German Language Pack)
"Train Store V3.2" = Train Store V3.2
"TranslatorBar_1.2 Toolbar" = TranslatorBar 1.2 Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WLABm_Rest_PKP_0001" = WLABm_Rest_PKP_0001
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
"Route_Riter v7.5" = Route_Riter v7.5
"Wupper Express 11 Actpack 1.0" = Wupper Express 11 Actpack 1.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 06.09.2012 12:02:11 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Manager12.exe, Version 1.0.0.3, Zeitstempel 
0x4ee1398a, fehlerhaftes Modul Telemetry.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4e5df9f0, Ausnahmecode 0xc0000005, Fehleroffset 0x64d72889,  Prozess-ID 0x518, 
Anwendungsstartzeit 01cd8c430912e717.
 
Error - 06.09.2012 12:15:27 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.09.2012 12:31:38 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.09.2012 12:36:23 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.09.2012 12:37:17 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung IObitUpdate.exe, Version 1.1.0.261, Zeitstempel
 0x2a425e19, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18449, Zeitstempel
 0x4da47967, Ausnahmecode 0xc0000005, Fehleroffset 0x000bfea5,  Prozess-ID 0xdd8, 
Anwendungsstartzeit 01cd8c4dd4bd57c1.
 
Error - 06.09.2012 20:01:30 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.09.2012 21:25:34 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Manager12.exe, Version 1.0.0.3, Zeitstempel 
0x4ee1398a, fehlerhaftes Modul Telemetry.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4e5df9f0, Ausnahmecode 0xc0000005, Fehleroffset 0x65d92889,  Prozess-ID 0x12d4,
 Anwendungsstartzeit 01cd8c8e1ef92cec.
 
Error - 07.09.2012 11:10:06 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 07.09.2012 11:30:28 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 07.09.2012 12:33:22 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Manager12.exe, Version 1.0.0.3, Zeitstempel 
0x4ee1398a, fehlerhaftes Modul Telemetry.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4e5df9f0, Ausnahmecode 0xc0000005, Fehleroffset 0x6a412889,  Prozess-ID 0x784, 
Anwendungsstartzeit 01cd8d125aebd68b.
 
[ System Events ]
Error - 07.09.2012 11:10:06 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.09.2012 11:14:14 | Computer Name = Melanie-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 07.09.2012 11:17:14 | Computer Name = Melanie-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 07.09.2012 11:17:19 | Computer Name = Melanie-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 07.09.2012 11:29:54 | Computer Name = Melanie-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
 
Error - 07.09.2012 11:30:03 | Computer Name = Melanie-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
 
Error - 07.09.2012 11:30:28 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.09.2012 11:30:28 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.09.2012 11:31:52 | Computer Name = Melanie-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 07.09.2012 11:44:43 | Computer Name = Melanie-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
 für die Netzwerkkarte mit der Netzwerkadresse 002269732DB5 zugeteilt werden. Der
 folgende Fehler ist aufgetreten:   %%1223. Es wird weiterhin im Hintergrund versucht,
 eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
 
[ TuneUp Events ]
Error - 12.06.2010 15:01:08 | Computer Name = Melanie-PC | Source = TuneUp Program Statistics | ID = 131840
Description = 
 
 
< End of report >
         
--- --- ---
__________________

Alt 07.09.2012, 18:14   #4
markusg
/// Malware-holic
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



ich hatte dir damals zur instalation einiger programme geraten, sehe sie hier aber nicht? hattest du wenigstens regelmäßige backups gemacht? dann spiele mal eins zurück
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.09.2012, 18:21   #5
Kékfrankos
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



Dieses MBRCheck, Sandboxie und Malwarebytes habe ich. Nebst mein Antivirus. BachkUps.....davon weiß ich leider nichts. Vielleicht ist es untergegangen. Apropos.....ein Systemwiederherstellungspunkt kann ich auch nicht erstellen. Denn das ist immer meine erste Alternative, wenn ich mit den Lappi Probleme habe.


Alt 07.09.2012, 18:36   #6
markusg
/// Malware-holic
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



ne, das ist keine alternative, ich hatte dir damals gesagt, richte dir nen backup ein, dass ist ne alternative, denn damit wird das system dann, im notfall sauber zurück gesetzt, die swh macht häufig probleme.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> Internetprobleme. Ein Schädling oder falsche Einstellungen?

Alt 07.09.2012, 19:38   #7
Kékfrankos
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



Endlich fertig.

Combofix Logfile:
Code:
ATTFilter
ComboFix 12-09-07.03 - Melanie 07.09.2012  19:52:01.3.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3000.1906 [GMT 2:00]
ausgeführt von:: c:\users\Melanie\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\roboot.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-07 bis 2012-09-07  ))))))))))))))))))))))))))))))
.
.
2012-09-07 18:07 . 2012-09-07 18:07	--------	d-----w-	c:\users\Public\AppData\Local\temp
2012-09-07 18:07 . 2012-09-07 18:07	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-05 01:01 . 2012-09-05 01:01	--------	d-----w-	c:\program files\Common Files\Skype
2012-09-05 01:01 . 2012-09-05 01:01	--------	d-----r-	c:\program files\Skype
2012-09-01 09:00 . 2012-09-07 17:39	--------	d-----w-	c:\program files\SUPERAntiSpyware
2012-08-15 17:11 . 2012-07-04 14:02	2047488	----a-w-	c:\windows\system32\win32k.sys
2012-08-15 13:28 . 2012-05-11 15:57	623616	----a-w-	c:\windows\system32\localspl.dll
2012-08-15 13:28 . 2012-06-28 11:37	916992	----a-w-	c:\windows\system32\wininet.dll
2012-08-15 13:28 . 2012-06-28 11:31	743424	----a-w-	c:\program files\Internet Explorer\iedvtool.dll
2012-08-15 13:28 . 2012-06-28 11:36	129536	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
2012-08-15 13:28 . 2012-06-28 11:31	521728	----a-w-	c:\program files\Internet Explorer\jsdbgui.dll
2012-08-15 13:28 . 2012-06-28 11:31	247808	----a-w-	c:\program files\Internet Explorer\ieproxy.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 14:42 . 2012-04-01 07:04	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-15 14:42 . 2012-01-20 16:00	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-03 11:46 . 2012-01-19 13:48	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-12-21 07:42 . 2012-01-20 16:28	121816	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2012-03-30 . 27D470DABC77BC60D0A3B0E4DEB6CB91 . 905600 . . [6.0.6002.18604] . . c:\windows\System32\drivers\tcpip.sys
.
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\System32\wuauclt.exe
.
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[7] 2012-06-28 . 0D5E31ADA4C9D24A7891E92DD33D406C . 6010368 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23385_none_f66432f95150deae\mshtml.dll
[7] 2012-06-28 . D049E2BAB04AA57CBD7D6573C532FD9D . 6008320 . . [8.00.6001.18702] . . c:\windows\System32\mshtml.dll
[7] 2012-06-28 . D049E2BAB04AA57CBD7D6573C532FD9D . 6008320 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19298_none_f5d2c7203838a6da\mshtml.dll
[7] 2012-05-15 . FACC0814B3D95D317E44070859AB5978 . 6009344 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23359_none_f688a3e55134f037\mshtml.dll
[7] 2012-05-15 . 6224CD5ACCF78EBC082CF7A493D0A340 . 6007808 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19272_none_f5e2653c382dd6ee\mshtml.dll
[7] 2012-02-28 . 6758A38197024E71F71FFF507A1AD2F1 . 5980672 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23318_none_f6b2e34b5115671c\mshtml.dll
[7] 2012-02-28 . 5F25D5561F5BDA32EDE1193EC01529BF . 5978624 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19222_none_f61874d838054b39\mshtml.dll
[7] 2011-12-15 . 0FB4CBF8B6F2407B821266F80C4EAA88 . 5980160 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23286_none_f665315d514ffade\mshtml.dll
[7] 2011-12-15 . 62CA6A044EE909202D74C138012DD9AF . 5979136 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19190_none_f5cac2ea383fdefb\mshtml.dll
[7] 2011-11-03 . D4D63FCD03E8B58D5F1DDE6D64E0FF1B . 5978624 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23266_none_f67ad135513fc2fc\mshtml.dll
[7] 2011-11-03 . 73D666A49DEC07192D7D1C367A142333 . 5978112 . . [8.00.6001.18702] . . c:\windows\ERDNT\cache\mshtml.dll
[7] 2011-11-03 . 73D666A49DEC07192D7D1C367A142333 . 5978112 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19170_none_f5e062c2382fa719\mshtml.dll
[7] 2011-09-30 . 59CC0E3A960D0B8A4BBDB6FC65340EB9 . 5972992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23250_none_f67f9f65513d0f01\mshtml.dll
[7] 2011-09-30 . 7E6C9B54B10123EA983ECDF7FBFFEA86 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19154_none_f5fa03c2381bd493\mshtml.dll
[7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll
[7] 2011-07-23 . CAB330223469AC16EDB4863DF4C9976B . 5969920 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19120_none_f616725e38071b64\mshtml.dll
[7] 2011-05-28 . 7AF8A6DB4596E3BB3309BABA661EB523 . 5967360 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23181_none_f6602e0551547f04\mshtml.dll
[7] 2011-05-28 . 6D1E32A3C964BAF06B7973E7B18E3212 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19088_none_f5dd93403830909b\mshtml.dll
[7] 2011-02-22 . 6D30A34B029176D86EC04ECE6C0F62B1 . 5964800 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23143_none_f68d6e49513241ee\mshtml.dll
[7] 2011-02-22 . AA411AEF2476D251078F9C9F0478C142 . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19048_none_f608d2f0381020d7\mshtml.dll
[7] 2010-12-18 . 0DA63A2B1D6D55E6005F4552D22E7BBE . 5962240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23111_none_f6abdd79511bbb6d\mshtml.dll
[7] 2010-12-18 . 42B87D22378C1EF98F3B6F410C2670AA . 5961216 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.19019_none_f62a42fe37f6e65b\mshtml.dll
[7] 2010-11-02 . 9FCC1F6457A84902EA7545B568B5AEDB . 5960704 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23091_none_f6555c33515c9dce\mshtml.dll
[7] 2010-11-02 . 9AC463498C480E9EB3C63DC21E4F29C8 . 5959168 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18999_none_f5d3eb7c383792a1\mshtml.dll
[7] 2010-09-08 . E993FB26BFAC2887BFE8DDAC4DC9180A . 5958656 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23067_none_f67bcdb3513ee205\mshtml.dll
[7] 2010-09-08 . 1704FC902E1B53EF87593D60FD312A55 . 5957120 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18975_none_f5e58a2c382af563\mshtml.dll
[7] 2010-06-26 . DF63821381A08F65174BA42745B1C79B . 5954560 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23040_none_f68a6b855134f8c2\mshtml.dll
[7] 2010-06-26 . D6168759945CD6BC2DB4BFCD4E94B399 . 5951488 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18943_none_f603f95c38146ee2\mshtml.dll
[7] 2010-05-04 . 62F23130C89F1EE5C0C9EEAB0685D1E5 . 5953024 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll
[7] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll
[7] 2010-02-23 . 27DB55375D8F8045A27E016BB21B17C0 . 5946880 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll
[7] 2010-02-23 . 8D5FB97AE3D30CCDD8C9D8AF447C7D09 . 5944832 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll
[7] 2010-01-02 . BE6120F3D7A853039B5437AC9E1986C1 . 5945856 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22973_none_f66d247d514a6558\mshtml.dll
[7] 2010-01-02 . DF4D546A6E1C8D0F4FC10FCC9E422763 . 5942784 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18882_none_f5d7b77c3835c828\mshtml.dll
[7] 2009-11-21 . ED6055694115B1A247B2591AB465A21D . 5944320 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22956_none_f685c5335137797b\mshtml.dll
[7] 2009-11-21 . 062B81F34EADEEF652E759BF93691C50 . 5940736 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18865_none_f5f058323822dc4b\mshtml.dll
[7] 2009-07-22 . 8FD67A68AF3E2013DC668D3DD1519BB7 . 5938176 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22903_none_f6b8d3f15111a1c1\mshtml.dll
[7] 2009-07-21 . 2620C82EEEBED884FAA1E00C4671E83A . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18813_none_f624673a37fc1de8\mshtml.dll
[7] 2009-05-12 . 5F3B323A3758C9B156B199F54A888882 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22874_none_f66e22e151498188\mshtml.dll
[7] 2009-05-09 . 89CCF8069B59780BDEF45E345E671347 . 5936128 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18783_none_f5d8b5e03834e458\mshtml.dll
[7] 2009-04-11 . A4D04D404AFC1D30EDA01EE50D27AA51 . 3596288 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll
[7] 2009-03-03 . 0DCC9623D9A3E77212177F59738BE29A . 3580928 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18226_none_1333784c22344556\mshtml.dll
[7] 2009-03-03 . A77A82830D2BBB001A53A5368934F7EB . 3581440 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22389_none_137f366d3b7fd8cb\mshtml.dll
[7] 2009-03-03 . 94ED56734E8AB74357F8EA2C5C174EA9 . 3595264 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16830_none_113c67fe251b384c\mshtml.dll
[7] 2009-03-03 . 67FFB5ED7723D03B50734614D31B57A5 . 3596800 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21023_none_11d3adb53e2e3b6c\mshtml.dll
[7] 2009-01-16 . 8FA6CFFC665D1D9D99126CFA8D8DEAB7 . 3580928 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22355_none_139ba5093b6b1f9c\mshtml.dll
[7] 2009-01-15 . E161281A8E8937ED94299A6B465D7BCE . 3580416 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18203_none_134617462226c16f\mshtml.dll
[7] 2009-01-15 . AD9E78847641E519FE50A9C27E49AD27 . 3596288 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20996_none_118b26fd3e6417c6\mshtml.dll
[7] 2009-01-15 . 676692EDC2E1DBD89EFCB617A1E75F7D . 3594752 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16809_none_1165da5c24fac888\mshtml.dll
[7] 2008-12-12 . 8ECFDD5549AD28191D8594C80D4001E8 . 3578880 . . [7.00.6001.18183] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18183_none_12ef96002267a3d0\mshtml.dll
[7] 2008-12-12 . 20348C5C94D7D4A0D9AA12FBAA698514 . 3579392 . . [7.00.6001.22328] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22328_none_13bf15ab3b5017ce\mshtml.dll
[7] 2008-12-12 . 863FBEECA377800B2AFA4F8E972BEBC0 . 3593216 . . [7.00.6000.16788] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16788_none_110e58cc253c9192\mshtml.dll
[7] 2008-12-12 . 616EA8D014AF07FB1DC97B7432794AA6 . 3594752 . . [7.00.6000.20973] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20973_none_119dc5f73e5693df\mshtml.dll
[7] 2008-10-16 . B1AE727959358E4FE72D7FE6DC6736E8 . 3578880 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18157_none_131406ec224bb559\mshtml.dll
[7] 2008-10-16 . 8B03B6121C4A55BF48B56BFAF962F879 . 3593216 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16764_none_111ff77c252ff454\mshtml.dll
[7] 2008-10-16 . 6D4AAAAAEB494F78610AE792EC6B3E77 . 3579392 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22288_none_137e343d3b80c24d\mshtml.dll
[7] 2008-10-16 . CF807C36C2E1984104D173B9DE1BCBCD . 3595264 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20937_none_11cd06cf3e328977\mshtml.dll
[7] 2008-10-02 . 3E3D3E24BD1F862CD1A772C0DAD3F134 . 3578880 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18148_none_131fd7222242b2bf\mshtml.dll
[7] 2008-10-02 . 713D3D802424C56F28A3AC21F843D9E4 . 3593216 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16757_none_112dc84625252468\mshtml.dll
[7] 2008-10-02 . 56942EB5D17DFA38CA0B2B234BB578A3 . 3579392 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22278_none_138904293b78a65c\mshtml.dll
[7] 2008-10-02 . 34311116C0A994BD82D7732D0950999C . 3594752 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20927_none_11d7d6bb3e2a6d86\mshtml.dll
[7] 2008-09-10 . 13A0AA60B35A6A13152A759536C10203 . 3591680 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16681_none_110754e02542e30a\mshtml.dll
[7] 2008-09-10 . 38EC352C600EB037FE02749F8C170B6B . 3593728 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20823_none_11d3d3ad3e2e0b03\mshtml.dll
[7] 2008-09-10 . 2C2A85BBAB617EDDD19119F66C05B1C3 . 3578368 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18063_none_130533f222576ec7\mshtml.dll
[7] 2008-09-10 . 92A81ADE1E576A53176777260190F3A1 . 3578368 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22167_none_1392d1e53b7173ed\mshtml.dll
[7] 2008-09-10 . 3AE6072A86AD8049DD133DB40F73F0C8 . 3591680 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll
[7] 2008-09-10 . ED2588D1864319C54E79443130A8004B . 3593728 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll
[7] 2008-09-10 . 9C4091CD321D6D8BCF9842F109EE574B . 3578368 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll
[7] 2008-09-10 . 977C356E655F357665310C0C95D0DBD4 . 3578368 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll
[7] 2008-06-27 . 2B59221D1B9D9FB1D202A21AFE8E410A . 3578368 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18099_none_12eac5ea226a5aa4\mshtml.dll
[7] 2008-06-27 . B964D58A6698C8FCA93447ADBDE18820 . 3592192 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16711_none_1153063a250a1c9a\mshtml.dll
[7] 2008-06-27 . 256E9D588ACB7F104123947297A9302A . 3578880 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22212_none_13c3e1f53b4d66ac\mshtml.dll
[7] 2008-06-27 . 1D73575D8A0F368CD8FE3212E8928743 . 3594240 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20868_none_11ad956f3e49f97a\mshtml.dll
[7] 2008-01-21 . 48E05FD07045BB2E5CFC43C970CAF1E7 . 3578368 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll
.
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\ERDNT\cache\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
.
[7] 2012-06-28 . A9FF16A7FBE708D936AF46AFF1B2579B . 920064 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_e50a13dad0fa7578\wininet.dll
[7] 2012-06-28 . 03B4167CC1B30AC22DF413788AFADE97 . 916992 . . [8.00.6001.18702] . . c:\windows\System32\wininet.dll
[7] 2012-06-28 . 03B4167CC1B30AC22DF413788AFADE97 . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_e478a801b7e23da4\wininet.dll
[7] 2012-05-15 . 1FDE47149D9B08C0CEBEE731FDB39E0B . 920064 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23359_none_e52e84c6d0de8701\wininet.dll
[7] 2012-05-15 . DEAF5B0677A6B864B8F4F41C127695DB . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19272_none_e488461db7d76db8\wininet.dll
[7] 2012-02-28 . 9503972A61EA647A72C326EEB51265C1 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23318_none_e558c42cd0befde6\wininet.dll
[7] 2012-02-28 . AA8B3560AED18F5290F80C82C9B75ACC . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19222_none_e4be55b9b7aee203\wininet.dll
[7] 2011-12-15 . 2F56B044E8ED4FAA812A19A8DF2115EE . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23286_none_e50b123ed0f991a8\wininet.dll
[7] 2011-12-15 . DA7C58952F082AECABF775C83F913C6F . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19190_none_e470a3cbb7e975c5\wininet.dll
[7] 2011-11-03 . 406EEBC1B3FE188DE9D6B3AFB3834E84 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23266_none_e520b216d0e959c6\wininet.dll
[7] 2011-11-03 . 4E45F092670EEE0563AA9E1A7C8A1217 . 916992 . . [8.00.6001.18702] . . c:\windows\ERDNT\cache\wininet.dll
[7] 2011-11-03 . 4E45F092670EEE0563AA9E1A7C8A1217 . 916992 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19170_none_e48643a3b7d93de3\wininet.dll
[7] 2011-09-30 . DA000DE8EB63D54DCC206AA0699B9A52 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll
[7] 2011-09-30 . 18F17E90657528C232B1944DEB4EC160 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll
[7] 2011-07-23 . D2BA28C2B3CB7F2DBB5A5F92851B3F3F . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll
[7] 2011-07-23 . 8419DAE7205374F2CAA4C9CDBD0999E6 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll
[7] 2011-05-28 . E1E66EB05099B9DDCA178A9A00FCFF74 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[7] 2011-05-28 . DE4685DE5130039FA63DA66C0F72F787 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[7] 2011-02-22 . B3A938D522F085171387FEF112AEECF5 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[7] 2011-02-22 . 047CDEFF94B63F0A4791372B47427B60 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[7] 2010-12-18 . 7D6AACE6BF60B5A1D572E082DEC9F0F0 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[7] 2010-12-18 . 74BCC23D622F32DA0450D164735ACAB1 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[7] 2010-11-02 . D364DEB34DB229A4C1EFB1BC68F505C4 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[7] 2010-11-02 . 5681261BF2572F8776E1344DCB090C0B . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[7] 2010-09-08 . 6D4B5C39BB00A8BD98462664E73AC403 . 919552 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[7] 2010-09-08 . 545264F1F3AC5BD57B159EBBDC4FDC58 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[7] 2010-06-26 . F60F99762FABCD7F4B53A4A0EBAE3505 . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[7] 2010-06-26 . 78D42E00B5AB233F34116C0EF07F1BC9 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[7] 2010-05-04 . 9DF755B063C647A1CAEB17F3E2FDDE1D . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[7] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[7] 2010-02-23 . 24427C9C96556887A2F161800F00B2DE . 919040 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[7] 2010-02-23 . EC3B3E6071E3FCD4290BFD42676EE064 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[7] 2010-01-02 . 1DC5E46312CBA5C1614B3D3359DB09C5 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[7] 2010-01-02 . 91B8712BDC74295DA14A08F519B70D65 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[7] 2009-11-21 . 0B603B1B76FF6CA2D88B658A9ECC40E8 . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[7] 2009-11-21 . DCB9E422810877D7C4115BACE54B084C . 916480 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[7] 2009-07-22 . E48ADF567FE3EFCC2EB88A2BE5E020CB . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[7] 2009-07-21 . 6206A2BF9741B31C258ACC51972AFCAA . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[7] 2009-05-12 . 4BEDA2520729640D927E09A51AB916C4 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll
[7] 2009-05-09 . D78B62CC91F043CED52F23F0085E7FE2 . 915456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[7] 2009-03-03 . 6E115E2D3FAE5077A361A5BCE78FF170 . 827392 . . [7.00.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll
[7] 2009-03-03 . 3ED9859939928CA568F487AB42175A33 . 827904 . . [7.00.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll
[7] 2009-03-03 . BA68744F8FE1BAAC35362F18774972A3 . 826368 . . [7.00.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll
[7] 2009-03-03 . 88B57405AC5B2BF513069086F8963635 . 828416 . . [7.00.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll
[7] 2009-01-16 . 6A986C2CD30633447DAB21A4852E40D6 . 827904 . . [7.00.6001.22355] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[7] 2009-01-15 . FB79A2AA5E92653B9A394FE26D799BF8 . 827392 . . [7.00.6001.18203] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[7] 2009-01-15 . 65647F41CEC0C8EEC9DF5BC1168EC76C . 827904 . . [7.00.6000.20996] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[7] 2009-01-15 . FF35D495AC08549154D1D96990513CD9 . 826368 . . [7.00.6000.16809] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
[7] 2008-10-16 . 8F89FFECF6989DD7D9ECCEC6D95D7419 . 827392 . . [7.00.6001.18157] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll
[7] 2008-10-16 . F18C1B151A0B18C35BF0919A9BA0FA0F . 826368 . . [7.00.6000.16764] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll
[7] 2008-10-16 . 4944C9FFE8903A276590D4215F74B937 . 827904 . . [7.00.6001.22288] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll
[7] 2008-10-16 . 622FE627D15DD920238A993021F0A4D1 . 827904 . . [7.00.6000.20937] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll
[7] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll
[7] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
[7] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll
[7] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
[7] 2008-09-10 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[7] 2008-09-10 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[7] 2008-09-10 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[7] 2008-09-10 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[7] 2008-09-10 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[7] 2008-09-10 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[7] 2008-09-10 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[7] 2008-09-10 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[7] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
.
[7] 2012-04-03 . CAD95AFB7FDDCC490681555C570FBB7D . 3602816 . . [6.0.6002.18607] . . c:\windows\System32\ntkrnlpa.exe
.
[7] 2012-06-28 . CE4945834BFE91AF301FA829E3E8A7AA . 638048 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23385_none_128320664925e45b\iexplore.exe
[7] 2012-06-28 . 7BC18656CCDD305665D3D7FAA283744A . 638048 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19298_none_11f1b48d300dac87\iexplore.exe
[7] 2012-05-15 . 26B900640CE979A708FD3793FA8A6C50 . 638048 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23359_none_12a791524909f5e4\iexplore.exe
[7] 2012-05-15 . 9AC31470779A703021C337FD83D683EE . 638048 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19272_none_120152a93002dc9b\iexplore.exe
[7] 2012-02-28 . CF4EFFB58D9D91E8D219C8E93BC59471 . 638240 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23318_none_12d1d0b848ea6cc9\iexplore.exe
.
.
[7] 2012-04-03 . B9907DD4BE7B1B39573BF66554AB224E . 3552640 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntoskrnl.exe
.
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{548f6736-8fe4-4680-82f2-170d6c07e1d2}"= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]
"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-11-13 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
.
[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26	3908192	----a-w-	c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
2010-06-03 16:24	2736736	----a-w-	c:\program files\TranslatorBar_1.2\tbTran.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
2010-11-13 20:58	3913000	----a-w-	c:\program files\softonic-de3\tbsoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{548f6736-8fe4-4680-82f2-170d6c07e1d2}"= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-11-13 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{548F6736-8FE4-4680-82F2-170D6C07E1D2}"= "c:\program files\TranslatorBar_1.2\tbTran.dll" [2010-06-03 2736736]
"{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-11-13 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{548f6736-8fe4-4680-82f2-170d6c07e1d2}]
.
[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 15:05	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-04 68856]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-05-16 1084840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-08 6139904]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 809480]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2008-9-10 1216512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Melanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.8087520392255758.exe.lnk]
path=c:\users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.8087520392255758.exe.lnk
backup=c:\windows\pss\0.8087520392255758.exe.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-07-03 11:46	462920	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
2009-04-26 20:23	111928	----a-r-	c:\program files\SweetIM\Messenger\SweetIM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-10-04 14:32	68856	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
R2 5776;5776;c:\users\Melanie\AppData\Local\Temp\5776.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 14:42]
.
2012-09-07 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-10-04 14:10]
.
2012-09-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-03 17:21]
.
2012-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 16:16]
.
2012-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 16:16]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://home.sweetim.com
IE: Free YouTube Download - c:\users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Melanie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\uoiz31cn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extentions.y2layers.installId - b5126983-f67f-4732-b1d5-d7f9221b65e9
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
HKCU-Run-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
AddRemove-{587A2120-41D3-11DB-3D6C-00E19E4D4AE1} - c:\program files\Microsoft Games\Train Simulator\Uninst_MSTS Patch 1.8.0521 EN.exe
AddRemove-{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} - c:\program files\SUPERAntiSpyware\Uninstall.exe
AddRemove-Wupper Express 11 Actpack 1.0 - c:\users\Melanie\Desktop\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-09-07 20:08
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-78928637-2002754984-348181283-1000\Software\SecuROM\License information*]
"datasecu"=hex:53,53,24,3e,a1,fc,48,82,d0,94,d1,3a,f3,3e,c9,bf,05,bc,2f,e3,30,
   45,8c,42,07,c7,68,47,a6,79,89,8c,4b,4f,de,a3,7a,dd,11,99,67,a3,fe,ad,a2,40,\
"rkeysecu"=hex:f2,48,57,24,39,38,75,42,be,54,5e,0a,19,64,10,96
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-09-07  20:28:48
ComboFix-quarantined-files.txt  2012-09-07 18:28
.
Vor Suchlauf: 21 Verzeichnis(se), 24.938.921.984 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 24.909.795.328 Bytes frei
.
- - End Of File - - B43ED4F56B71C359B96894FBB83A527E
         
--- --- ---

Alt 07.09.2012, 20:27   #8
markusg
/// Malware-holic
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.09.2012, 08:30   #9
Kékfrankos
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



Hallo. Seit neuesten werde ich auch manchmal auf eine andere Seite umgeleitet. Könnte das einen Zusammenhang haben? Auch links unten blendet es bei Neustart des Lappis immer ein Werbungsfenster ein.

Wie poste ich die Log? Ich habe das jetzt ausgeführt und überall "Skip" angeklickt. Auf Continue?

Alt 08.09.2012, 10:23   #10
markusg
/// Malware-holic
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



nein. gehe auf c: tdss-killer-datum-version.txt inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.09.2012, 10:51   #11
Kékfrankos
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



Bitte sehr.

Zitat:
09:23:48.0812 4548 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:23:49.0042 4548 ============================================================
09:23:49.0042 4548 Current date / time: 2012/09/08 09:23:49.0042
09:23:49.0042 4548 SystemInfo:
09:23:49.0042 4548
09:23:49.0042 4548 OS Version: 6.0.6002 ServicePack: 2.0
09:23:49.0042 4548 Product type: Workstation
09:23:49.0042 4548 ComputerName: MELANIE-PC
09:23:49.0042 4548 UserName: Melanie
09:23:49.0042 4548 Windows directory: C:\Windows
09:23:49.0042 4548 System windows directory: C:\Windows
09:23:49.0042 4548 Processor architecture: Intel x86
09:23:49.0042 4548 Number of processors: 2
09:23:49.0042 4548 Page size: 0x1000
09:23:49.0042 4548 Boot type: Normal boot
09:23:49.0042 4548 ============================================================
09:23:50.0518 4548 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:23:50.0520 4548 ============================================================
09:23:50.0520 4548 \Device\Harddisk0\DR0:
09:23:50.0521 4548 MBR partitions:
09:23:50.0521 4548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x12057000
09:23:50.0521 4548 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x133DF800, BlocksNum 0x1204E800
09:23:50.0521 4548 ============================================================
09:23:50.0572 4548 C: <-> \Device\Harddisk0\DR0\Partition1
09:23:50.0616 4548 D: <-> \Device\Harddisk0\DR0\Partition2
09:23:50.0616 4548 ============================================================
09:23:50.0616 4548 Initialize success
09:23:50.0616 4548 ============================================================
09:25:21.0469 1224 ============================================================
09:25:21.0469 1224 Scan started
09:25:21.0469 1224 Mode: Manual; SigCheck; TDLFS;
09:25:21.0469 1224 ============================================================
09:25:23.0018 1224 ================ Scan system memory ========================
09:25:23.0019 1224 System memory - ok
09:25:23.0019 1224 ================ Scan services =============================
09:25:23.0546 1224 5776 - ok
09:25:23.0776 1224 [ EC818AED40E3359FE49DDB1700151E56 ] ACEDRV09 C:\Windows\system32\drivers\ACEDRV09.sys
09:25:23.0907 1224 ACEDRV09 - ok
09:25:24.0358 1224 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:25:24.0383 1224 ACPI - ok
09:25:25.0043 1224 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:25:25.0055 1224 AdobeARMservice - ok
09:25:25.0158 1224 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:25:25.0173 1224 AdobeFlashPlayerUpdateSvc - ok
09:25:25.0207 1224 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:25:25.0235 1224 adp94xx - ok
09:25:25.0263 1224 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:25:25.0287 1224 adpahci - ok
09:25:25.0302 1224 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:25:25.0320 1224 adpu160m - ok
09:25:25.0365 1224 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:25:25.0382 1224 adpu320 - ok
09:25:25.0459 1224 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:25:25.0519 1224 AeLookupSvc - ok
09:25:25.0554 1224 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
09:25:25.0615 1224 AFD - ok
09:25:25.0646 1224 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
09:25:25.0679 1224 AgereModemAudio - ok
09:25:25.0767 1224 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
09:25:25.0882 1224 AgereSoftModem - ok
09:25:25.0923 1224 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:25:25.0936 1224 agp440 - ok
09:25:25.0967 1224 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:25:25.0982 1224 aic78xx - ok
09:25:26.0039 1224 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
09:25:26.0067 1224 ALG - ok
09:25:26.0103 1224 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
09:25:26.0116 1224 aliide - ok
09:25:26.0130 1224 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:25:26.0144 1224 amdagp - ok
09:25:26.0163 1224 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
09:25:26.0175 1224 amdide - ok
09:25:26.0211 1224 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:25:26.0256 1224 AmdK7 - ok
09:25:26.0278 1224 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:25:26.0315 1224 AmdK8 - ok
09:25:26.0342 1224 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
09:25:26.0394 1224 Appinfo - ok
09:25:26.0424 1224 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
09:25:26.0441 1224 arc - ok
09:25:26.0464 1224 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:25:26.0482 1224 arcsas - ok
09:25:26.0525 1224 [ E54E27976E2C5A6465D44C10B1D87AC0 ] ASPI C:\Windows\System32\DRIVERS\ASPI32.sys
09:25:26.0555 1224 ASPI ( UnsignedFile.Multi.Generic ) - warning
09:25:26.0555 1224 ASPI - detected UnsignedFile.Multi.Generic (1)
09:25:26.0580 1224 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:25:26.0620 1224 AsyncMac - ok
09:25:26.0678 1224 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
09:25:26.0696 1224 atapi - ok
09:25:26.0734 1224 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:25:26.0771 1224 AudioEndpointBuilder - ok
09:25:26.0811 1224 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:25:26.0834 1224 Audiosrv - ok
09:25:26.0870 1224 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:25:26.0924 1224 b57nd60x - ok
09:25:27.0136 1224 [ E22ABCAA7B6FF580FEB0D49545DC4263 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
09:25:27.0229 1224 BCM43XX - ok
09:25:27.0348 1224 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
09:25:27.0417 1224 Beep - ok
09:25:27.0475 1224 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
09:25:27.0519 1224 BFE - ok
09:25:27.0580 1224 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
09:25:27.0629 1224 BITS - ok
09:25:27.0668 1224 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:25:27.0695 1224 blbdrive - ok
09:25:27.0723 1224 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:25:27.0747 1224 bowser - ok
09:25:27.0769 1224 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:25:27.0801 1224 BrFiltLo - ok
09:25:27.0835 1224 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:25:27.0872 1224 BrFiltUp - ok
09:25:27.0960 1224 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
09:25:28.0027 1224 Browser - ok
09:25:28.0049 1224 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:25:28.0112 1224 Brserid - ok
09:25:28.0139 1224 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:25:28.0233 1224 BrSerWdm - ok
09:25:28.0252 1224 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:25:28.0314 1224 BrUsbMdm - ok
09:25:28.0330 1224 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:25:28.0388 1224 BrUsbSer - ok
09:25:28.0403 1224 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:25:28.0462 1224 BTHMODEM - ok
09:25:28.0523 1224 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
09:25:28.0528 1224 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
09:25:28.0528 1224 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
09:25:28.0557 1224 catchme - ok
09:25:28.0580 1224 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:25:28.0624 1224 cdfs - ok
09:25:28.0658 1224 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:25:28.0692 1224 cdrom - ok
09:25:28.0719 1224 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
09:25:28.0753 1224 CertPropSvc - ok
09:25:28.0773 1224 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
09:25:28.0814 1224 circlass - ok
09:25:28.0850 1224 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
09:25:28.0871 1224 CLFS - ok
09:25:28.0943 1224 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:25:28.0957 1224 clr_optimization_v2.0.50727_32 - ok
09:25:29.0036 1224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:25:29.0051 1224 clr_optimization_v4.0.30319_32 - ok
09:25:29.0073 1224 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:25:29.0116 1224 CmBatt - ok
09:25:29.0134 1224 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:25:29.0147 1224 cmdide - ok
09:25:29.0184 1224 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:25:29.0198 1224 Compbatt - ok
09:25:29.0205 1224 COMSysApp - ok
09:25:29.0215 1224 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:25:29.0230 1224 crcdisk - ok
09:25:29.0246 1224 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:25:29.0289 1224 Crusoe - ok
09:25:29.0336 1224 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:25:29.0356 1224 CryptSvc - ok
09:25:29.0406 1224 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:25:29.0487 1224 DcomLaunch - ok
09:25:29.0523 1224 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:25:29.0554 1224 DfsC - ok
09:25:29.0640 1224 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
09:25:29.0791 1224 DFSR - ok
09:25:29.0824 1224 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:25:29.0864 1224 Dhcp - ok
09:25:29.0896 1224 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
09:25:29.0910 1224 disk - ok
09:25:29.0931 1224 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
09:25:29.0942 1224 DKbFltr - ok
09:25:29.0970 1224 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:25:30.0003 1224 Dnscache - ok
09:25:30.0043 1224 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:25:30.0087 1224 dot3svc - ok
09:25:30.0115 1224 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
09:25:30.0148 1224 DPS - ok
09:25:30.0190 1224 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:25:30.0233 1224 drmkaud - ok
09:25:30.0281 1224 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:25:30.0327 1224 DXGKrnl - ok
09:25:30.0356 1224 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:25:30.0388 1224 E1G60 - ok
09:25:30.0427 1224 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
09:25:30.0451 1224 EapHost - ok
09:25:30.0479 1224 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:25:30.0499 1224 Ecache - ok
09:25:30.0578 1224 [ 2CE2DDCB1A41ED4488A2A8B98D286B3D ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
09:25:30.0605 1224 eDataSecurity Service - ok
09:25:30.0647 1224 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:25:30.0676 1224 ehRecvr - ok
09:25:30.0715 1224 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
09:25:30.0774 1224 ehSched - ok
09:25:30.0812 1224 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
09:25:30.0836 1224 ehstart - ok
09:25:30.0885 1224 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:25:30.0908 1224 elxstor - ok
09:25:31.0490 1224 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:25:31.0590 1224 EMDMgmt - ok
09:25:31.0647 1224 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:25:31.0684 1224 ErrDev - ok
09:25:31.0726 1224 [ A51FD9DF23720485991F56741BBEFCFB ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
09:25:31.0738 1224 ETService ( UnsignedFile.Multi.Generic ) - warning
09:25:31.0739 1224 ETService - detected UnsignedFile.Multi.Generic (1)
09:25:31.0830 1224 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
09:25:31.0867 1224 EventSystem - ok
09:25:31.0904 1224 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
09:25:31.0940 1224 exfat - ok
09:25:31.0967 1224 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:25:31.0992 1224 fastfat - ok
09:25:32.0039 1224 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:25:32.0077 1224 fdc - ok
09:25:32.0103 1224 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
09:25:32.0133 1224 fdPHost - ok
09:25:32.0179 1224 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
09:25:32.0231 1224 FDResPub - ok
09:25:32.0279 1224 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:25:32.0292 1224 FileInfo - ok
09:25:32.0313 1224 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:25:32.0352 1224 Filetrace - ok
09:25:32.0397 1224 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:25:32.0429 1224 flpydisk - ok
09:25:32.0456 1224 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:25:32.0475 1224 FltMgr - ok
09:25:32.0522 1224 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
09:25:32.0606 1224 FontCache - ok
09:25:32.0688 1224 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:25:32.0701 1224 FontCache3.0.0.0 - ok
09:25:32.0750 1224 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:25:32.0781 1224 Fs_Rec - ok
09:25:32.0811 1224 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:25:32.0826 1224 gagp30kx - ok
09:25:33.0034 1224 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
09:25:33.0148 1224 gpsvc - ok
09:25:33.0263 1224 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9fbf99e8cea12 C:\Program Files\Google\Update\GoogleUpdate.exe
09:25:33.0276 1224 gupdate1c9fbf99e8cea12 - ok
09:25:33.0282 1224 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:25:33.0293 1224 gupdatem - ok
09:25:33.0345 1224 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:25:33.0360 1224 gusvc - ok
09:25:33.0404 1224 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:25:33.0475 1224 HdAudAddService - ok
09:25:33.0515 1224 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:25:33.0567 1224 HDAudBus - ok
09:25:33.0597 1224 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:25:33.0649 1224 HidBth - ok
09:25:33.0665 1224 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:25:33.0732 1224 HidIr - ok
09:25:33.0796 1224 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
09:25:33.0851 1224 hidserv - ok
09:25:33.0883 1224 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:25:33.0907 1224 HidUsb - ok
09:25:33.0940 1224 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:25:33.0987 1224 hkmsvc - ok
09:25:34.0027 1224 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:25:34.0046 1224 HpCISSs - ok
09:25:34.0094 1224 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:25:34.0141 1224 HSFHWAZL - ok
09:25:34.0180 1224 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:25:34.0286 1224 HSF_DPV - ok
09:25:34.0416 1224 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:25:34.0465 1224 HTTP - ok
09:25:34.0508 1224 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:25:34.0523 1224 i2omp - ok
09:25:34.0557 1224 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:25:34.0592 1224 i8042prt - ok
09:25:34.0618 1224 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:25:34.0640 1224 iaStorV - ok
09:25:34.0733 1224 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:25:34.0805 1224 idsvc - ok
09:25:35.0456 1224 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:25:35.0931 1224 igfx - ok
09:25:35.0976 1224 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:25:35.0988 1224 iirsp - ok
09:25:36.0058 1224 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
09:25:36.0110 1224 IKEEXT - ok
09:25:36.0143 1224 [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15 C:\Windows\system32\drivers\int15.sys
09:25:36.0152 1224 int15 - ok
09:25:36.0235 1224 [ 219CA9A36D6DE2EC04F958C907673436 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:25:36.0415 1224 IntcAzAudAddService - ok
09:25:36.0474 1224 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
09:25:36.0492 1224 intelide - ok
09:25:36.0511 1224 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:25:36.0563 1224 intelppm - ok
09:25:36.0600 1224 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:25:36.0641 1224 IPBusEnum - ok
09:25:36.0658 1224 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:25:36.0691 1224 IpFilterDriver - ok
09:25:36.0764 1224 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:25:36.0793 1224 iphlpsvc - ok
09:25:36.0830 1224 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:25:36.0855 1224 IPMIDRV - ok
09:25:36.0892 1224 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:25:36.0917 1224 IPNAT - ok
09:25:36.0945 1224 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
09:25:36.0987 1224 irda - ok
09:25:37.0024 1224 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:25:37.0053 1224 IRENUM - ok
09:25:37.0099 1224 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
09:25:37.0161 1224 Irmon - ok
09:25:37.0185 1224 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:25:37.0201 1224 isapnp - ok
09:25:37.0238 1224 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:25:37.0259 1224 iScsiPrt - ok
09:25:37.0300 1224 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:25:37.0314 1224 iteatapi - ok
09:25:37.0337 1224 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:25:37.0351 1224 iteraid - ok
09:25:37.0368 1224 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:25:37.0383 1224 kbdclass - ok
09:25:37.0402 1224 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:25:37.0437 1224 kbdhid - ok
09:25:37.0501 1224 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
09:25:37.0545 1224 KeyIso - ok
09:25:37.0599 1224 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:25:37.0626 1224 KSecDD - ok
09:25:37.0651 1224 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:25:37.0746 1224 KtmRm - ok
09:25:37.0792 1224 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
09:25:37.0833 1224 LanmanServer - ok
09:25:37.0861 1224 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:25:37.0906 1224 LanmanWorkstation - ok
09:25:37.0947 1224 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
09:25:37.0969 1224 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
09:25:37.0969 1224 LightScribeService - detected UnsignedFile.Multi.Generic (1)
09:25:38.0006 1224 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:25:38.0067 1224 lltdio - ok
09:25:38.0104 1224 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:25:38.0150 1224 lltdsvc - ok
09:25:38.0181 1224 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:25:38.0234 1224 lmhosts - ok
09:25:38.0280 1224 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:25:38.0295 1224 LSI_FC - ok
09:25:38.0310 1224 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:25:38.0324 1224 LSI_SAS - ok
09:25:38.0344 1224 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:25:38.0359 1224 LSI_SCSI - ok
09:25:38.0373 1224 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
09:25:38.0448 1224 luafv - ok
09:25:38.0484 1224 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:25:38.0497 1224 MBAMProtector - ok
09:25:38.0553 1224 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:25:38.0622 1224 MBAMService - ok
09:25:38.0696 1224 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:25:38.0720 1224 Mcx2Svc - ok
09:25:38.0778 1224 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
09:25:38.0795 1224 megasas - ok
09:25:38.0824 1224 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:25:38.0851 1224 MegaSR - ok
09:25:38.0885 1224 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
09:25:38.0931 1224 MMCSS - ok
09:25:38.0958 1224 MobilityService - ok
09:25:38.0976 1224 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
09:25:39.0026 1224 Modem - ok
09:25:39.0041 1224 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:25:39.0087 1224 monitor - ok
09:25:39.0119 1224 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:25:39.0131 1224 mouclass - ok
09:25:39.0143 1224 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:25:39.0170 1224 mouhid - ok
09:25:39.0186 1224 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:25:39.0199 1224 MountMgr - ok
09:25:39.0217 1224 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
09:25:39.0232 1224 mpio - ok
09:25:39.0254 1224 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:25:39.0278 1224 mpsdrv - ok
09:25:39.0314 1224 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
09:25:39.0377 1224 MpsSvc - ok
09:25:39.0393 1224 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:25:39.0404 1224 Mraid35x - ok
09:25:39.0436 1224 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:25:39.0459 1224 MRxDAV - ok
09:25:39.0493 1224 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:25:39.0508 1224 mrxsmb - ok
09:25:39.0541 1224 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:25:39.0574 1224 mrxsmb10 - ok
09:25:39.0601 1224 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:25:39.0618 1224 mrxsmb20 - ok
09:25:39.0651 1224 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
09:25:39.0667 1224 msahci - ok
09:25:39.0712 1224 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:25:39.0729 1224 msdsm - ok
09:25:39.0747 1224 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
09:25:39.0788 1224 MSDTC - ok
09:25:39.0803 1224 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:25:39.0838 1224 Msfs - ok
09:25:39.0845 1224 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:25:39.0861 1224 msisadrv - ok
09:25:39.0914 1224 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:25:39.0942 1224 MSiSCSI - ok
09:25:39.0949 1224 msiserver - ok
09:25:39.0971 1224 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:25:40.0015 1224 MSKSSRV - ok
09:25:40.0032 1224 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:25:40.0057 1224 MSPCLOCK - ok
09:25:40.0077 1224 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:25:40.0104 1224 MSPQM - ok
09:25:40.0129 1224 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:25:40.0146 1224 MsRPC - ok
09:25:40.0160 1224 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:25:40.0173 1224 mssmbios - ok
09:25:40.0190 1224 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:25:40.0215 1224 MSTEE - ok
09:25:40.0233 1224 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
09:25:40.0247 1224 Mup - ok
09:25:40.0277 1224 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
09:25:40.0322 1224 napagent - ok
09:25:40.0360 1224 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:25:40.0385 1224 NativeWifiP - ok
09:25:40.0424 1224 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:25:40.0491 1224 NDIS - ok
09:25:40.0539 1224 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:25:40.0575 1224 NdisTapi - ok
09:25:40.0594 1224 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:25:40.0624 1224 Ndisuio - ok
09:25:40.0639 1224 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:25:40.0665 1224 NdisWan - ok
09:25:40.0678 1224 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:25:40.0699 1224 NDProxy - ok
09:25:40.0713 1224 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:25:40.0750 1224 NetBIOS - ok
09:25:40.0787 1224 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:25:40.0822 1224 netbt - ok
09:25:40.0859 1224 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
09:25:40.0878 1224 Netlogon - ok
09:25:40.0913 1224 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
09:25:40.0960 1224 Netman - ok
09:25:41.0006 1224 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
09:25:41.0051 1224 netprofm - ok
09:25:41.0084 1224 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:25:41.0099 1224 NetTcpPortSharing - ok
09:25:41.0134 1224 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:25:41.0148 1224 nfrd960 - ok
09:25:41.0174 1224 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:25:41.0209 1224 NlaSvc - ok
09:25:41.0274 1224 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
09:25:41.0341 1224 nmwcd - ok
09:25:41.0388 1224 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
09:25:41.0429 1224 nmwcdc - ok
09:25:41.0477 1224 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:25:41.0506 1224 Npfs - ok
09:25:41.0524 1224 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
09:25:41.0591 1224 NSCIRDA - ok
09:25:41.0639 1224 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
09:25:41.0682 1224 nsi - ok
09:25:41.0721 1224 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:25:41.0747 1224 nsiproxy - ok
09:25:41.0803 1224 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:25:41.0876 1224 Ntfs - ok
09:25:41.0897 1224 [ CB76F68BA0D57C5D25B538981B1C611C ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
09:25:41.0910 1224 NTIBackupSvc - ok
09:25:41.0949 1224 [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
09:25:41.0958 1224 NTIDrvr - ok
09:25:42.0015 1224 [ DF1C10A75DF7E50195FC417F88A33227 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
09:25:42.0034 1224 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
09:25:42.0034 1224 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
09:25:42.0065 1224 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:25:42.0117 1224 ntrigdigi - ok
09:25:42.0133 1224 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
09:25:42.0176 1224 Null - ok
09:25:42.0194 1224 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:25:42.0209 1224 nvraid - ok
09:25:42.0227 1224 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:25:42.0241 1224 nvstor - ok
09:25:42.0257 1224 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:25:42.0273 1224 nv_agp - ok
09:25:42.0371 1224 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:25:42.0396 1224 odserv - ok
09:25:42.0412 1224 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:25:42.0439 1224 ohci1394 - ok
09:25:42.0463 1224 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:25:42.0477 1224 ose - ok
09:25:42.0523 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:25:42.0632 1224 p2pimsvc - ok
09:25:42.0646 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
09:25:42.0672 1224 p2psvc - ok
09:25:42.0704 1224 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
09:25:42.0757 1224 Parport - ok
09:25:42.0789 1224 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:25:42.0805 1224 partmgr - ok
09:25:42.0850 1224 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:25:42.0910 1224 Parvdm - ok
09:25:42.0966 1224 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
09:25:43.0011 1224 PcaSvc - ok
09:25:43.0037 1224 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
09:25:43.0054 1224 pccsmcfd - ok
09:25:43.0090 1224 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
09:25:43.0107 1224 pci - ok
09:25:43.0129 1224 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
09:25:43.0141 1224 pciide - ok
09:25:43.0166 1224 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:25:43.0184 1224 pcmcia - ok
09:25:43.0221 1224 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:25:43.0318 1224 PEAUTH - ok
09:25:43.0395 1224 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
09:25:43.0505 1224 pla - ok
09:25:43.0562 1224 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:25:43.0607 1224 PlugPlay - ok
09:25:43.0634 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:25:43.0672 1224 PNRPAutoReg - ok
09:25:43.0701 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:25:43.0763 1224 PNRPsvc - ok
09:25:43.0842 1224 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:25:43.0922 1224 PolicyAgent - ok
09:25:43.0963 1224 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:25:44.0010 1224 PptpMiniport - ok
09:25:44.0030 1224 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
09:25:44.0061 1224 Processor - ok
09:25:44.0095 1224 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
09:25:44.0130 1224 ProfSvc - ok
09:25:44.0139 1224 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:25:44.0159 1224 ProtectedStorage - ok
09:25:44.0190 1224 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:25:44.0225 1224 PSched - ok
09:25:44.0279 1224 [ 1DCBB35090CC4B2BD3D661E6089523C6 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
09:25:44.0290 1224 PSDFilter - ok
09:25:44.0303 1224 [ E26E46D619469964AC3609620F443867 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
09:25:44.0312 1224 PSDNServ - ok
09:25:44.0325 1224 [ 3E1D134AF2806867D06047C4CC33CC65 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
09:25:44.0335 1224 psdvdisk - ok
09:25:44.0384 1224 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:25:44.0463 1224 ql2300 - ok
09:25:44.0488 1224 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:25:44.0502 1224 ql40xx - ok
09:25:44.0546 1224 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
09:25:44.0580 1224 QWAVE - ok
09:25:44.0587 1224 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:25:44.0604 1224 QWAVEdrv - ok
09:25:44.0627 1224 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:25:44.0668 1224 RasAcd - ok
09:25:44.0684 1224 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
09:25:44.0734 1224 RasAuto - ok
09:25:44.0752 1224 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:25:44.0794 1224 Rasl2tp - ok
09:25:44.0854 1224 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
09:25:44.0897 1224 RasMan - ok
09:25:44.0931 1224 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:25:44.0967 1224 RasPppoe - ok
09:25:44.0998 1224 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:25:45.0013 1224 RasSstp - ok
09:25:45.0036 1224 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:25:45.0073 1224 rdbss - ok
09:25:45.0092 1224 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:25:45.0132 1224 RDPCDD - ok
09:25:45.0176 1224 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:25:45.0206 1224 rdpdr - ok
09:25:45.0213 1224 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:25:45.0240 1224 RDPENCDD - ok
09:25:45.0290 1224 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:25:45.0330 1224 RDPWD - ok
09:25:45.0367 1224 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:25:45.0395 1224 RemoteAccess - ok
09:25:45.0436 1224 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:25:45.0475 1224 RemoteRegistry - ok
09:25:45.0497 1224 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
09:25:45.0534 1224 RpcLocator - ok
09:25:45.0560 1224 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
09:25:45.0592 1224 RpcSs - ok
09:25:45.0641 1224 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:25:45.0715 1224 rspndr - ok
09:25:45.0757 1224 [ 73835C4F79ADC404EF39C8A9E2D4183B ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
09:25:45.0778 1224 RS_Service ( UnsignedFile.Multi.Generic ) - warning
09:25:45.0778 1224 RS_Service - detected UnsignedFile.Multi.Generic (1)
09:25:45.0810 1224 [ 30AF53469B2A60F693ACB24FBD90ABD7 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
09:25:45.0839 1224 RTSTOR - ok
09:25:45.0878 1224 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
09:25:45.0891 1224 s0016bus - ok
09:25:45.0917 1224 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
09:25:45.0926 1224 s0016mdfl - ok
09:25:45.0977 1224 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
09:25:45.0989 1224 s0016mdm - ok
09:25:46.0028 1224 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
09:25:46.0039 1224 s0017bus - ok
09:25:46.0060 1224 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
09:25:46.0070 1224 s0017mdfl - ok
09:25:46.0103 1224 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
09:25:46.0115 1224 s0017mdm - ok
09:25:46.0154 1224 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
09:25:46.0166 1224 s0017mgmt - ok
09:25:46.0193 1224 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
09:25:46.0203 1224 s0017nd5 - ok
09:25:46.0235 1224 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
09:25:46.0246 1224 s0017obex - ok
09:25:46.0278 1224 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
09:25:46.0292 1224 s0017unic - ok
09:25:46.0318 1224 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
09:25:46.0335 1224 SamSs - ok
09:25:46.0381 1224 SASDIFSV - ok
09:25:46.0386 1224 SASKUTIL - ok
09:25:47.0440 1224 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:25:47.0453 1224 sbp2port - ok
09:25:47.0487 1224 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:25:47.0511 1224 SCardSvr - ok
09:25:47.0559 1224 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
09:25:47.0715 1224 Schedule - ok
09:25:47.0765 1224 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:25:47.0786 1224 SCPolicySvc - ok
09:25:47.0804 1224 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:25:47.0876 1224 sdbus - ok
09:25:47.0921 1224 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:25:47.0990 1224 SDRSVC - ok
09:25:48.0021 1224 [ 97EC6C60112EBD40C07FE295A38AB1EA ] SE2Ebus C:\Windows\system32\DRIVERS\SE2Ebus.sys
09:25:48.0057 1224 SE2Ebus - ok
09:25:48.0088 1224 [ ABFE402BA200E82568A5606719397AFA ] SE2Emdfl C:\Windows\system32\DRIVERS\SE2Emdfl.sys
09:25:48.0119 1224 SE2Emdfl - ok
09:25:48.0146 1224 [ 4ACFE8A2A3C1624964429E83BC7148A4 ] SE2Emdm C:\Windows\system32\DRIVERS\SE2Emdm.sys
09:25:48.0162 1224 SE2Emdm - ok
09:25:48.0184 1224 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:25:48.0241 1224 secdrv - ok
09:25:48.0269 1224 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
09:25:48.0298 1224 seclogon - ok
09:25:48.0329 1224 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
09:25:48.0364 1224 SENS - ok
09:25:48.0393 1224 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:25:48.0452 1224 Serenum - ok
09:25:48.0467 1224 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
09:25:48.0524 1224 Serial - ok
09:25:48.0544 1224 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:25:48.0570 1224 sermouse - ok
09:25:48.0650 1224 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:25:48.0700 1224 ServiceLayer - ok
09:25:48.0748 1224 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
09:25:48.0776 1224 SessionEnv - ok
09:25:48.0799 1224 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:25:48.0823 1224 sffdisk - ok
09:25:48.0837 1224 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:25:48.0877 1224 sffp_mmc - ok
09:25:48.0894 1224 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:25:48.0935 1224 sffp_sd - ok
09:25:48.0951 1224 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:25:49.0008 1224 sfloppy - ok
09:25:49.0106 1224 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:25:49.0138 1224 SharedAccess - ok
09:25:49.0175 1224 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:25:49.0213 1224 ShellHWDetection - ok
09:25:49.0232 1224 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:25:49.0246 1224 sisagp - ok
09:25:49.0287 1224 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:25:49.0302 1224 SiSRaid2 - ok
09:25:49.0328 1224 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:25:49.0345 1224 SiSRaid4 - ok
09:25:49.0418 1224 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:25:49.0434 1224 SkypeUpdate - ok
09:25:49.0570 1224 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
09:25:49.0768 1224 slsvc - ok
09:25:49.0797 1224 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:25:49.0857 1224 SLUINotify - ok
09:25:49.0890 1224 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:25:49.0927 1224 Smb - ok
09:25:49.0985 1224 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:25:49.0999 1224 SNMPTRAP - ok
09:25:50.0027 1224 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
09:25:50.0039 1224 spldr - ok
09:25:50.0068 1224 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
09:25:50.0116 1224 Spooler - ok
09:25:50.0168 1224 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
09:25:50.0211 1224 sptd - ok
09:25:50.0245 1224 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:25:50.0267 1224 srv - ok
09:25:50.0320 1224 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:25:50.0338 1224 srv2 - ok
09:25:50.0359 1224 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:25:50.0389 1224 srvnet - ok
09:25:50.0454 1224 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:25:50.0519 1224 SSDPSRV - ok
09:25:50.0545 1224 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:25:50.0569 1224 SstpSvc - ok
09:25:50.0604 1224 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
09:25:50.0648 1224 stisvc - ok
09:25:50.0678 1224 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:25:50.0691 1224 swenum - ok
09:25:50.0735 1224 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
09:25:50.0785 1224 swprv - ok
09:25:50.0810 1224 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:25:50.0823 1224 Symc8xx - ok
09:25:50.0883 1224 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:25:50.0895 1224 Sym_hi - ok
09:25:50.0911 1224 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:25:50.0925 1224 Sym_u3 - ok
09:25:50.0967 1224 [ 32E8B307F0E9F72B66B518FD62EAB91E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:25:50.0982 1224 SynTP - ok
09:25:51.0021 1224 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
09:25:51.0105 1224 SysMain - ok
09:25:51.0151 1224 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:25:51.0188 1224 TabletInputService - ok
09:25:51.0220 1224 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:25:51.0251 1224 TapiSrv - ok
09:25:51.0277 1224 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
09:25:51.0324 1224 TBS - ok
09:25:51.0378 1224 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:25:51.0686 1224 Tcpip - ok
09:25:51.0706 1224 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:25:51.0763 1224 Tcpip6 - ok
09:25:51.0854 1224 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:25:51.0880 1224 tcpipreg - ok
09:25:51.0903 1224 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:25:51.0946 1224 TDPIPE - ok
09:25:51.0964 1224 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:25:51.0992 1224 TDTCP - ok
09:25:52.0030 1224 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:25:52.0051 1224 tdx - ok
09:25:52.0068 1224 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:25:52.0083 1224 TermDD - ok
09:25:52.0107 1224 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
09:25:52.0188 1224 TermService - ok
09:25:52.0211 1224 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
09:25:52.0231 1224 Themes - ok
09:25:52.0249 1224 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
09:25:52.0280 1224 THREADORDER - ok
09:25:52.0315 1224 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
09:25:52.0388 1224 TrkWks - ok
09:25:52.0420 1224 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:25:52.0457 1224 TrustedInstaller - ok
09:25:52.0516 1224 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:25:52.0557 1224 tssecsrv - ok
09:25:52.0570 1224 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:25:52.0599 1224 tunmp - ok
09:25:52.0635 1224 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:25:52.0653 1224 tunnel - ok
09:25:52.0673 1224 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:25:52.0687 1224 uagp35 - ok
09:25:52.0728 1224 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:25:52.0737 1224 UBHelper - ok
09:25:52.0764 1224 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:25:52.0790 1224 udfs - ok
09:25:52.0819 1224 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:25:52.0860 1224 UI0Detect - ok
09:25:52.0894 1224 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:25:52.0908 1224 uliagpkx - ok
09:25:52.0939 1224 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:25:52.0957 1224 uliahci - ok
09:25:52.0981 1224 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:25:52.0995 1224 UlSata - ok
09:25:53.0015 1224 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:25:53.0030 1224 ulsata2 - ok
09:25:53.0064 1224 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:25:53.0110 1224 umbus - ok
09:25:53.0145 1224 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
09:25:53.0198 1224 upnphost - ok
09:25:53.0254 1224 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
09:25:53.0305 1224 upperdev - ok
09:25:53.0367 1224 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:25:53.0395 1224 usbccgp - ok
09:25:53.0433 1224 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:25:53.0500 1224 usbcir - ok
09:25:53.0531 1224 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:25:53.0575 1224 usbehci - ok
09:25:53.0611 1224 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:25:53.0642 1224 usbhub - ok
09:25:53.0654 1224 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:25:53.0699 1224 usbohci - ok
09:25:53.0724 1224 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:25:53.0758 1224 usbprint - ok
09:25:53.0784 1224 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:25:53.0805 1224 usbscan - ok
09:25:53.0853 1224 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\drivers\usbser.sys
09:25:53.0875 1224 usbser - ok
09:25:53.0928 1224 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
09:25:53.0966 1224 UsbserFilt - ok
09:25:53.0998 1224 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:25:54.0054 1224 USBSTOR - ok
09:25:54.0077 1224 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:25:54.0102 1224 usbuhci - ok
09:25:54.0127 1224 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:25:54.0173 1224 usbvideo - ok
09:25:54.0194 1224 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
09:25:54.0220 1224 UxSms - ok
09:25:54.0264 1224 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
09:25:54.0343 1224 vds - ok
09:25:54.0394 1224 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:25:54.0430 1224 vga - ok
09:25:54.0448 1224 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
09:25:54.0484 1224 VgaSave - ok
09:25:54.0496 1224 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:25:54.0510 1224 viaagp - ok
09:25:54.0525 1224 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:25:54.0552 1224 ViaC7 - ok
09:25:54.0595 1224 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
09:25:54.0608 1224 viaide - ok
09:25:54.0624 1224 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:25:54.0637 1224 volmgr - ok
09:25:54.0695 1224 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:25:54.0716 1224 volmgrx - ok
09:25:54.0730 1224 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:25:54.0749 1224 volsnap - ok
09:25:54.0764 1224 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:25:54.0781 1224 vsmraid - ok
09:25:54.0853 1224 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
09:25:54.0955 1224 VSS - ok
09:25:55.0003 1224 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
09:25:55.0035 1224 W32Time - ok
09:25:55.0087 1224 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:25:55.0152 1224 WacomPen - ok
09:25:55.0170 1224 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:25:55.0210 1224 Wanarp - ok
09:25:55.0215 1224 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:25:55.0236 1224 Wanarpv6 - ok
09:25:55.0271 1224 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:25:55.0300 1224 wcncsvc - ok
09:25:55.0344 1224 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:25:55.0366 1224 WcsPlugInService - ok
09:25:55.0390 1224 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
09:25:55.0403 1224 Wd - ok
09:25:55.0491 1224 [ 77D80469DD64DFDDF3F2B881C68DCBE1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:25:55.0500 1224 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: 77D80469DD64DFDDF3F2B881C68DCBE1, Fake md5: 9950E3D0F08141C7E89E64456AE7DC73
09:25:55.0501 1224 Wdf01000 ( Virus.Win32.Rloader.a ) - infected
09:25:55.0501 1224 Wdf01000 - detected Virus.Win32.Rloader.a (0)
09:25:55.0526 1224 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:25:55.0562 1224 WdiServiceHost - ok
09:25:55.0567 1224 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:25:55.0600 1224 WdiSystemHost - ok
09:25:55.0651 1224 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
09:25:55.0686 1224 WebClient - ok
09:25:55.0740 1224 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:25:55.0805 1224 Wecsvc - ok
09:25:55.0818 1224 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:25:55.0847 1224 wercplsupport - ok
09:25:55.0878 1224 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
09:25:55.0910 1224 WerSvc - ok
09:25:55.0946 1224 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:25:56.0022 1224 winachsf - ok
09:25:56.0087 1224 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:25:56.0106 1224 WinDefend - ok
09:25:56.0134 1224 WinHttpAutoProxySvc - ok
09:25:56.0228 1224 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:25:56.0251 1224 Winmgmt - ok
09:25:56.0341 1224 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
09:25:56.0469 1224 WinRM - ok
09:25:56.0547 1224 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:25:56.0624 1224 Wlansvc - ok
09:25:56.0699 1224 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:25:56.0719 1224 WmiAcpi - ok
09:25:56.0747 1224 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:25:56.0782 1224 wmiApSrv - ok
09:25:56.0882 1224 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:25:56.0975 1224 WMPNetworkSvc - ok
09:25:57.0009 1224 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:25:57.0059 1224 WPCSvc - ok
09:25:57.0125 1224 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:25:57.0159 1224 WPDBusEnum - ok
09:25:57.0183 1224 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:25:57.0198 1224 WpdUsb - ok
09:25:57.0368 1224 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:25:57.0417 1224 WPFFontCache_v0400 - ok
09:25:57.0473 1224 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:25:57.0528 1224 ws2ifsl - ok
09:25:57.0554 1224 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
09:25:57.0600 1224 wscsvc - ok
09:25:57.0606 1224 WSearch - ok
09:25:57.0700 1224 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:25:57.0849 1224 wuauserv - ok
09:25:57.0931 1224 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:25:57.0959 1224 WudfPf - ok
09:25:57.0991 1224 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:25:58.0018 1224 WUDFRd - ok
09:25:58.0053 1224 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:25:58.0102 1224 wudfsvc - ok
09:25:58.0132 1224 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
09:25:58.0201 1224 yukonwlh - ok
09:25:58.0214 1224 ================ Scan global ===============================
09:25:58.0281 1224 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:25:58.0318 1224 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:25:58.0362 1224 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:25:58.0392 1224 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:25:58.0399 1224 [Global] - ok
09:25:58.0400 1224 ================ Scan MBR ==================================
09:25:58.0444 1224 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
09:26:01.0568 1224 \Device\Harddisk0\DR0 - ok
09:26:01.0569 1224 ================ Scan VBR ==================================
09:26:01.0630 1224 [ 5B3A8956EE1022E75044C159784E19FF ] \Device\Harddisk0\DR0\Partition1
09:26:01.0634 1224 \Device\Harddisk0\DR0\Partition1 - ok
09:26:01.0662 1224 [ 7D9A409FABDEA3848DE8B8542E4A7AA8 ] \Device\Harddisk0\DR0\Partition2
09:26:01.0666 1224 \Device\Harddisk0\DR0\Partition2 - ok
09:26:01.0666 1224 ============================================================
09:26:01.0666 1224 Scan finished
09:26:01.0666 1224 ============================================================
09:26:01.0687 3356 Detected object count: 7
09:26:01.0687 3356 Actual detected object count: 7

Alt 08.09.2012, 10:53   #12
markusg
/// Malware-holic
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



das komplette log
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.09.2012, 11:25   #13
Kékfrankos
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



Ich habe den Inhalt der Datei komplett markiert, kopiert und hier eingefügt. Vielleicht jetzt?

Zitat:
09:23:48.0812 4548 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:23:49.0042 4548 ============================================================
09:23:49.0042 4548 Current date / time: 2012/09/08 09:23:49.0042
09:23:49.0042 4548 SystemInfo:
09:23:49.0042 4548
09:23:49.0042 4548 OS Version: 6.0.6002 ServicePack: 2.0
09:23:49.0042 4548 Product type: Workstation
09:23:49.0042 4548 ComputerName: MELANIE-PC
09:23:49.0042 4548 UserName: Melanie
09:23:49.0042 4548 Windows directory: C:\Windows
09:23:49.0042 4548 System windows directory: C:\Windows
09:23:49.0042 4548 Processor architecture: Intel x86
09:23:49.0042 4548 Number of processors: 2
09:23:49.0042 4548 Page size: 0x1000
09:23:49.0042 4548 Boot type: Normal boot
09:23:49.0042 4548 ============================================================
09:23:50.0518 4548 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:23:50.0520 4548 ============================================================
09:23:50.0520 4548 \Device\Harddisk0\DR0:
09:23:50.0521 4548 MBR partitions:
09:23:50.0521 4548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x12057000
09:23:50.0521 4548 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x133DF800, BlocksNum 0x1204E800
09:23:50.0521 4548 ============================================================
09:23:50.0572 4548 C: <-> \Device\Harddisk0\DR0\Partition1
09:23:50.0616 4548 D: <-> \Device\Harddisk0\DR0\Partition2
09:23:50.0616 4548 ============================================================
09:23:50.0616 4548 Initialize success
09:23:50.0616 4548 ============================================================
09:25:21.0469 1224 ============================================================
09:25:21.0469 1224 Scan started
09:25:21.0469 1224 Mode: Manual; SigCheck; TDLFS;
09:25:21.0469 1224 ============================================================
09:25:23.0018 1224 ================ Scan system memory ========================
09:25:23.0019 1224 System memory - ok
09:25:23.0019 1224 ================ Scan services =============================
09:25:23.0546 1224 5776 - ok
09:25:23.0776 1224 [ EC818AED40E3359FE49DDB1700151E56 ] ACEDRV09 C:\Windows\system32\drivers\ACEDRV09.sys
09:25:23.0907 1224 ACEDRV09 - ok
09:25:24.0358 1224 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:25:24.0383 1224 ACPI - ok
09:25:25.0043 1224 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:25:25.0055 1224 AdobeARMservice - ok
09:25:25.0158 1224 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:25:25.0173 1224 AdobeFlashPlayerUpdateSvc - ok
09:25:25.0207 1224 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:25:25.0235 1224 adp94xx - ok
09:25:25.0263 1224 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:25:25.0287 1224 adpahci - ok
09:25:25.0302 1224 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:25:25.0320 1224 adpu160m - ok
09:25:25.0365 1224 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:25:25.0382 1224 adpu320 - ok
09:25:25.0459 1224 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:25:25.0519 1224 AeLookupSvc - ok
09:25:25.0554 1224 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
09:25:25.0615 1224 AFD - ok
09:25:25.0646 1224 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
09:25:25.0679 1224 AgereModemAudio - ok
09:25:25.0767 1224 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
09:25:25.0882 1224 AgereSoftModem - ok
09:25:25.0923 1224 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:25:25.0936 1224 agp440 - ok
09:25:25.0967 1224 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:25:25.0982 1224 aic78xx - ok
09:25:26.0039 1224 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
09:25:26.0067 1224 ALG - ok
09:25:26.0103 1224 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
09:25:26.0116 1224 aliide - ok
09:25:26.0130 1224 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:25:26.0144 1224 amdagp - ok
09:25:26.0163 1224 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
09:25:26.0175 1224 amdide - ok
09:25:26.0211 1224 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:25:26.0256 1224 AmdK7 - ok
09:25:26.0278 1224 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:25:26.0315 1224 AmdK8 - ok
09:25:26.0342 1224 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
09:25:26.0394 1224 Appinfo - ok
09:25:26.0424 1224 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
09:25:26.0441 1224 arc - ok
09:25:26.0464 1224 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:25:26.0482 1224 arcsas - ok
09:25:26.0525 1224 [ E54E27976E2C5A6465D44C10B1D87AC0 ] ASPI C:\Windows\System32\DRIVERS\ASPI32.sys
09:25:26.0555 1224 ASPI ( UnsignedFile.Multi.Generic ) - warning
09:25:26.0555 1224 ASPI - detected UnsignedFile.Multi.Generic (1)
09:25:26.0580 1224 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:25:26.0620 1224 AsyncMac - ok
09:25:26.0678 1224 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
09:25:26.0696 1224 atapi - ok
09:25:26.0734 1224 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:25:26.0771 1224 AudioEndpointBuilder - ok
09:25:26.0811 1224 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:25:26.0834 1224 Audiosrv - ok
09:25:26.0870 1224 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:25:26.0924 1224 b57nd60x - ok
09:25:27.0136 1224 [ E22ABCAA7B6FF580FEB0D49545DC4263 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
09:25:27.0229 1224 BCM43XX - ok
09:25:27.0348 1224 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
09:25:27.0417 1224 Beep - ok
09:25:27.0475 1224 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
09:25:27.0519 1224 BFE - ok
09:25:27.0580 1224 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
09:25:27.0629 1224 BITS - ok
09:25:27.0668 1224 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:25:27.0695 1224 blbdrive - ok
09:25:27.0723 1224 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:25:27.0747 1224 bowser - ok
09:25:27.0769 1224 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:25:27.0801 1224 BrFiltLo - ok
09:25:27.0835 1224 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:25:27.0872 1224 BrFiltUp - ok
09:25:27.0960 1224 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
09:25:28.0027 1224 Browser - ok
09:25:28.0049 1224 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:25:28.0112 1224 Brserid - ok
09:25:28.0139 1224 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:25:28.0233 1224 BrSerWdm - ok
09:25:28.0252 1224 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:25:28.0314 1224 BrUsbMdm - ok
09:25:28.0330 1224 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:25:28.0388 1224 BrUsbSer - ok
09:25:28.0403 1224 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:25:28.0462 1224 BTHMODEM - ok
09:25:28.0523 1224 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
09:25:28.0528 1224 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
09:25:28.0528 1224 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
09:25:28.0557 1224 catchme - ok
09:25:28.0580 1224 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:25:28.0624 1224 cdfs - ok
09:25:28.0658 1224 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:25:28.0692 1224 cdrom - ok
09:25:28.0719 1224 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
09:25:28.0753 1224 CertPropSvc - ok
09:25:28.0773 1224 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
09:25:28.0814 1224 circlass - ok
09:25:28.0850 1224 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
09:25:28.0871 1224 CLFS - ok
09:25:28.0943 1224 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:25:28.0957 1224 clr_optimization_v2.0.50727_32 - ok
09:25:29.0036 1224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:25:29.0051 1224 clr_optimization_v4.0.30319_32 - ok
09:25:29.0073 1224 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:25:29.0116 1224 CmBatt - ok
09:25:29.0134 1224 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:25:29.0147 1224 cmdide - ok
09:25:29.0184 1224 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:25:29.0198 1224 Compbatt - ok
09:25:29.0205 1224 COMSysApp - ok
09:25:29.0215 1224 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:25:29.0230 1224 crcdisk - ok
09:25:29.0246 1224 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:25:29.0289 1224 Crusoe - ok
09:25:29.0336 1224 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:25:29.0356 1224 CryptSvc - ok
09:25:29.0406 1224 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:25:29.0487 1224 DcomLaunch - ok
09:25:29.0523 1224 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:25:29.0554 1224 DfsC - ok
09:25:29.0640 1224 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
09:25:29.0791 1224 DFSR - ok
09:25:29.0824 1224 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:25:29.0864 1224 Dhcp - ok
09:25:29.0896 1224 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
09:25:29.0910 1224 disk - ok
09:25:29.0931 1224 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
09:25:29.0942 1224 DKbFltr - ok
09:25:29.0970 1224 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:25:30.0003 1224 Dnscache - ok
09:25:30.0043 1224 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:25:30.0087 1224 dot3svc - ok
09:25:30.0115 1224 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
09:25:30.0148 1224 DPS - ok
09:25:30.0190 1224 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:25:30.0233 1224 drmkaud - ok
09:25:30.0281 1224 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:25:30.0327 1224 DXGKrnl - ok
09:25:30.0356 1224 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:25:30.0388 1224 E1G60 - ok
09:25:30.0427 1224 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
09:25:30.0451 1224 EapHost - ok
09:25:30.0479 1224 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:25:30.0499 1224 Ecache - ok
09:25:30.0578 1224 [ 2CE2DDCB1A41ED4488A2A8B98D286B3D ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
09:25:30.0605 1224 eDataSecurity Service - ok
09:25:30.0647 1224 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:25:30.0676 1224 ehRecvr - ok
09:25:30.0715 1224 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
09:25:30.0774 1224 ehSched - ok
09:25:30.0812 1224 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
09:25:30.0836 1224 ehstart - ok
09:25:30.0885 1224 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:25:30.0908 1224 elxstor - ok
09:25:31.0490 1224 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:25:31.0590 1224 EMDMgmt - ok
09:25:31.0647 1224 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:25:31.0684 1224 ErrDev - ok
09:25:31.0726 1224 [ A51FD9DF23720485991F56741BBEFCFB ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
09:25:31.0738 1224 ETService ( UnsignedFile.Multi.Generic ) - warning
09:25:31.0739 1224 ETService - detected UnsignedFile.Multi.Generic (1)
09:25:31.0830 1224 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
09:25:31.0867 1224 EventSystem - ok
09:25:31.0904 1224 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
09:25:31.0940 1224 exfat - ok
09:25:31.0967 1224 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:25:31.0992 1224 fastfat - ok
09:25:32.0039 1224 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:25:32.0077 1224 fdc - ok
09:25:32.0103 1224 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
09:25:32.0133 1224 fdPHost - ok
09:25:32.0179 1224 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
09:25:32.0231 1224 FDResPub - ok
09:25:32.0279 1224 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:25:32.0292 1224 FileInfo - ok
09:25:32.0313 1224 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:25:32.0352 1224 Filetrace - ok
09:25:32.0397 1224 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:25:32.0429 1224 flpydisk - ok
09:25:32.0456 1224 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:25:32.0475 1224 FltMgr - ok
09:25:32.0522 1224 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
09:25:32.0606 1224 FontCache - ok
09:25:32.0688 1224 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:25:32.0701 1224 FontCache3.0.0.0 - ok
09:25:32.0750 1224 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:25:32.0781 1224 Fs_Rec - ok
09:25:32.0811 1224 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:25:32.0826 1224 gagp30kx - ok
09:25:33.0034 1224 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
09:25:33.0148 1224 gpsvc - ok
09:25:33.0263 1224 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9fbf99e8cea12 C:\Program Files\Google\Update\GoogleUpdate.exe
09:25:33.0276 1224 gupdate1c9fbf99e8cea12 - ok
09:25:33.0282 1224 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:25:33.0293 1224 gupdatem - ok
09:25:33.0345 1224 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:25:33.0360 1224 gusvc - ok
09:25:33.0404 1224 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:25:33.0475 1224 HdAudAddService - ok
09:25:33.0515 1224 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:25:33.0567 1224 HDAudBus - ok
09:25:33.0597 1224 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:25:33.0649 1224 HidBth - ok
09:25:33.0665 1224 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:25:33.0732 1224 HidIr - ok
09:25:33.0796 1224 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
09:25:33.0851 1224 hidserv - ok
09:25:33.0883 1224 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:25:33.0907 1224 HidUsb - ok
09:25:33.0940 1224 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:25:33.0987 1224 hkmsvc - ok
09:25:34.0027 1224 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:25:34.0046 1224 HpCISSs - ok
09:25:34.0094 1224 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:25:34.0141 1224 HSFHWAZL - ok
09:25:34.0180 1224 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:25:34.0286 1224 HSF_DPV - ok
09:25:34.0416 1224 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:25:34.0465 1224 HTTP - ok
09:25:34.0508 1224 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:25:34.0523 1224 i2omp - ok
09:25:34.0557 1224 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:25:34.0592 1224 i8042prt - ok
09:25:34.0618 1224 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:25:34.0640 1224 iaStorV - ok
09:25:34.0733 1224 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:25:34.0805 1224 idsvc - ok
09:25:35.0456 1224 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:25:35.0931 1224 igfx - ok
09:25:35.0976 1224 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:25:35.0988 1224 iirsp - ok
09:25:36.0058 1224 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
09:25:36.0110 1224 IKEEXT - ok
09:25:36.0143 1224 [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15 C:\Windows\system32\drivers\int15.sys
09:25:36.0152 1224 int15 - ok
09:25:36.0235 1224 [ 219CA9A36D6DE2EC04F958C907673436 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:25:36.0415 1224 IntcAzAudAddService - ok
09:25:36.0474 1224 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
09:25:36.0492 1224 intelide - ok
09:25:36.0511 1224 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:25:36.0563 1224 intelppm - ok
09:25:36.0600 1224 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:25:36.0641 1224 IPBusEnum - ok
09:25:36.0658 1224 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:25:36.0691 1224 IpFilterDriver - ok
09:25:36.0764 1224 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:25:36.0793 1224 iphlpsvc - ok
09:25:36.0830 1224 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:25:36.0855 1224 IPMIDRV - ok
09:25:36.0892 1224 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:25:36.0917 1224 IPNAT - ok
09:25:36.0945 1224 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
09:25:36.0987 1224 irda - ok
09:25:37.0024 1224 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:25:37.0053 1224 IRENUM - ok
09:25:37.0099 1224 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
09:25:37.0161 1224 Irmon - ok
09:25:37.0185 1224 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:25:37.0201 1224 isapnp - ok
09:25:37.0238 1224 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:25:37.0259 1224 iScsiPrt - ok
09:25:37.0300 1224 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:25:37.0314 1224 iteatapi - ok
09:25:37.0337 1224 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:25:37.0351 1224 iteraid - ok
09:25:37.0368 1224 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:25:37.0383 1224 kbdclass - ok
09:25:37.0402 1224 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:25:37.0437 1224 kbdhid - ok
09:25:37.0501 1224 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
09:25:37.0545 1224 KeyIso - ok
09:25:37.0599 1224 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:25:37.0626 1224 KSecDD - ok
09:25:37.0651 1224 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:25:37.0746 1224 KtmRm - ok
09:25:37.0792 1224 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
09:25:37.0833 1224 LanmanServer - ok
09:25:37.0861 1224 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:25:37.0906 1224 LanmanWorkstation - ok
09:25:37.0947 1224 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
09:25:37.0969 1224 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
09:25:37.0969 1224 LightScribeService - detected UnsignedFile.Multi.Generic (1)
09:25:38.0006 1224 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:25:38.0067 1224 lltdio - ok
09:25:38.0104 1224 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:25:38.0150 1224 lltdsvc - ok
09:25:38.0181 1224 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:25:38.0234 1224 lmhosts - ok
09:25:38.0280 1224 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:25:38.0295 1224 LSI_FC - ok
09:25:38.0310 1224 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:25:38.0324 1224 LSI_SAS - ok
09:25:38.0344 1224 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:25:38.0359 1224 LSI_SCSI - ok
09:25:38.0373 1224 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
09:25:38.0448 1224 luafv - ok
09:25:38.0484 1224 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:25:38.0497 1224 MBAMProtector - ok
09:25:38.0553 1224 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:25:38.0622 1224 MBAMService - ok
09:25:38.0696 1224 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:25:38.0720 1224 Mcx2Svc - ok
09:25:38.0778 1224 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
09:25:38.0795 1224 megasas - ok
09:25:38.0824 1224 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:25:38.0851 1224 MegaSR - ok
09:25:38.0885 1224 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
09:25:38.0931 1224 MMCSS - ok
09:25:38.0958 1224 MobilityService - ok
09:25:38.0976 1224 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
09:25:39.0026 1224 Modem - ok
09:25:39.0041 1224 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:25:39.0087 1224 monitor - ok
09:25:39.0119 1224 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:25:39.0131 1224 mouclass - ok
09:25:39.0143 1224 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:25:39.0170 1224 mouhid - ok
09:25:39.0186 1224 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:25:39.0199 1224 MountMgr - ok
09:25:39.0217 1224 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
09:25:39.0232 1224 mpio - ok
09:25:39.0254 1224 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:25:39.0278 1224 mpsdrv - ok
09:25:39.0314 1224 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
09:25:39.0377 1224 MpsSvc - ok
09:25:39.0393 1224 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:25:39.0404 1224 Mraid35x - ok
09:25:39.0436 1224 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:25:39.0459 1224 MRxDAV - ok
09:25:39.0493 1224 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:25:39.0508 1224 mrxsmb - ok
09:25:39.0541 1224 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:25:39.0574 1224 mrxsmb10 - ok
09:25:39.0601 1224 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:25:39.0618 1224 mrxsmb20 - ok
09:25:39.0651 1224 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
09:25:39.0667 1224 msahci - ok
09:25:39.0712 1224 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:25:39.0729 1224 msdsm - ok
09:25:39.0747 1224 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
09:25:39.0788 1224 MSDTC - ok
09:25:39.0803 1224 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:25:39.0838 1224 Msfs - ok
09:25:39.0845 1224 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:25:39.0861 1224 msisadrv - ok
09:25:39.0914 1224 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:25:39.0942 1224 MSiSCSI - ok
09:25:39.0949 1224 msiserver - ok
09:25:39.0971 1224 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:25:40.0015 1224 MSKSSRV - ok
09:25:40.0032 1224 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:25:40.0057 1224 MSPCLOCK - ok
09:25:40.0077 1224 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:25:40.0104 1224 MSPQM - ok
09:25:40.0129 1224 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:25:40.0146 1224 MsRPC - ok
09:25:40.0160 1224 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:25:40.0173 1224 mssmbios - ok
09:25:40.0190 1224 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:25:40.0215 1224 MSTEE - ok
09:25:40.0233 1224 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
09:25:40.0247 1224 Mup - ok
09:25:40.0277 1224 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
09:25:40.0322 1224 napagent - ok
09:25:40.0360 1224 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:25:40.0385 1224 NativeWifiP - ok
09:25:40.0424 1224 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:25:40.0491 1224 NDIS - ok
09:25:40.0539 1224 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:25:40.0575 1224 NdisTapi - ok
09:25:40.0594 1224 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:25:40.0624 1224 Ndisuio - ok
09:25:40.0639 1224 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:25:40.0665 1224 NdisWan - ok
09:25:40.0678 1224 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:25:40.0699 1224 NDProxy - ok
09:25:40.0713 1224 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:25:40.0750 1224 NetBIOS - ok
09:25:40.0787 1224 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:25:40.0822 1224 netbt - ok
09:25:40.0859 1224 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
09:25:40.0878 1224 Netlogon - ok
09:25:40.0913 1224 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
09:25:40.0960 1224 Netman - ok
09:25:41.0006 1224 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
09:25:41.0051 1224 netprofm - ok
09:25:41.0084 1224 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:25:41.0099 1224 NetTcpPortSharing - ok
09:25:41.0134 1224 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:25:41.0148 1224 nfrd960 - ok
09:25:41.0174 1224 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:25:41.0209 1224 NlaSvc - ok
09:25:41.0274 1224 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
09:25:41.0341 1224 nmwcd - ok
09:25:41.0388 1224 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
09:25:41.0429 1224 nmwcdc - ok
09:25:41.0477 1224 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:25:41.0506 1224 Npfs - ok
09:25:41.0524 1224 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
09:25:41.0591 1224 NSCIRDA - ok
09:25:41.0639 1224 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
09:25:41.0682 1224 nsi - ok
09:25:41.0721 1224 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:25:41.0747 1224 nsiproxy - ok
09:25:41.0803 1224 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:25:41.0876 1224 Ntfs - ok
09:25:41.0897 1224 [ CB76F68BA0D57C5D25B538981B1C611C ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
09:25:41.0910 1224 NTIBackupSvc - ok
09:25:41.0949 1224 [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
09:25:41.0958 1224 NTIDrvr - ok
09:25:42.0015 1224 [ DF1C10A75DF7E50195FC417F88A33227 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
09:25:42.0034 1224 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
09:25:42.0034 1224 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
09:25:42.0065 1224 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:25:42.0117 1224 ntrigdigi - ok
09:25:42.0133 1224 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
09:25:42.0176 1224 Null - ok
09:25:42.0194 1224 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:25:42.0209 1224 nvraid - ok
09:25:42.0227 1224 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:25:42.0241 1224 nvstor - ok
09:25:42.0257 1224 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:25:42.0273 1224 nv_agp - ok
09:25:42.0371 1224 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:25:42.0396 1224 odserv - ok
09:25:42.0412 1224 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:25:42.0439 1224 ohci1394 - ok
09:25:42.0463 1224 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:25:42.0477 1224 ose - ok
09:25:42.0523 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:25:42.0632 1224 p2pimsvc - ok
09:25:42.0646 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
09:25:42.0672 1224 p2psvc - ok
09:25:42.0704 1224 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
09:25:42.0757 1224 Parport - ok
09:25:42.0789 1224 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:25:42.0805 1224 partmgr - ok
09:25:42.0850 1224 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:25:42.0910 1224 Parvdm - ok
09:25:42.0966 1224 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
09:25:43.0011 1224 PcaSvc - ok
09:25:43.0037 1224 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
09:25:43.0054 1224 pccsmcfd - ok
09:25:43.0090 1224 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
09:25:43.0107 1224 pci - ok
09:25:43.0129 1224 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
09:25:43.0141 1224 pciide - ok
09:25:43.0166 1224 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:25:43.0184 1224 pcmcia - ok
09:25:43.0221 1224 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:25:43.0318 1224 PEAUTH - ok
09:25:43.0395 1224 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
09:25:43.0505 1224 pla - ok
09:25:43.0562 1224 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:25:43.0607 1224 PlugPlay - ok
09:25:43.0634 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:25:43.0672 1224 PNRPAutoReg - ok
09:25:43.0701 1224 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:25:43.0763 1224 PNRPsvc - ok
09:25:43.0842 1224 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:25:43.0922 1224 PolicyAgent - ok
09:25:43.0963 1224 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:25:44.0010 1224 PptpMiniport - ok
09:25:44.0030 1224 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
09:25:44.0061 1224 Processor - ok
09:25:44.0095 1224 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
09:25:44.0130 1224 ProfSvc - ok
09:25:44.0139 1224 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:25:44.0159 1224 ProtectedStorage - ok
09:25:44.0190 1224 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:25:44.0225 1224 PSched - ok
09:25:44.0279 1224 [ 1DCBB35090CC4B2BD3D661E6089523C6 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
09:25:44.0290 1224 PSDFilter - ok
09:25:44.0303 1224 [ E26E46D619469964AC3609620F443867 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
09:25:44.0312 1224 PSDNServ - ok
09:25:44.0325 1224 [ 3E1D134AF2806867D06047C4CC33CC65 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
09:25:44.0335 1224 psdvdisk - ok
09:25:44.0384 1224 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:25:44.0463 1224 ql2300 - ok
09:25:44.0488 1224 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:25:44.0502 1224 ql40xx - ok
09:25:44.0546 1224 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
09:25:44.0580 1224 QWAVE - ok
09:25:44.0587 1224 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:25:44.0604 1224 QWAVEdrv - ok
09:25:44.0627 1224 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:25:44.0668 1224 RasAcd - ok
09:25:44.0684 1224 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
09:25:44.0734 1224 RasAuto - ok
09:25:44.0752 1224 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:25:44.0794 1224 Rasl2tp - ok
09:25:44.0854 1224 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
09:25:44.0897 1224 RasMan - ok
09:25:44.0931 1224 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:25:44.0967 1224 RasPppoe - ok
09:25:44.0998 1224 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:25:45.0013 1224 RasSstp - ok
09:25:45.0036 1224 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:25:45.0073 1224 rdbss - ok
09:25:45.0092 1224 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:25:45.0132 1224 RDPCDD - ok
09:25:45.0176 1224 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:25:45.0206 1224 rdpdr - ok
09:25:45.0213 1224 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:25:45.0240 1224 RDPENCDD - ok
09:25:45.0290 1224 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:25:45.0330 1224 RDPWD - ok
09:25:45.0367 1224 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:25:45.0395 1224 RemoteAccess - ok
09:25:45.0436 1224 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:25:45.0475 1224 RemoteRegistry - ok
09:25:45.0497 1224 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
09:25:45.0534 1224 RpcLocator - ok
09:25:45.0560 1224 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
09:25:45.0592 1224 RpcSs - ok
09:25:45.0641 1224 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:25:45.0715 1224 rspndr - ok
09:25:45.0757 1224 [ 73835C4F79ADC404EF39C8A9E2D4183B ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
09:25:45.0778 1224 RS_Service ( UnsignedFile.Multi.Generic ) - warning
09:25:45.0778 1224 RS_Service - detected UnsignedFile.Multi.Generic (1)
09:25:45.0810 1224 [ 30AF53469B2A60F693ACB24FBD90ABD7 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
09:25:45.0839 1224 RTSTOR - ok
09:25:45.0878 1224 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
09:25:45.0891 1224 s0016bus - ok
09:25:45.0917 1224 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
09:25:45.0926 1224 s0016mdfl - ok
09:25:45.0977 1224 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
09:25:45.0989 1224 s0016mdm - ok
09:25:46.0028 1224 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
09:25:46.0039 1224 s0017bus - ok
09:25:46.0060 1224 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
09:25:46.0070 1224 s0017mdfl - ok
09:25:46.0103 1224 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
09:25:46.0115 1224 s0017mdm - ok
09:25:46.0154 1224 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
09:25:46.0166 1224 s0017mgmt - ok
09:25:46.0193 1224 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
09:25:46.0203 1224 s0017nd5 - ok
09:25:46.0235 1224 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
09:25:46.0246 1224 s0017obex - ok
09:25:46.0278 1224 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
09:25:46.0292 1224 s0017unic - ok
09:25:46.0318 1224 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
09:25:46.0335 1224 SamSs - ok
09:25:46.0381 1224 SASDIFSV - ok
09:25:46.0386 1224 SASKUTIL - ok
09:25:47.0440 1224 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:25:47.0453 1224 sbp2port - ok
09:25:47.0487 1224 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:25:47.0511 1224 SCardSvr - ok
09:25:47.0559 1224 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
09:25:47.0715 1224 Schedule - ok
09:25:47.0765 1224 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:25:47.0786 1224 SCPolicySvc - ok
09:25:47.0804 1224 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:25:47.0876 1224 sdbus - ok
09:25:47.0921 1224 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:25:47.0990 1224 SDRSVC - ok
09:25:48.0021 1224 [ 97EC6C60112EBD40C07FE295A38AB1EA ] SE2Ebus C:\Windows\system32\DRIVERS\SE2Ebus.sys
09:25:48.0057 1224 SE2Ebus - ok
09:25:48.0088 1224 [ ABFE402BA200E82568A5606719397AFA ] SE2Emdfl C:\Windows\system32\DRIVERS\SE2Emdfl.sys
09:25:48.0119 1224 SE2Emdfl - ok
09:25:48.0146 1224 [ 4ACFE8A2A3C1624964429E83BC7148A4 ] SE2Emdm C:\Windows\system32\DRIVERS\SE2Emdm.sys
09:25:48.0162 1224 SE2Emdm - ok
09:25:48.0184 1224 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:25:48.0241 1224 secdrv - ok
09:25:48.0269 1224 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
09:25:48.0298 1224 seclogon - ok
09:25:48.0329 1224 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
09:25:48.0364 1224 SENS - ok
09:25:48.0393 1224 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:25:48.0452 1224 Serenum - ok
09:25:48.0467 1224 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
09:25:48.0524 1224 Serial - ok
09:25:48.0544 1224 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:25:48.0570 1224 sermouse - ok
09:25:48.0650 1224 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:25:48.0700 1224 ServiceLayer - ok
09:25:48.0748 1224 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
09:25:48.0776 1224 SessionEnv - ok
09:25:48.0799 1224 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:25:48.0823 1224 sffdisk - ok
09:25:48.0837 1224 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:25:48.0877 1224 sffp_mmc - ok
09:25:48.0894 1224 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:25:48.0935 1224 sffp_sd - ok
09:25:48.0951 1224 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:25:49.0008 1224 sfloppy - ok
09:25:49.0106 1224 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:25:49.0138 1224 SharedAccess - ok
09:25:49.0175 1224 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:25:49.0213 1224 ShellHWDetection - ok
09:25:49.0232 1224 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:25:49.0246 1224 sisagp - ok
09:25:49.0287 1224 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:25:49.0302 1224 SiSRaid2 - ok
09:25:49.0328 1224 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:25:49.0345 1224 SiSRaid4 - ok
09:25:49.0418 1224 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:25:49.0434 1224 SkypeUpdate - ok
09:25:49.0570 1224 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
09:25:49.0768 1224 slsvc - ok
09:25:49.0797 1224 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:25:49.0857 1224 SLUINotify - ok
09:25:49.0890 1224 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:25:49.0927 1224 Smb - ok
09:25:49.0985 1224 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:25:49.0999 1224 SNMPTRAP - ok
09:25:50.0027 1224 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
09:25:50.0039 1224 spldr - ok
09:25:50.0068 1224 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
09:25:50.0116 1224 Spooler - ok
09:25:50.0168 1224 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
09:25:50.0211 1224 sptd - ok
09:25:50.0245 1224 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:25:50.0267 1224 srv - ok
09:25:50.0320 1224 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:25:50.0338 1224 srv2 - ok
09:25:50.0359 1224 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:25:50.0389 1224 srvnet - ok
09:25:50.0454 1224 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:25:50.0519 1224 SSDPSRV - ok
09:25:50.0545 1224 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:25:50.0569 1224 SstpSvc - ok
09:25:50.0604 1224 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
09:25:50.0648 1224 stisvc - ok
09:25:50.0678 1224 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:25:50.0691 1224 swenum - ok
09:25:50.0735 1224 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
09:25:50.0785 1224 swprv - ok
09:25:50.0810 1224 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:25:50.0823 1224 Symc8xx - ok
09:25:50.0883 1224 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:25:50.0895 1224 Sym_hi - ok
09:25:50.0911 1224 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:25:50.0925 1224 Sym_u3 - ok
09:25:50.0967 1224 [ 32E8B307F0E9F72B66B518FD62EAB91E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:25:50.0982 1224 SynTP - ok
09:25:51.0021 1224 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
09:25:51.0105 1224 SysMain - ok
09:25:51.0151 1224 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:25:51.0188 1224 TabletInputService - ok
09:25:51.0220 1224 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:25:51.0251 1224 TapiSrv - ok
09:25:51.0277 1224 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
09:25:51.0324 1224 TBS - ok
09:25:51.0378 1224 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:25:51.0686 1224 Tcpip - ok
09:25:51.0706 1224 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:25:51.0763 1224 Tcpip6 - ok
09:25:51.0854 1224 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:25:51.0880 1224 tcpipreg - ok
09:25:51.0903 1224 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:25:51.0946 1224 TDPIPE - ok
09:25:51.0964 1224 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:25:51.0992 1224 TDTCP - ok
09:25:52.0030 1224 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:25:52.0051 1224 tdx - ok
09:25:52.0068 1224 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:25:52.0083 1224 TermDD - ok
09:25:52.0107 1224 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
09:25:52.0188 1224 TermService - ok
09:25:52.0211 1224 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
09:25:52.0231 1224 Themes - ok
09:25:52.0249 1224 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
09:25:52.0280 1224 THREADORDER - ok
09:25:52.0315 1224 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
09:25:52.0388 1224 TrkWks - ok
09:25:52.0420 1224 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:25:52.0457 1224 TrustedInstaller - ok
09:25:52.0516 1224 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:25:52.0557 1224 tssecsrv - ok
09:25:52.0570 1224 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:25:52.0599 1224 tunmp - ok
09:25:52.0635 1224 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:25:52.0653 1224 tunnel - ok
09:25:52.0673 1224 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:25:52.0687 1224 uagp35 - ok
09:25:52.0728 1224 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:25:52.0737 1224 UBHelper - ok
09:25:52.0764 1224 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:25:52.0790 1224 udfs - ok
09:25:52.0819 1224 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:25:52.0860 1224 UI0Detect - ok
09:25:52.0894 1224 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:25:52.0908 1224 uliagpkx - ok
09:25:52.0939 1224 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:25:52.0957 1224 uliahci - ok
09:25:52.0981 1224 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:25:52.0995 1224 UlSata - ok
09:25:53.0015 1224 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:25:53.0030 1224 ulsata2 - ok
09:25:53.0064 1224 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:25:53.0110 1224 umbus - ok
09:25:53.0145 1224 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
09:25:53.0198 1224 upnphost - ok
09:25:53.0254 1224 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
09:25:53.0305 1224 upperdev - ok
09:25:53.0367 1224 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:25:53.0395 1224 usbccgp - ok
09:25:53.0433 1224 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:25:53.0500 1224 usbcir - ok
09:25:53.0531 1224 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:25:53.0575 1224 usbehci - ok
09:25:53.0611 1224 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:25:53.0642 1224 usbhub - ok
09:25:53.0654 1224 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:25:53.0699 1224 usbohci - ok
09:25:53.0724 1224 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:25:53.0758 1224 usbprint - ok
09:25:53.0784 1224 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:25:53.0805 1224 usbscan - ok
09:25:53.0853 1224 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\drivers\usbser.sys
09:25:53.0875 1224 usbser - ok
09:25:53.0928 1224 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
09:25:53.0966 1224 UsbserFilt - ok
09:25:53.0998 1224 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:25:54.0054 1224 USBSTOR - ok
09:25:54.0077 1224 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:25:54.0102 1224 usbuhci - ok
09:25:54.0127 1224 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:25:54.0173 1224 usbvideo - ok
09:25:54.0194 1224 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
09:25:54.0220 1224 UxSms - ok
09:25:54.0264 1224 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
09:25:54.0343 1224 vds - ok
09:25:54.0394 1224 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:25:54.0430 1224 vga - ok
09:25:54.0448 1224 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
09:25:54.0484 1224 VgaSave - ok
09:25:54.0496 1224 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:25:54.0510 1224 viaagp - ok
09:25:54.0525 1224 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:25:54.0552 1224 ViaC7 - ok
09:25:54.0595 1224 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
09:25:54.0608 1224 viaide - ok
09:25:54.0624 1224 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:25:54.0637 1224 volmgr - ok
09:25:54.0695 1224 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:25:54.0716 1224 volmgrx - ok
09:25:54.0730 1224 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:25:54.0749 1224 volsnap - ok
09:25:54.0764 1224 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:25:54.0781 1224 vsmraid - ok
09:25:54.0853 1224 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
09:25:54.0955 1224 VSS - ok
09:25:55.0003 1224 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
09:25:55.0035 1224 W32Time - ok
09:25:55.0087 1224 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:25:55.0152 1224 WacomPen - ok
09:25:55.0170 1224 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:25:55.0210 1224 Wanarp - ok
09:25:55.0215 1224 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:25:55.0236 1224 Wanarpv6 - ok
09:25:55.0271 1224 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:25:55.0300 1224 wcncsvc - ok
09:25:55.0344 1224 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:25:55.0366 1224 WcsPlugInService - ok
09:25:55.0390 1224 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
09:25:55.0403 1224 Wd - ok
09:25:55.0491 1224 [ 77D80469DD64DFDDF3F2B881C68DCBE1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:25:55.0500 1224 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: 77D80469DD64DFDDF3F2B881C68DCBE1, Fake md5: 9950E3D0F08141C7E89E64456AE7DC73
09:25:55.0501 1224 Wdf01000 ( Virus.Win32.Rloader.a ) - infected
09:25:55.0501 1224 Wdf01000 - detected Virus.Win32.Rloader.a (0)
09:25:55.0526 1224 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:25:55.0562 1224 WdiServiceHost - ok
09:25:55.0567 1224 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:25:55.0600 1224 WdiSystemHost - ok
09:25:55.0651 1224 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
09:25:55.0686 1224 WebClient - ok
09:25:55.0740 1224 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:25:55.0805 1224 Wecsvc - ok
09:25:55.0818 1224 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:25:55.0847 1224 wercplsupport - ok
09:25:55.0878 1224 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
09:25:55.0910 1224 WerSvc - ok
09:25:55.0946 1224 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:25:56.0022 1224 winachsf - ok
09:25:56.0087 1224 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:25:56.0106 1224 WinDefend - ok
09:25:56.0134 1224 WinHttpAutoProxySvc - ok
09:25:56.0228 1224 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:25:56.0251 1224 Winmgmt - ok
09:25:56.0341 1224 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
09:25:56.0469 1224 WinRM - ok
09:25:56.0547 1224 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:25:56.0624 1224 Wlansvc - ok
09:25:56.0699 1224 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:25:56.0719 1224 WmiAcpi - ok
09:25:56.0747 1224 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:25:56.0782 1224 wmiApSrv - ok
09:25:56.0882 1224 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:25:56.0975 1224 WMPNetworkSvc - ok
09:25:57.0009 1224 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:25:57.0059 1224 WPCSvc - ok
09:25:57.0125 1224 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:25:57.0159 1224 WPDBusEnum - ok
09:25:57.0183 1224 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:25:57.0198 1224 WpdUsb - ok
09:25:57.0368 1224 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:25:57.0417 1224 WPFFontCache_v0400 - ok
09:25:57.0473 1224 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:25:57.0528 1224 ws2ifsl - ok
09:25:57.0554 1224 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
09:25:57.0600 1224 wscsvc - ok
09:25:57.0606 1224 WSearch - ok
09:25:57.0700 1224 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:25:57.0849 1224 wuauserv - ok
09:25:57.0931 1224 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:25:57.0959 1224 WudfPf - ok
09:25:57.0991 1224 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:25:58.0018 1224 WUDFRd - ok
09:25:58.0053 1224 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:25:58.0102 1224 wudfsvc - ok
09:25:58.0132 1224 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
09:25:58.0201 1224 yukonwlh - ok
09:25:58.0214 1224 ================ Scan global ===============================
09:25:58.0281 1224 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:25:58.0318 1224 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:25:58.0362 1224 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:25:58.0392 1224 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:25:58.0399 1224 [Global] - ok
09:25:58.0400 1224 ================ Scan MBR ==================================
09:25:58.0444 1224 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
09:26:01.0568 1224 \Device\Harddisk0\DR0 - ok
09:26:01.0569 1224 ================ Scan VBR ==================================
09:26:01.0630 1224 [ 5B3A8956EE1022E75044C159784E19FF ] \Device\Harddisk0\DR0\Partition1
09:26:01.0634 1224 \Device\Harddisk0\DR0\Partition1 - ok
09:26:01.0662 1224 [ 7D9A409FABDEA3848DE8B8542E4A7AA8 ] \Device\Harddisk0\DR0\Partition2
09:26:01.0666 1224 \Device\Harddisk0\DR0\Partition2 - ok
09:26:01.0666 1224 ============================================================
09:26:01.0666 1224 Scan finished
09:26:01.0666 1224 ============================================================
09:26:01.0687 3356 Detected object count: 7
09:26:01.0687 3356 Actual detected object count: 7

Alt 08.09.2012, 11:26   #14
markusg
/// Malware-holic
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



hi die neueste version vom tdss killer hast du? also frisch geladen?
dann scanne noch mal, wähle scip und dann schließe den scanner, poste das neue log.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.09.2012, 11:28   #15
Kékfrankos
 
Internetprobleme. Ein Schädling oder falsche Einstellungen? - Standard

Internetprobleme. Ein Schädling oder falsche Einstellungen?



Ach den Scanner schließen? Hatte ihn noch auf, weil ich dachte, das ich dann dort irgendwas machen soll. Ich scanne nochmal neu, wähle dann überall Skip, schließe den Scanner und poste das neue Log.

Antwort

Themen zu Internetprobleme. Ein Schädling oder falsche Einstellungen?
anderen, angezeigt, browser, cache, ebenfalls, einstellungen, falsche, freundin, funktioniert, gen, klicke, meldung, modem, netzwerkadapter, router, schädling, screen, seite, seiten, start, suche, verbindung, verschiedene, website, zurücksetzen




Ähnliche Themen: Internetprobleme. Ein Schädling oder falsche Einstellungen?


  1. Microsoft Security Essentials Einstellungen oder Alternative
    Antiviren-, Firewall- und andere Schutzprogramme - 05.09.2014 (6)
  2. Evtl. Hacker oder Schädling auf dem Pc
    Plagegeister aller Art und deren Bekämpfung - 17.06.2014 (17)
  3. Virus? Fehlerhaftes Plug-In? Falsche Einstellungen
    Plagegeister aller Art und deren Bekämpfung - 22.02.2014 (15)
  4. Unerwünschtes Programm oder Virus im Verzeichnis C:\Dokumente und Einstellungen
    Plagegeister aller Art und deren Bekämpfung - 11.01.2014 (1)
  5. SSD wirklich kaputt oder stimmen nur nicht die BIOS Einstellungen?
    Netzwerk und Hardware - 08.01.2014 (1)
  6. TR/Injector.gi in C:\Dokumente und Einstellungen\Test\Lokale Einstellungen\Temp\qxtndqxofj.pre
    Log-Analyse und Auswertung - 01.06.2013 (3)
  7. TR/Agent.73728.15 in C:\Dokumente und Einstellungen\Alexander\deadorziwaty.exe und \Lokale Einstellungen\Temp\1463906.exe
    Log-Analyse und Auswertung - 21.12.2012 (27)
  8. Trojan horse Dropper.Generic5.TDZ in C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Te
    Plagegeister aller Art und deren Bekämpfung - 28.02.2012 (31)
  9. Jegliche Einstellungen mit Scrolleigenschaft oder Auswahl werden immer nach oben Gescrollt
    Plagegeister aller Art und deren Bekämpfung - 29.06.2011 (10)
  10. C:\Dokumente und Einstellungen\mein name\Lokale Einstellungen\Temp csrss.exe Win32.FakeAlert.tt
    Plagegeister aller Art und deren Bekämpfung - 11.03.2011 (8)
  11. HTML/Malicious.PDF.Gen in C:\Dokumente und Einstellungen\admin\Lokale Einstellungen gefunden.
    Plagegeister aller Art und deren Bekämpfung - 25.08.2010 (1)
  12. TR/PSW.Kates.CA.7 - C:\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temp\...
    Log-Analyse und Auswertung - 16.04.2010 (18)
  13. Exploit.JS.Pdfka.bvg in C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\temp\
    Plagegeister aller Art und deren Bekämpfung - 19.03.2010 (8)
  14. RAM defekt oder Schädling?
    Log-Analyse und Auswertung - 23.01.2009 (0)
  15. Schädling oder dummer Spam???
    Plagegeister aller Art und deren Bekämpfung - 19.07.2006 (1)
  16. Schädling, oder nicht ?
    Plagegeister aller Art und deren Bekämpfung - 13.09.2005 (9)
  17. Schädling oder nicht Schädling ?!?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2004 (0)

Zum Thema Internetprobleme. Ein Schädling oder falsche Einstellungen? - Hallo, Ich habe ein Internetproblem. Denn es funktioniert sogut wie garnicht mehr. Cache ist gelöscht. Bei anderen Browser besteht das gleiche Problem. Die Ladezeiten sind sehr lang. Meist kommt dann...."Die - Internetprobleme. Ein Schädling oder falsche Einstellungen?...
Archiv
Du betrachtest: Internetprobleme. Ein Schädling oder falsche Einstellungen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.