GVU-Trojaner! Benötige dringend Hilfe!

gunnarw · 15.05.2013, 15:47

Hilfeeee! Auch ich habe mir den GVU-Trojaner eingefangen. Könnt ihr mir weiterhelfen?
Habe den Rechner nun im abgesicherten Modus über Netzwerk gestartet und den Quick Scan mit OTL nach eurer Beschreibung durchgeführt. Nun habe ich folgende Logfiles:

Extras.txtOTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 15.05.2013 16:29:34 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\GunnarW\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 81,79% Memory free
3,73 Gb Paging File | 3,58 Gb Available in Paging File | 96,18% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 93,15 Gb Total Space | 38,53 Gb Free Space | 41,37% Space Free | Partition Type: NTFS
Drive D: | 139,73 Gb Total Space | 129,28 Gb Free Space | 92,52% Space Free | Partition Type: NTFS
 
Computer Name: GUNNAR | User Name: GunnarW | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"15783:UDP" = 15783:UDP:*:Enabled:UDP 15783
"17711:TCP" = 17711:TCP:*:Enabled:TCP 17711
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Software\SweetImSetup.exe" = C:\Software\SweetImSetup.exe:*:Enabled:SweetIM Installer
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Spotify\spotify.exe" = C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype  -- (Skype Technologies S.A.)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FF2C26-DBCE-DADA-BEE5-0928E0F8F623}" = CCC Help German
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05F4ABAC-8697-2291-16D8-4BFD7DD78B59}" = CCC Help Japanese
"{07C85A90-668F-A807-5C67-975E0777A9E8}" = Catalyst Control Center Localization Russian
"{0A755762-EED8-47AB-A446-505766F93D43}" = Atheros Communications Inc.(R) L2 Fast Ethernet Driver
"{0EA06F05-4320-E4DC-4374-E6C0986C964D}" = Catalyst Control Center Localization Finnish
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{137C5C08-8B6F-497A-1529-502359B3BA88}" = Catalyst Control Center Localization Polish
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{17EE76BB-5264-8946-DA8F-D564ED25EDDD}" = CCC Help English
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 26
"{27599825-6BD9-1081-D1CC-0BFC01157204}" = CCC Help Hungarian
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2E13776F-DEAF-7C83-C2A9-3BF073D51BFD}" = Catalyst Control Center Localization Swedish
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3482A5D0-F16D-A6C9-397F-8D85EA61BF93}" = Catalyst Control Center Localization Norwegian
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3CA756-9FB1-60D9-4435-6D9FEB42C637}" = Catalyst Control Center Localization Dutch
"{3E4039F8-5DA8-0414-B7E1-8DA8C8FC1565}" = Catalyst Control Center Localization Thai
"{415CD877-0970-4CB6-B178-1E72F7DC60E7}" = MyScript HWR (German)
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{47C6C88F-FA95-49C8-B57D-5C5F093738E1}" = iTunes
"{48D4215F-414F-1554-8534-E3D8156C0666}" = Skins
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A0FAC3C-852D-C0A3-1715-6F844C184CF0}" = CCC Help Portuguese
"{4B29B49E-F274-58CE-25D2-791570F1619A}" = CCC Help French
"{4B546AE5-DF17-6D39-A846-A9ECD0153C9A}" = Catalyst Control Center Localization Greek
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54DDB1B0-5E5B-4637-99DD-7A364CE6A75B}}_is1" = VX-Software 9 v.9.1.3.2
"{57EF4BC7-0C52-1872-C0CE-AEAB996E5626}" = Catalyst Control Center Localization Korean
"{5B701396-48C3-A3FA-43DB-FF975446759C}" = Catalyst Control Center Localization French
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5ECA8F33-8F8E-1042-2082-5F02E64D6140}" = CCC Help Polish
"{68B84920-CD46-8C5B-DABE-EC0FF6F0C703}" = Catalyst Control Center Localization German
"{6AF75C96-2093-51F4-0412-501CB317A7F9}" = CCC Help Thai
"{6D219284-A368-A0A5-AA55-8BAAE9EA60CC}" = Catalyst Control Center Localization Japanese
"{732442CA-AFFC-E75D-C586-2A3C71D8CFFE}" = CCC Help Finnish
"{767EE8DA-A2AA-00A9-1A21-9584E00867B8}" = Catalyst Control Center Core Implementation
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{815B5312-F7B5-EDD5-A899-B0228C3C7F3A}" = CCC Help Turkish
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{857D4360-762B-978B-76AD-491AA719E47A}" = ccc-core-static
"{86552A3A-0437-319B-46C5-569FC9F7ACA9}" = ccc-utility
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89EAD7B4-1CAC-CC9E-F040-FE041A2EA77C}" = Catalyst Control Center Localization Spanish
"{8BE3174F-3BFE-8822-4493-A0519D1E4E94}" = Catalyst Control Center Localization Portuguese
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{9313E9A6-03DF-11D5-88F8-005004361016}" = Pinnacle TRex
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D7802F0-3C39-ED52-10D9-AE8A7FB5A94C}" = Catalyst Control Center Localization Hungarian
"{9F303CF8-2998-4541-C9F7-C3AAEC2B88B0}" = Catalyst Control Center Graphics Full Existing
"{A042FD6F-D051-ECE5-71C9-52ABFE36EBF9}" = Catalyst Control Center Localization Czech
"{A125DDDB-E0C0-08E0-F04C-7B5409DFFC79}" = Catalyst Control Center Graphics Light
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB1E9EC2-42E4-E801-83BB-AAFF86DDEC7E}" = CCC Help Czech
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B02A3921-F7B7-C73F-395B-8172C9EE4006}" = Catalyst Control Center Localization Italian
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD17DEF2-8970-E4F5-337A-C10DE4D33F29}" = CCC Help Korean
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5A2542D-CF79-3EE6-7673-2CEDA2338172}" = CCC Help Greek
"{C69B9631-B617-B714-7FE2-6FCD5B891ACD}" = Catalyst Control Center Localization Chinese Traditional
"{C6D7BC96-A608-0908-F6E7-53C118423087}" = CCC Help Chinese Standard
"{C8A4038E-4DA5-879D-A353-7443FC3EE22C}" = CCC Help Spanish
"{C9B7D4A2-7A42-96BC-DE77-6EB23F1116A8}" = CCC Help Swedish
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE344E77-B015-C6D0-9A1B-0EA0043E7A52}" = CCC Help Russian
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D9D45F79-D38C-9BCA-4023-6F3E365D5D25}" = CCC Help Dutch
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}" = Branding
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4BCF2E7-B181-C240-B6EC-04A8FA633EEF}" = Catalyst Control Center Graphics Full New
"{E91EBA1F-DA25-58B2-365F-FB76BDC81F86}" = Catalyst Control Center Localization Turkish
"{EA2F03AD-BF9D-EECC-F24C-549046AEC17A}" = Catalyst Control Center Localization Danish
"{EE78C2A7-1413-105B-DC86-3F9FA6B10C2F}" = CCC Help Danish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AAE965-966C-104E-ECCD-9F111A83139C}" = CCC Help Italian
"{F3AEE6A8-5FA3-F9AA-8CA7-D1AAD6352065}" = Catalyst Control Center Localization Chinese Standard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7F564DD-A790-D01A-5390-6D1386AA5621}" = CCC Help Norwegian
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FD9B0D38-7B82-5A3A-E046-D8DBF3F06A93}" = CCC Help Chinese Traditional
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitZipper_is1" = BitZipper 2010
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"GPL Ghostscript 9.04" = GPL Ghostscript
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PDFKey Pro" = PDFKey Pro
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SP_9d47ade0" = EasyLife Search 1.74
"SP_b376809d" = BrowseToSave 1.74
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam
"VLC media player" = VLC media player 1.1.11
"vShare" = vShare Plugin
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Game Organizer" = EasyBits GO
"JNLP" = JNLP
"Kies Air Discovery Service" = Kies Air Discovery Service
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.02.2013 12:17:20 | Computer Name = GUNNAR | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 06.02.2013 05:51:35 | Computer Name = GUNNAR | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 07.02.2013 03:52:45 | Computer Name = GUNNAR | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 11.02.2013 04:52:27 | Computer Name = GUNNAR | Source = ESENT | ID = 490
Description = svchost (1176) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 13.02.2013 06:26:56 | Computer Name = GUNNAR | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 13.02.2013 07:14:23 | Computer Name = GUNNAR | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OUTLOOK.EXE, Version 12.0.6665.5003, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 13.02.2013 07:14:23 | Computer Name = GUNNAR | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 outlook.exe, P2 12.0.6665.5003, P3
 ntdll.dll, P4 5.1.2600.6055, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
 
Error - 15.02.2013 08:45:50 | Computer Name = GUNNAR | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
 WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
 
Error - 21.02.2013 02:37:08 | Computer Name = GUNNAR | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 28.02.2013 02:57:46 | Computer Name = GUNNAR | Source = MsiInstaller | ID = 11609
Description = 
 
[ OSession Events ]
Error - 12.04.2011 08:18:37 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1908
 seconds with 1080 seconds of active time.  This session ended with a crash.
 
Error - 08.08.2011 14:51:54 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 835
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 17.08.2011 05:56:02 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 179
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 02.10.2011 16:47:04 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 22
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 22.11.2011 14:18:32 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 609
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 09.08.2012 12:18:20 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 569
 seconds with 540 seconds of active time.  This session ended with a crash.
 
Error - 17.10.2012 05:24:57 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3907
 seconds with 2940 seconds of active time.  This session ended with a crash.
 
Error - 17.10.2012 05:26:08 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 57
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 17.10.2012 05:42:12 | Computer Name = GUNNAR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 496
 seconds with 480 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 02.05.2013 15:51:48 | Computer Name = GUNNAR | Source = Print | ID = 6161
Description = Das Dokument Microsoft Word - Skript.docx, im Besitz von GunnarW, 
konnte nicht auf dem Drucker Canon MP550 series Printer gedruckt werden. Datentyp:
 NT EMF 1.008. Größe der Warteschlangendatei in Bytes: 262144. Anzahl der gedruckten
 Bytes: 30960. Gesamtanzahl der Seiten des Dokuments: 7. Anzahl der gedruckten Seiten:
 0. Clientcomputer: \\GUNNAR. Vom Druckprozessor zurückgelieferter Win32-Fehlercode:
 13 (0xd). 
 
Error - 13.05.2013 09:18:36 | Computer Name = GUNNAR | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 13.05.2013 09:19:44 | Computer Name = GUNNAR | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   avipbb  avkmgr  Fips  intelppm  ssmdrv
 
Error - 13.05.2013 09:54:03 | Computer Name = GUNNAR | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 13.05.2013 09:54:21 | Computer Name = GUNNAR | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 15.05.2013 09:22:21 | Computer Name = GUNNAR | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 15.05.2013 09:23:36 | Computer Name = GUNNAR | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   avipbb  avkmgr  Fips  intelppm  ssmdrv
 
Error - 15.05.2013 10:00:13 | Computer Name = GUNNAR | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 15.05.2013 10:12:11 | Computer Name = GUNNAR | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 15.05.2013 10:13:25 | Computer Name = GUNNAR | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   avipbb  avkmgr  Fips  intelppm  ssmdrv
 
 
< End of report >

--- --- ---

OTL.txtOTL Logfile:

Code:

ATTFilter

OTL logfile created on: 15.05.2013 16:29:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\GunnarW\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 81,79% Memory free
3,73 Gb Paging File | 3,58 Gb Available in Paging File | 96,18% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 93,15 Gb Total Space | 38,53 Gb Free Space | 41,37% Space Free | Partition Type: NTFS
Drive D: | 139,73 Gb Total Space | 129,28 Gb Free Space | 92,52% Space Free | Partition Type: NTFS
 
Computer Name: GUNNAR | User Name: GunnarW | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\GunnarW\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Skype C2C Service) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ACS) -- C:\WINDOWS\system32\acs.exe (Atheros)
SRV - (StkSSrv) -- C:\WINDOWS\system32\StkCSrv.exe (Syntek America Inc.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (smserial) -- system32\DRIVERS\smserial.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (AtcL002) -- C:\WINDOWS\system32\drivers\l251x86.sys (Atheros Communications, Inc.)
DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.)
DRV - (StkCMini) -- C:\WINDOWS\system32\drivers\StkCMini.sys (Syntek)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (kbfiltr) -- C:\WINDOWS\system32\drivers\kbfiltr.sys ( )
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.easylifeapp.com/?pid=499&r=2013/02/14&hid=817904650&lg=EN&cc=DE
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=499&r=2013/02/14&hid=817904650&lg=EN&cc=DE
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=499&r=2013/02/14&hid=817904650&lg=EN&cc=DE
IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: D:\Veetle\plugins\npVeetle.dll File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: D:\Veetle\Player\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [ACU] C:\Programme\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Wireless Console 2] C:\Programme\Wireless Console 2\wcourier.exe ()
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKCU..\Run: [Sysyem Cleaner] C:\Dokumente und Einstellungen\GunnarW\1741363.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\GunnarW\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1281990639328 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EB66CE7-37B6-4436-B025-63FD740D3FAB}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\easylife\sprote~1.dll) - c:\Programme\EasyLife\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~1\browse~1\sprote~1.dll) - c:\Programme\BrowseToSave\sprotector.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\GunnarW\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\GunnarW\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.16 21:17:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: ccc-core-static - msiexec /fums {857D4360-762B-978B-76AD-491AA719E47A} /qb
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^GunnarW^Startmenü^Programme^Autostart^Dropbox.lnk - C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: ATKHOTKEY - hkey= - key= - C:\Programme\ATK Hotkey\Hcontrol.exe (ATK0100)
MsConfig - StartUpReg: ATKOSD2 - hkey= - key= - C:\Programme\ATKOSD2\ATKOSD2.exe ()
MsConfig - StartUpReg: FreePDF Assistant - hkey= - key= -  File not found
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: ICQ - hkey= - key= -  File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SkyTel - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Spotify - hkey= - key= - C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Spotify\Spotify.exe (Spotify Ltd)
MsConfig - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe ()
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= -  File not found
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.25 22:05:34 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Connect 2
[2013.04.25 22:03:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013.04.25 22:03:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013.04.25 21:57:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.01.18 19:04:59 | 002,291,256 | ---- | C] (Pinnacle Systems) -- C:\Programme\TRex.exe
[2010.09.16 10:41:12 | 001,277,264 | ---- | C] (Microsoft Corporation) -- C:\Programme\wlmessengersetup-custom.exe
[2010.09.14 23:13:21 | 019,075,976 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup187Full.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.15 16:17:26 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\Desktop\Microsoft Office Outlook 2007.lnk
[2013.05.15 16:11:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.15 15:20:37 | 000,109,056 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\1741363.exe
[2013.05.15 13:59:24 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A42691D2-4E50-44F7-8D45-525364F2FD6C}.job
[2013.05.15 13:53:56 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.15 09:50:58 | 000,453,002 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.05.15 09:50:58 | 000,436,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.15 09:50:58 | 000,081,764 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.05.15 09:50:58 | 000,068,938 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.15 09:47:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.05.13 00:14:55 | 000,013,700 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.08 09:17:27 | 000,122,564 | ---- | M] () -- C:\Verenas Modetipps.pdf
[2013.04.28 16:48:00 | 000,026,112 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.26 08:22:52 | 000,127,841 | ---- | M] () -- C:\Teilnehmerliste Online-Regeltest April 2013.pdf
[2013.04.25 22:05:48 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.04.25 22:05:48 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.04.25 22:03:55 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.04.25 22:00:13 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.04.25 20:17:33 | 000,157,600 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\5526142.dll
[2013.04.23 09:45:30 | 000,051,898 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\.TransferManager.db
[2013.04.22 22:23:15 | 000,001,846 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\Desktop\Kies Air Discovery Service.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.15 15:20:35 | 000,109,056 | ---- | C] () -- C:\Dokumente und Einstellungen\GunnarW\1741363.exe
[2013.05.08 09:16:22 | 000,122,564 | ---- | C] () -- C:\Verenas Modetipps.pdf
[2013.04.26 08:22:52 | 000,127,841 | ---- | C] () -- C:\Teilnehmerliste Online-Regeltest April 2013.pdf
[2013.04.25 22:03:55 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.04.25 20:17:29 | 000,157,600 | ---- | C] () -- C:\Dokumente und Einstellungen\GunnarW\5526142.dll
[2013.04.23 09:45:30 | 000,051,898 | ---- | C] () -- C:\Dokumente und Einstellungen\GunnarW\.TransferManager.db
[2013.04.22 22:23:15 | 000,001,846 | ---- | C] () -- C:\Dokumente und Einstellungen\GunnarW\Desktop\Kies Air Discovery Service.lnk
[2013.03.06 19:10:29 | 000,234,600 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.10.18 13:27:44 | 083,023,306 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\epyks.pad
[2012.06.12 16:38:52 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2012.06.12 16:38:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2012.02.15 11:01:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.06.10 09:55:58 | 000,056,465 | ---- | C] () -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\B652.794
[2011.01.26 14:36:41 | 000,026,112 | ---- | C] () -- C:\Dokumente und Einstellungen\GunnarW\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2010.08.16 21:29:13 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.02.20 12:30:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2010.09.29 23:06:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Boss Media
[2010.08.30 16:39:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2013.01.02 15:25:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ClubSanDisk
[2011.05.02 18:59:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2011.10.13 11:50:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Easybits GO
[2011.07.15 21:49:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2013.02.14 11:19:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2013.02.14 11:19:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RightClick
[2011.05.02 18:59:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SMART Technologies
[2013.02.14 11:29:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.08.17 14:43:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.07.04 13:02:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\BitZipper
[2011.02.20 23:26:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\BSW
[2013.05.15 16:09:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Dropbox
[2013.03.02 11:47:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\DVDVideoSoft
[2010.08.17 15:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\DVDVideoSoftIEHelpers
[2013.03.02 11:42:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\FreePDF
[2011.10.13 10:34:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\go
[2012.04.23 21:55:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\ICQ
[2013.02.14 00:56:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Jizy
[2012.08.10 15:44:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\pdfforge
[2011.05.02 19:09:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\SMART Technologies
[2011.05.02 18:44:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\SMART Technologies Inc
[2012.11.19 16:18:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\Spotify
[2011.02.12 16:56:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\GunnarW\Anwendungsdaten\vShare
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.10.18 13:55:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2010.08.16 23:53:36 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013.01.08 15:08:47 | 000,000,000 | ---D | M] -- C:\Musik
[2013.04.25 22:05:34 | 000,000,000 | R--D | M] -- C:\Programme
[2010.08.16 21:46:26 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2013.04.25 22:02:10 | 000,000,000 | ---D | M] -- C:\Software
[2010.08.16 21:21:18 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.05.15 13:55:12 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %PROGRAMFILES%\*.exe >
[2010.09.14 23:13:23 | 019,075,976 | ---- | M] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup187Full.exe
[2011.01.18 19:05:04 | 002,291,256 | ---- | M] (Pinnacle Systems) -- C:\Programme\TRex.exe
[2010.09.16 10:41:13 | 001,277,264 | ---- | M] (Microsoft Corporation) -- C:\Programme\wlmessengersetup-custom.exe
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2008.04.14 04:23:08 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\h323.tsp
[2008.04.14 04:23:08 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2008.04.14 04:23:08 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipconf.tsp
[2008.04.14 04:23:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2008.04.14 04:23:08 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2008.04.14 04:23:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2008.04.14 04:23:08 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2010.08.16 21:15:34 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.08.16 21:21:17 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.08.17 14:41:56 | 000,000,276 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2011.04.14 10:10:43 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A42691D2-4E50-44F7-8D45-525364F2FD6C}.job
[2012.03.28 17:40:16 | 000,000,884 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2006.02.28 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2006.02.28 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2006.02.28 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2006.02.28 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2006.02.28 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2006.02.28 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2006.02.28 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2006.02.28 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.12.14 17:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2006.02.28 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.02.28 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2006.02.28 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2010.08.16 23:01:24 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.08.16 23:01:24 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.08.16 23:01:24 | 000,442,368 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2013.04.23 09:45:30 | 000,051,898 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\.TransferManager.db
[2013.05.15 15:20:37 | 000,109,056 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\1741363.exe
[2013.04.25 20:17:33 | 000,157,600 | ---- | M] () -- C:\Dokumente und Einstellungen\GunnarW\5526142.dll
[2013.05.15 16:01:53 | 006,029,312 | -H-- | M] () -- C:\Dokumente und Einstellungen\GunnarW\NTUSER.DAT
[2013.05.15 16:24:51 | 000,499,712 | -H-- | M] () -- C:\Dokumente und Einstellungen\GunnarW\ntuser.dat.LOG
[2013.05.15 16:00:14 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\GunnarW\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2013.04.12 16:00:54 | 001,876,480 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<        >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\csrss.exe:SummaryInformation
@Alternate Data Stream - 126 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:373E1720

< End of report >

--- --- ---

markusg · 15.05.2013, 15:59

b
Hi,

otl fix

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:OTL
O4 - HKCU..\Run: [Sysyem Cleaner] C:\Dokumente und Einstellungen\GunnarW\1741363.exe ()
:files
:Commands
[emptytemp]

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Drücke bitte die

+ E Taste.

Öffne dein Systemlaufwerk ( meistens C: )
Suche nun
folgenden Ordner: _OTL und öffne diesen.
Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
Dies wird eine Movedfiles.zip Datei in _OTL erstellen
Lade diese bitte in unseren Uploadchannel
hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

gunnarw · 15.05.2013, 16:21

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Sysyem Cleaner deleted successfully.
File C:\Dokumente und Einstellungen\GunnarW\1741363.exe not found.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.GUNNAR
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: GunnarW
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2110701 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 506 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 05152013_171759

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

markusg · 15.05.2013, 16:22

ok, dann mal weiter mit dem Upload.

gunnarw · 15.05.2013, 16:25

Der Upload hat funktioniert.

markusg · 15.05.2013, 16:30

sehr gut.
normaler Modus sollte gehen.
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

gunnarw · 15.05.2013, 16:39

Hier mein Logfile:

17:32:28.0984 0252 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:32:29.0109 0252 ============================================================
17:32:29.0109 0252 Current date / time: 2013/05/15 17:32:29.0109
17:32:29.0109 0252 SystemInfo:
17:32:29.0109 0252
17:32:29.0109 0252 OS Version: 5.1.2600 ServicePack: 3.0
17:32:29.0109 0252 Product type: Workstation
17:32:29.0109 0252 ComputerName: GUNNAR
17:32:29.0109 0252 UserName: GunnarW
17:32:29.0109 0252 Windows directory: C:\WINDOWS
17:32:29.0109 0252 System windows directory: C:\WINDOWS
17:32:29.0109 0252 Processor architecture: Intel x86
17:32:29.0109 0252 Number of processors: 2
17:32:29.0109 0252 Page size: 0x1000
17:32:29.0109 0252 Boot type: Normal boot
17:32:29.0109 0252 ============================================================
17:32:30.0390 0252 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:32:30.0437 0252 ============================================================
17:32:30.0437 0252 \Device\Harddisk0\DR0:
17:32:30.0437 0252 MBR partitions:
17:32:30.0437 0252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBA4CF41
17:32:30.0453 0252 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBA4CFBF, BlocksNum 0x117775C2
17:32:30.0453 0252 ============================================================
17:32:30.0468 0252 D: <-> \Device\Harddisk0\DR0\Partition2
17:32:30.0515 0252 C: <-> \Device\Harddisk0\DR0\Partition1
17:32:30.0515 0252 ============================================================
17:32:30.0515 0252 Initialize success
17:32:30.0515 0252 ============================================================
17:34:25.0875 1764 ============================================================
17:34:25.0875 1764 Scan started
17:34:25.0875 1764 Mode: Manual; SigCheck; TDLFS;
17:34:25.0875 1764 ============================================================
17:34:26.0156 1764 ================ Scan system memory ========================
17:34:26.0156 1764 System memory - ok
17:34:26.0156 1764 ================ Scan services =============================
17:34:26.0296 1764 Abiosdsk - ok
17:34:26.0296 1764 abp480n5 - ok
17:34:26.0359 1764 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:34:27.0140 1764 ACPI ( UnsignedFile.Multi.Generic ) - warning
17:34:27.0140 1764 ACPI - detected UnsignedFile.Multi.Generic (1)
17:34:27.0171 1764 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:34:27.0218 1764 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
17:34:27.0218 1764 ACPIEC - detected UnsignedFile.Multi.Generic (1)
17:34:27.0265 1764 [ 9FEFF3A731EAAB3EB34F2AF361D703EE ] ACS C:\WINDOWS\system32\acs.exe
17:34:27.0296 1764 ACS ( UnsignedFile.Multi.Generic ) - warning
17:34:27.0296 1764 ACS - detected UnsignedFile.Multi.Generic (1)
17:34:27.0390 1764 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:34:27.0500 1764 AdobeFlashPlayerUpdateSvc - ok
17:34:27.0500 1764 adpu160m - ok
17:34:27.0609 1764 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:34:27.0625 1764 aec ( UnsignedFile.Multi.Generic ) - warning
17:34:27.0625 1764 aec - detected UnsignedFile.Multi.Generic (1)
17:34:27.0671 1764 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:34:27.0687 1764 AFD ( UnsignedFile.Multi.Generic ) - warning
17:34:27.0687 1764 AFD - detected UnsignedFile.Multi.Generic (1)
17:34:27.0703 1764 Aha154x - ok
17:34:27.0718 1764 aic78u2 - ok
17:34:27.0718 1764 aic78xx - ok
17:34:27.0765 1764 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:34:27.0781 1764 Alerter ( UnsignedFile.Multi.Generic ) - warning
17:34:27.0781 1764 Alerter - detected UnsignedFile.Multi.Generic (1)
17:34:27.0812 1764 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
17:34:27.0828 1764 ALG ( UnsignedFile.Multi.Generic ) - warning
17:34:27.0828 1764 ALG - detected UnsignedFile.Multi.Generic (1)
17:34:27.0828 1764 AliIde - ok
17:34:27.0843 1764 amsint - ok
17:34:27.0953 1764 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
17:34:28.0093 1764 AntiVirSchedulerService - ok
17:34:28.0125 1764 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
17:34:28.0140 1764 AntiVirService - ok
17:34:28.0187 1764 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:34:28.0234 1764 Apple Mobile Device - ok
17:34:28.0234 1764 AppMgmt - ok
17:34:28.0281 1764 [ BD4A059B937A64F403E693DCAA26FE38 ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys
17:34:28.0359 1764 AR5211 ( UnsignedFile.Multi.Generic ) - warning
17:34:28.0359 1764 AR5211 - detected UnsignedFile.Multi.Generic (1)
17:34:28.0375 1764 asc - ok
17:34:28.0390 1764 asc3350p - ok
17:34:28.0390 1764 asc3550 - ok
17:34:28.0500 1764 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:34:28.0578 1764 aspnet_state - ok
17:34:28.0593 1764 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:34:28.0640 1764 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
17:34:28.0640 1764 AsyncMac - detected UnsignedFile.Multi.Generic (1)
17:34:28.0671 1764 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:34:28.0687 1764 atapi ( UnsignedFile.Multi.Generic ) - warning
17:34:28.0687 1764 atapi - detected UnsignedFile.Multi.Generic (1)
17:34:28.0703 1764 [ 5DD646E4C9E447D83D7E781EF202F709 ] AtcL002 C:\WINDOWS\system32\DRIVERS\l251x86.sys
17:34:28.0718 1764 AtcL002 ( UnsignedFile.Multi.Generic ) - warning
17:34:28.0718 1764 AtcL002 - detected UnsignedFile.Multi.Generic (1)
17:34:28.0734 1764 Atdisk - ok
17:34:28.0781 1764 [ 29B2874B3956B62C0DBEA32D75A8E776 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:34:28.0812 1764 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
17:34:28.0812 1764 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
17:34:28.0921 1764 [ A1789368B4A31D2111AF7AEDA0C8D3FC ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:34:29.0046 1764 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0046 1764 ati2mtag - detected UnsignedFile.Multi.Generic (1)
17:34:29.0078 1764 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:34:29.0093 1764 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0093 1764 Atmarpc - detected UnsignedFile.Multi.Generic (1)
17:34:29.0140 1764 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:34:29.0156 1764 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0156 1764 AudioSrv - detected UnsignedFile.Multi.Generic (1)
17:34:29.0187 1764 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:34:29.0203 1764 audstub ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0203 1764 audstub - detected UnsignedFile.Multi.Generic (1)
17:34:29.0234 1764 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:34:29.0312 1764 avgntflt - ok
17:34:29.0343 1764 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:34:29.0390 1764 avipbb - ok
17:34:29.0406 1764 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:34:29.0437 1764 avkmgr - ok
17:34:29.0484 1764 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:34:29.0500 1764 Beep ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0500 1764 Beep - detected UnsignedFile.Multi.Generic (1)
17:34:29.0546 1764 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
17:34:29.0593 1764 BITS ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0593 1764 BITS - detected UnsignedFile.Multi.Generic (1)
17:34:29.0656 1764 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
17:34:29.0703 1764 Bonjour Service - ok
17:34:29.0750 1764 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
17:34:29.0765 1764 Browser ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0765 1764 Browser - detected UnsignedFile.Multi.Generic (1)
17:34:29.0796 1764 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:34:29.0812 1764 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0812 1764 cbidf2k - detected UnsignedFile.Multi.Generic (1)
17:34:29.0843 1764 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:34:29.0859 1764 CCDECODE ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0859 1764 CCDECODE - detected UnsignedFile.Multi.Generic (1)
17:34:29.0875 1764 cd20xrnt - ok
17:34:29.0906 1764 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:34:29.0906 1764 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0906 1764 Cdaudio - detected UnsignedFile.Multi.Generic (1)
17:34:29.0937 1764 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:34:29.0953 1764 Cdfs ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0953 1764 Cdfs - detected UnsignedFile.Multi.Generic (1)
17:34:29.0968 1764 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:34:29.0984 1764 Cdrom ( UnsignedFile.Multi.Generic ) - warning
17:34:29.0984 1764 Cdrom - detected UnsignedFile.Multi.Generic (1)
17:34:30.0000 1764 Changer - ok
17:34:30.0046 1764 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:34:30.0062 1764 CiSvc ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0062 1764 CiSvc - detected UnsignedFile.Multi.Generic (1)
17:34:30.0093 1764 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:34:30.0109 1764 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0109 1764 ClipSrv - detected UnsignedFile.Multi.Generic (1)
17:34:30.0125 1764 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:34:30.0171 1764 clr_optimization_v2.0.50727_32 - ok
17:34:30.0203 1764 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:34:30.0218 1764 CmBatt ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0218 1764 CmBatt - detected UnsignedFile.Multi.Generic (1)
17:34:30.0218 1764 CmdIde - ok
17:34:30.0234 1764 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:34:30.0250 1764 Compbatt ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0250 1764 Compbatt - detected UnsignedFile.Multi.Generic (1)
17:34:30.0265 1764 COMSysApp - ok
17:34:30.0281 1764 Cpqarray - ok
17:34:30.0328 1764 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:34:30.0343 1764 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0343 1764 CryptSvc - detected UnsignedFile.Multi.Generic (1)
17:34:30.0359 1764 dac2w2k - ok
17:34:30.0375 1764 dac960nt - ok
17:34:30.0421 1764 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:34:30.0453 1764 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0453 1764 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
17:34:30.0484 1764 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:34:30.0500 1764 Dhcp ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0500 1764 Dhcp - detected UnsignedFile.Multi.Generic (1)
17:34:30.0515 1764 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:34:30.0531 1764 Disk ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0531 1764 Disk - detected UnsignedFile.Multi.Generic (1)
17:34:30.0546 1764 dmadmin - ok
17:34:30.0593 1764 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:34:30.0656 1764 dmboot ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0656 1764 dmboot - detected UnsignedFile.Multi.Generic (1)
17:34:30.0671 1764 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:34:30.0703 1764 dmio ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0703 1764 dmio - detected UnsignedFile.Multi.Generic (1)
17:34:30.0734 1764 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:34:30.0750 1764 dmload ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0750 1764 dmload - detected UnsignedFile.Multi.Generic (1)
17:34:30.0796 1764 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:34:30.0812 1764 dmserver ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0812 1764 dmserver - detected UnsignedFile.Multi.Generic (1)
17:34:30.0843 1764 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:34:30.0859 1764 DMusic ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0859 1764 DMusic - detected UnsignedFile.Multi.Generic (1)
17:34:30.0906 1764 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:34:30.0921 1764 Dnscache ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0921 1764 Dnscache - detected UnsignedFile.Multi.Generic (1)
17:34:30.0953 1764 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:34:30.0984 1764 Dot3svc ( UnsignedFile.Multi.Generic ) - warning
17:34:30.0984 1764 Dot3svc - detected UnsignedFile.Multi.Generic (1)
17:34:30.0984 1764 dpti2o - ok
17:34:31.0000 1764 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:34:31.0015 1764 drmkaud ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0015 1764 drmkaud - detected UnsignedFile.Multi.Generic (1)
17:34:31.0046 1764 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:34:31.0062 1764 EapHost ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0062 1764 EapHost - detected UnsignedFile.Multi.Generic (1)
17:34:31.0109 1764 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:34:31.0125 1764 ERSvc ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0125 1764 ERSvc - detected UnsignedFile.Multi.Generic (1)
17:34:31.0156 1764 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
17:34:31.0171 1764 Eventlog ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0171 1764 Eventlog - detected UnsignedFile.Multi.Generic (1)
17:34:31.0203 1764 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
17:34:31.0234 1764 EventSystem ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0234 1764 EventSystem - detected UnsignedFile.Multi.Generic (1)
17:34:31.0250 1764 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:34:31.0265 1764 Fastfat ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0265 1764 Fastfat - detected UnsignedFile.Multi.Generic (1)
17:34:31.0312 1764 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:34:31.0328 1764 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0328 1764 FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
17:34:31.0343 1764 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:34:31.0359 1764 Fdc ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0359 1764 Fdc - detected UnsignedFile.Multi.Generic (1)
17:34:31.0375 1764 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:34:31.0390 1764 Fips ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0390 1764 Fips - detected UnsignedFile.Multi.Generic (1)
17:34:31.0406 1764 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:34:31.0421 1764 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0421 1764 Flpydisk - detected UnsignedFile.Multi.Generic (1)
17:34:31.0468 1764 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:34:31.0484 1764 FltMgr ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0484 1764 FltMgr - detected UnsignedFile.Multi.Generic (1)
17:34:31.0562 1764 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:34:31.0593 1764 FontCache3.0.0.0 - ok
17:34:31.0609 1764 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:34:31.0625 1764 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0625 1764 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
17:34:31.0640 1764 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:34:31.0656 1764 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0656 1764 Ftdisk - detected UnsignedFile.Multi.Generic (1)
17:34:31.0687 1764 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:34:31.0718 1764 GEARAspiWDM - ok
17:34:31.0718 1764 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:34:31.0734 1764 Gpc ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0734 1764 Gpc - detected UnsignedFile.Multi.Generic (1)
17:34:31.0750 1764 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:34:31.0765 1764 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0765 1764 HDAudBus - detected UnsignedFile.Multi.Generic (1)
17:34:31.0843 1764 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:34:31.0859 1764 helpsvc ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0859 1764 helpsvc - detected UnsignedFile.Multi.Generic (1)
17:34:31.0875 1764 HidServ - ok
17:34:31.0890 1764 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:34:31.0906 1764 hidusb ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0906 1764 hidusb - detected UnsignedFile.Multi.Generic (1)
17:34:31.0937 1764 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:34:31.0953 1764 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
17:34:31.0953 1764 hkmsvc - detected UnsignedFile.Multi.Generic (1)
17:34:31.0968 1764 hpn - ok
17:34:32.0015 1764 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:34:32.0031 1764 HTTP ( UnsignedFile.Multi.Generic ) - warning
17:34:32.0031 1764 HTTP - detected UnsignedFile.Multi.Generic (1)
17:34:32.0078 1764 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:34:32.0093 1764 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
17:34:32.0093 1764 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
17:34:32.0093 1764 i2omgmt - ok
17:34:32.0109 1764 i2omp - ok
17:34:32.0125 1764 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:34:32.0140 1764 i8042prt ( UnsignedFile.Multi.Generic ) - warning
17:34:32.0140 1764 i8042prt - detected UnsignedFile.Multi.Generic (1)
17:34:32.0234 1764 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:34:32.0343 1764 idsvc - ok
17:34:32.0375 1764 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:34:32.0390 1764 Imapi ( UnsignedFile.Multi.Generic ) - warning
17:34:32.0390 1764 Imapi - detected UnsignedFile.Multi.Generic (1)
17:34:32.0437 1764 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
17:34:32.0453 1764 ImapiService ( UnsignedFile.Multi.Generic ) - warning
17:34:32.0453 1764 ImapiService - detected UnsignedFile.Multi.Generic (1)
17:34:32.0468 1764 ini910u - ok
17:34:32.0718 1764 [ 47F27AF890DA3E51C633FDD510910115 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:34:33.0000 1764 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0000 1764 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
17:34:33.0015 1764 IntelIde - ok
17:34:33.0062 1764 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:34:33.0062 1764 intelppm ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0062 1764 intelppm - detected UnsignedFile.Multi.Generic (1)
17:34:33.0093 1764 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:34:33.0093 1764 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0093 1764 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
17:34:33.0140 1764 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:34:33.0156 1764 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0156 1764 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
17:34:33.0171 1764 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:34:33.0187 1764 IpInIp ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0187 1764 IpInIp - detected UnsignedFile.Multi.Generic (1)
17:34:33.0218 1764 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:34:33.0234 1764 IpNat ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0234 1764 IpNat - detected UnsignedFile.Multi.Generic (1)
17:34:33.0265 1764 [ 02682AE021F0FB92F5768B49776B8B5B ] iPod Service C:\Programme\iPod\bin\iPodService.exe
17:34:33.0296 1764 iPod Service - ok
17:34:33.0312 1764 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:34:33.0312 1764 IPSec ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0312 1764 IPSec - detected UnsignedFile.Multi.Generic (1)
17:34:33.0343 1764 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:34:33.0343 1764 IRENUM ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0343 1764 IRENUM - detected UnsignedFile.Multi.Generic (1)
17:34:33.0375 1764 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:34:33.0390 1764 isapnp ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0390 1764 isapnp - detected UnsignedFile.Multi.Generic (1)
17:34:33.0437 1764 [ 9DBA73C2F1E76EC4CB837E67C5743596 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
17:34:33.0453 1764 JavaQuickStarterService - ok
17:34:33.0484 1764 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:34:33.0500 1764 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0500 1764 Kbdclass - detected UnsignedFile.Multi.Generic (1)
17:34:33.0546 1764 [ CC2A86D7BBF14977340DCA61BBCBA771 ] kbfiltr C:\WINDOWS\system32\DRIVERS\kbfiltr.sys
17:34:33.0562 1764 kbfiltr ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0562 1764 kbfiltr - detected UnsignedFile.Multi.Generic (1)
17:34:33.0578 1764 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:34:33.0593 1764 kmixer ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0593 1764 kmixer - detected UnsignedFile.Multi.Generic (1)
17:34:33.0640 1764 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:34:33.0656 1764 KSecDD ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0656 1764 KSecDD - detected UnsignedFile.Multi.Generic (1)
17:34:33.0703 1764 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:34:33.0718 1764 lanmanserver ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0718 1764 lanmanserver - detected UnsignedFile.Multi.Generic (1)
17:34:33.0734 1764 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:34:33.0750 1764 lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0750 1764 lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
17:34:33.0750 1764 lbrtfdc - ok
17:34:33.0796 1764 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:34:33.0796 1764 LmHosts ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0796 1764 LmHosts - detected UnsignedFile.Multi.Generic (1)
17:34:33.0843 1764 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
17:34:33.0859 1764 MBAMProtector - ok
17:34:33.0859 1764 MBAMSwissArmy - ok
17:34:33.0890 1764 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:34:33.0906 1764 Messenger ( UnsignedFile.Multi.Generic ) - warning
17:34:33.0906 1764 Messenger - detected UnsignedFile.Multi.Generic (1)
17:34:33.0968 1764 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
17:34:33.0984 1764 Microsoft Office Groove Audit Service - ok
17:34:34.0031 1764 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:34:34.0046 1764 mnmdd ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0046 1764 mnmdd - detected UnsignedFile.Multi.Generic (1)
17:34:34.0062 1764 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:34:34.0078 1764 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0078 1764 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
17:34:34.0109 1764 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:34:34.0109 1764 Modem ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0109 1764 Modem - detected UnsignedFile.Multi.Generic (1)
17:34:34.0140 1764 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:34:34.0156 1764 MODEMCSA ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0156 1764 MODEMCSA - detected UnsignedFile.Multi.Generic (1)
17:34:34.0171 1764 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:34:34.0187 1764 Mouclass ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0187 1764 Mouclass - detected UnsignedFile.Multi.Generic (1)
17:34:34.0203 1764 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:34:34.0203 1764 mouhid ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0203 1764 mouhid - detected UnsignedFile.Multi.Generic (1)
17:34:34.0218 1764 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:34:34.0234 1764 MountMgr ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0234 1764 MountMgr - detected UnsignedFile.Multi.Generic (1)
17:34:34.0234 1764 mraid35x - ok
17:34:34.0250 1764 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:34:34.0265 1764 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0265 1764 MRxDAV - detected UnsignedFile.Multi.Generic (1)
17:34:34.0312 1764 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:34:34.0328 1764 MRxSmb ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0328 1764 MRxSmb - detected UnsignedFile.Multi.Generic (1)
17:34:34.0359 1764 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:34:34.0359 1764 MSDTC ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0359 1764 MSDTC - detected UnsignedFile.Multi.Generic (1)
17:34:34.0375 1764 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:34:34.0390 1764 Msfs ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0390 1764 Msfs - detected UnsignedFile.Multi.Generic (1)
17:34:34.0390 1764 MSIServer - ok
17:34:34.0421 1764 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:34:34.0421 1764 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0421 1764 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
17:34:34.0453 1764 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:34:34.0453 1764 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0453 1764 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
17:34:34.0500 1764 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:34:34.0500 1764 MSPQM ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0500 1764 MSPQM - detected UnsignedFile.Multi.Generic (1)
17:34:34.0562 1764 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:34:34.0562 1764 mssmbios ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0562 1764 mssmbios - detected UnsignedFile.Multi.Generic (1)
17:34:34.0593 1764 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:34:34.0593 1764 MSTEE ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0593 1764 MSTEE - detected UnsignedFile.Multi.Generic (1)
17:34:34.0640 1764 [ 1C0F480B7C6136DDB5FB909995AF014A ] MTsensor C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
17:34:34.0640 1764 MTsensor ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0640 1764 MTsensor - detected UnsignedFile.Multi.Generic (1)
17:34:34.0687 1764 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:34:34.0687 1764 Mup ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0687 1764 Mup - detected UnsignedFile.Multi.Generic (1)
17:34:34.0750 1764 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:34:34.0750 1764 NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0750 1764 NABTSFEC - detected UnsignedFile.Multi.Generic (1)
17:34:34.0796 1764 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
17:34:34.0812 1764 napagent ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0812 1764 napagent - detected UnsignedFile.Multi.Generic (1)
17:34:34.0859 1764 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:34:34.0875 1764 NDIS ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0875 1764 NDIS - detected UnsignedFile.Multi.Generic (1)
17:34:34.0906 1764 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:34:34.0906 1764 NdisIP ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0906 1764 NdisIP - detected UnsignedFile.Multi.Generic (1)
17:34:34.0937 1764 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:34:34.0953 1764 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0953 1764 NdisTapi - detected UnsignedFile.Multi.Generic (1)
17:34:34.0968 1764 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:34:34.0968 1764 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
17:34:34.0968 1764 Ndisuio - detected UnsignedFile.Multi.Generic (1)
17:34:34.0984 1764 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:34:35.0000 1764 NdisWan ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0000 1764 NdisWan - detected UnsignedFile.Multi.Generic (1)
17:34:35.0031 1764 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:34:35.0031 1764 NDProxy ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0031 1764 NDProxy - detected UnsignedFile.Multi.Generic (1)
17:34:35.0046 1764 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:34:35.0046 1764 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0046 1764 NetBIOS - detected UnsignedFile.Multi.Generic (1)
17:34:35.0078 1764 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:34:35.0093 1764 NetBT ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0093 1764 NetBT - detected UnsignedFile.Multi.Generic (1)
17:34:35.0140 1764 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
17:34:35.0156 1764 NetDDE ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0156 1764 NetDDE - detected UnsignedFile.Multi.Generic (1)
17:34:35.0156 1764 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:34:35.0171 1764 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0171 1764 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
17:34:35.0218 1764 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:34:35.0218 1764 Netlogon ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0218 1764 Netlogon - detected UnsignedFile.Multi.Generic (1)
17:34:35.0265 1764 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
17:34:35.0281 1764 Netman ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0281 1764 Netman - detected UnsignedFile.Multi.Generic (1)
17:34:35.0296 1764 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:34:35.0312 1764 NetTcpPortSharing - ok
17:34:35.0359 1764 [ ACD8BD448A74F344D46FCAF21BAB92AF ] Nla C:\WINDOWS\System32\mswsock.dll
17:34:35.0375 1764 Nla ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0375 1764 Nla - detected UnsignedFile.Multi.Generic (1)
17:34:35.0375 1764 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:34:35.0390 1764 Npfs ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0390 1764 Npfs - detected UnsignedFile.Multi.Generic (1)
17:34:35.0421 1764 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:34:35.0453 1764 Ntfs ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0453 1764 Ntfs - detected UnsignedFile.Multi.Generic (1)
17:34:35.0468 1764 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:34:35.0468 1764 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0468 1764 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
17:34:35.0531 1764 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:34:35.0578 1764 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0578 1764 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
17:34:35.0609 1764 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:34:35.0609 1764 Null ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0609 1764 Null - detected UnsignedFile.Multi.Generic (1)
17:34:35.0656 1764 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:34:35.0656 1764 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0656 1764 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
17:34:35.0671 1764 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:34:35.0687 1764 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0687 1764 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
17:34:35.0796 1764 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
17:34:35.0828 1764 odserv - ok
17:34:35.0843 1764 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
17:34:35.0875 1764 ose - ok
17:34:35.0890 1764 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
17:34:35.0906 1764 Parport ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0906 1764 Parport - detected UnsignedFile.Multi.Generic (1)
17:34:35.0921 1764 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:34:35.0921 1764 PartMgr ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0921 1764 PartMgr - detected UnsignedFile.Multi.Generic (1)
17:34:35.0953 1764 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:34:35.0968 1764 ParVdm ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0968 1764 ParVdm - detected UnsignedFile.Multi.Generic (1)
17:34:35.0968 1764 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:34:35.0984 1764 PCI ( UnsignedFile.Multi.Generic ) - warning
17:34:35.0984 1764 PCI - detected UnsignedFile.Multi.Generic (1)
17:34:36.0000 1764 PCIDump - ok
17:34:36.0015 1764 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:34:36.0015 1764 PCIIde ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0015 1764 PCIIde - detected UnsignedFile.Multi.Generic (1)
17:34:36.0046 1764 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:34:36.0062 1764 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0062 1764 Pcmcia - detected UnsignedFile.Multi.Generic (1)
17:34:36.0062 1764 PDCOMP - ok
17:34:36.0078 1764 PDFRAME - ok
17:34:36.0078 1764 PDRELI - ok
17:34:36.0093 1764 PDRFRAME - ok
17:34:36.0109 1764 perc2 - ok
17:34:36.0109 1764 perc2hib - ok
17:34:36.0156 1764 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
17:34:36.0171 1764 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0171 1764 PlugPlay - detected UnsignedFile.Multi.Generic (1)
17:34:36.0187 1764 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:34:36.0203 1764 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0203 1764 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
17:34:36.0203 1764 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:34:36.0218 1764 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0218 1764 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
17:34:36.0234 1764 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:34:36.0234 1764 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0234 1764 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
17:34:36.0250 1764 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:34:36.0250 1764 PSched ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0250 1764 PSched - detected UnsignedFile.Multi.Generic (1)
17:34:36.0265 1764 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:34:36.0265 1764 Ptilink ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0265 1764 Ptilink - detected UnsignedFile.Multi.Generic (1)
17:34:36.0281 1764 ql1080 - ok
17:34:36.0296 1764 Ql10wnt - ok
17:34:36.0296 1764 ql12160 - ok
17:34:36.0312 1764 ql1240 - ok
17:34:36.0312 1764 ql1280 - ok
17:34:36.0343 1764 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:34:36.0359 1764 RasAcd ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0359 1764 RasAcd - detected UnsignedFile.Multi.Generic (1)
17:34:36.0390 1764 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:34:36.0406 1764 RasAuto ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0406 1764 RasAuto - detected UnsignedFile.Multi.Generic (1)
17:34:36.0437 1764 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:34:36.0453 1764 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0453 1764 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
17:34:36.0500 1764 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:34:36.0515 1764 RasMan ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0515 1764 RasMan - detected UnsignedFile.Multi.Generic (1)
17:34:36.0531 1764 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:34:36.0531 1764 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0531 1764 RasPppoe - detected UnsignedFile.Multi.Generic (1)
17:34:36.0546 1764 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:34:36.0546 1764 Raspti ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0562 1764 Raspti - detected UnsignedFile.Multi.Generic (1)
17:34:36.0593 1764 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:34:36.0593 1764 Rdbss ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0593 1764 Rdbss - detected UnsignedFile.Multi.Generic (1)
17:34:36.0609 1764 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:34:36.0625 1764 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0625 1764 RDPCDD - detected UnsignedFile.Multi.Generic (1)
17:34:36.0671 1764 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:34:36.0671 1764 RDPWD ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0671 1764 RDPWD - detected UnsignedFile.Multi.Generic (1)
17:34:36.0718 1764 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:34:36.0734 1764 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0734 1764 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
17:34:36.0750 1764 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:34:36.0765 1764 redbook ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0765 1764 redbook - detected UnsignedFile.Multi.Generic (1)
17:34:36.0812 1764 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:34:36.0828 1764 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0828 1764 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
17:34:36.0828 1764 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:34:36.0843 1764 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0843 1764 RpcLocator - detected UnsignedFile.Multi.Generic (1)
17:34:36.0859 1764 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:34:36.0890 1764 RpcSs ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0890 1764 RpcSs - detected UnsignedFile.Multi.Generic (1)
17:34:36.0921 1764 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:34:36.0937 1764 RSVP ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0937 1764 RSVP - detected UnsignedFile.Multi.Generic (1)
17:34:36.0968 1764 [ DAAF657C0B5BD0595669496857040F75 ] RTSTOR C:\WINDOWS\system32\drivers\RTSTOR.SYS
17:34:36.0968 1764 RTSTOR ( UnsignedFile.Multi.Generic ) - warning
17:34:36.0968 1764 RTSTOR - detected UnsignedFile.Multi.Generic (1)
17:34:37.0000 1764 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
17:34:37.0015 1764 SamSs ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0015 1764 SamSs - detected UnsignedFile.Multi.Generic (1)
17:34:37.0015 1764 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:34:37.0031 1764 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0031 1764 SCardSvr - detected UnsignedFile.Multi.Generic (1)
17:34:37.0078 1764 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:34:37.0093 1764 Schedule ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0093 1764 Schedule - detected UnsignedFile.Multi.Generic (1)
17:34:37.0125 1764 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:34:37.0140 1764 Secdrv ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0140 1764 Secdrv - detected UnsignedFile.Multi.Generic (1)
17:34:37.0156 1764 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:34:37.0171 1764 seclogon ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0171 1764 seclogon - detected UnsignedFile.Multi.Generic (1)
17:34:37.0171 1764 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
17:34:37.0187 1764 SENS ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0187 1764 SENS - detected UnsignedFile.Multi.Generic (1)
17:34:37.0218 1764 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
17:34:37.0234 1764 Serial ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0234 1764 Serial - detected UnsignedFile.Multi.Generic (1)
17:34:37.0250 1764 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:34:37.0265 1764 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0265 1764 Sfloppy - detected UnsignedFile.Multi.Generic (1)
17:34:37.0328 1764 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:34:37.0343 1764 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0343 1764 SharedAccess - detected UnsignedFile.Multi.Generic (1)
17:34:37.0390 1764 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:34:37.0406 1764 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
17:34:37.0406 1764 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
17:34:37.0406 1764 Simbad - ok
17:34:37.0671 1764 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:34:37.0921 1764 Skype C2C Service - ok
17:34:37.0968 1764 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
17:34:38.0000 1764 SkypeUpdate - ok
17:34:38.0015 1764 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:34:38.0031 1764 SLIP ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0031 1764 SLIP - detected UnsignedFile.Multi.Generic (1)
17:34:38.0046 1764 smserial - ok
17:34:38.0062 1764 Sparrow - ok
17:34:38.0093 1764 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:34:38.0109 1764 splitter ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0109 1764 splitter - detected UnsignedFile.Multi.Generic (1)
17:34:38.0156 1764 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:34:38.0171 1764 Spooler ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0171 1764 Spooler - detected UnsignedFile.Multi.Generic (1)
17:34:38.0187 1764 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:34:38.0203 1764 sr ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0203 1764 sr - detected UnsignedFile.Multi.Generic (1)
17:34:38.0250 1764 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
17:34:38.0265 1764 srservice ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0265 1764 srservice - detected UnsignedFile.Multi.Generic (1)
17:34:38.0312 1764 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:34:38.0343 1764 Srv ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0343 1764 Srv - detected UnsignedFile.Multi.Generic (1)
17:34:38.0390 1764 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:34:38.0406 1764 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0406 1764 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
17:34:38.0437 1764 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:34:38.0468 1764 ssmdrv - ok
17:34:38.0531 1764 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:34:38.0562 1764 stisvc ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0562 1764 stisvc - detected UnsignedFile.Multi.Generic (1)
17:34:38.0671 1764 [ 409F7268DD0D820110ADCC78A8E9CE71 ] StkCMini C:\WINDOWS\system32\Drivers\StkCMini.sys
17:34:38.0781 1764 StkCMini ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0781 1764 StkCMini - detected UnsignedFile.Multi.Generic (1)
17:34:38.0796 1764 [ 7B072F348B63098C94CCCBBD3516A558 ] StkSSrv C:\WINDOWS\System32\StkCSrv.exe
17:34:38.0828 1764 StkSSrv ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0828 1764 StkSSrv - detected UnsignedFile.Multi.Generic (1)
17:34:38.0859 1764 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:34:38.0875 1764 streamip ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0875 1764 streamip - detected UnsignedFile.Multi.Generic (1)
17:34:38.0890 1764 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:34:38.0906 1764 swenum ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0906 1764 swenum - detected UnsignedFile.Multi.Generic (1)
17:34:38.0921 1764 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:34:38.0937 1764 swmidi ( UnsignedFile.Multi.Generic ) - warning
17:34:38.0937 1764 swmidi - detected UnsignedFile.Multi.Generic (1)
17:34:38.0937 1764 SwPrv - ok
17:34:38.0953 1764 symc810 - ok
17:34:38.0968 1764 symc8xx - ok
17:34:38.0984 1764 sym_hi - ok
17:34:39.0000 1764 sym_u3 - ok
17:34:39.0046 1764 [ 69BF2DD9B1099D1AA3E7CF14B4B842CD ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:34:39.0062 1764 SynTP ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0062 1764 SynTP - detected UnsignedFile.Multi.Generic (1)
17:34:39.0093 1764 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:34:39.0109 1764 sysaudio ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0109 1764 sysaudio - detected UnsignedFile.Multi.Generic (1)
17:34:39.0140 1764 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:34:39.0171 1764 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0171 1764 SysmonLog - detected UnsignedFile.Multi.Generic (1)
17:34:39.0218 1764 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:34:39.0250 1764 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0250 1764 TapiSrv - detected UnsignedFile.Multi.Generic (1)
17:34:39.0296 1764 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:34:39.0328 1764 Tcpip ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0328 1764 Tcpip - detected UnsignedFile.Multi.Generic (1)
17:34:39.0359 1764 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:34:39.0359 1764 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0359 1764 TDPIPE - detected UnsignedFile.Multi.Generic (1)
17:34:39.0390 1764 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:34:39.0406 1764 TDTCP ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0406 1764 TDTCP - detected UnsignedFile.Multi.Generic (1)
17:34:39.0421 1764 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:34:39.0437 1764 TermDD ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0437 1764 TermDD - detected UnsignedFile.Multi.Generic (1)
17:34:39.0484 1764 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
17:34:39.0500 1764 TermService ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0500 1764 TermService - detected UnsignedFile.Multi.Generic (1)
17:34:39.0531 1764 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:34:39.0546 1764 Themes ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0546 1764 Themes - detected UnsignedFile.Multi.Generic (1)
17:34:39.0562 1764 TosIde - ok
17:34:39.0609 1764 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:34:39.0625 1764 TrkWks ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0625 1764 TrkWks - detected UnsignedFile.Multi.Generic (1)
17:34:39.0656 1764 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:34:39.0671 1764 Udfs ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0671 1764 Udfs - detected UnsignedFile.Multi.Generic (1)
17:34:39.0687 1764 ultra - ok
17:34:39.0734 1764 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:34:39.0765 1764 Update ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0765 1764 Update - detected UnsignedFile.Multi.Generic (1)
17:34:39.0796 1764 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:34:39.0828 1764 upnphost ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0828 1764 upnphost - detected UnsignedFile.Multi.Generic (1)
17:34:39.0859 1764 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
17:34:39.0875 1764 UPS ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0875 1764 UPS - detected UnsignedFile.Multi.Generic (1)
17:34:39.0921 1764 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
17:34:39.0937 1764 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0937 1764 USBAAPL - detected UnsignedFile.Multi.Generic (1)
17:34:39.0968 1764 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:34:39.0984 1764 usbccgp ( UnsignedFile.Multi.Generic ) - warning
17:34:39.0984 1764 usbccgp - detected UnsignedFile.Multi.Generic (1)
17:34:40.0000 1764 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:34:40.0015 1764 usbehci ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0015 1764 usbehci - detected UnsignedFile.Multi.Generic (1)
17:34:40.0046 1764 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:34:40.0046 1764 usbhub ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0046 1764 usbhub - detected UnsignedFile.Multi.Generic (1)
17:34:40.0078 1764 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:34:40.0093 1764 usbohci ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0093 1764 usbohci - detected UnsignedFile.Multi.Generic (1)
17:34:40.0109 1764 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:34:40.0125 1764 usbprint ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0125 1764 usbprint - detected UnsignedFile.Multi.Generic (1)
17:34:40.0140 1764 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:34:40.0140 1764 usbscan ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0140 1764 usbscan - detected UnsignedFile.Multi.Generic (1)
17:34:40.0187 1764 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:34:40.0203 1764 usbstor ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0203 1764 usbstor - detected UnsignedFile.Multi.Generic (1)
17:34:40.0218 1764 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:34:40.0234 1764 VgaSave ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0234 1764 VgaSave - detected UnsignedFile.Multi.Generic (1)
17:34:40.0234 1764 ViaIde - ok
17:34:40.0281 1764 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:34:40.0281 1764 VolSnap ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0281 1764 VolSnap - detected UnsignedFile.Multi.Generic (1)
17:34:40.0312 1764 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
17:34:40.0328 1764 VSS ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0328 1764 VSS - detected UnsignedFile.Multi.Generic (1)
17:34:40.0359 1764 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
17:34:40.0375 1764 W32Time ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0375 1764 W32Time - detected UnsignedFile.Multi.Generic (1)
17:34:40.0406 1764 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:34:40.0406 1764 Wanarp ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0406 1764 Wanarp - detected UnsignedFile.Multi.Generic (1)
17:34:40.0421 1764 WDICA - ok
17:34:40.0468 1764 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:34:40.0468 1764 wdmaud ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0468 1764 wdmaud - detected UnsignedFile.Multi.Generic (1)
17:34:40.0531 1764 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:34:40.0531 1764 WebClient ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0531 1764 WebClient - detected UnsignedFile.Multi.Generic (1)
17:34:40.0625 1764 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:34:40.0640 1764 winmgmt ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0640 1764 winmgmt - detected UnsignedFile.Multi.Generic (1)
17:34:40.0687 1764 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:34:40.0703 1764 WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0703 1764 WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
17:34:40.0750 1764 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:34:40.0750 1764 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0750 1764 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
17:34:40.0859 1764 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
17:34:40.0968 1764 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
17:34:40.0968 1764 WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
17:34:41.0000 1764 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:34:41.0015 1764 wscsvc ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0015 1764 wscsvc - detected UnsignedFile.Multi.Generic (1)
17:34:41.0062 1764 [ 2EA107F535B0B7BFB1D8D6BD79325DBB ] WSIMD C:\WINDOWS\system32\DRIVERS\wsimd.sys
17:34:41.0062 1764 WSIMD ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0062 1764 WSIMD - detected UnsignedFile.Multi.Generic (1)
17:34:41.0093 1764 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:34:41.0093 1764 WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0093 1764 WSTCODEC - detected UnsignedFile.Multi.Generic (1)
17:34:41.0109 1764 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:34:41.0109 1764 wuauserv ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0109 1764 wuauserv - detected UnsignedFile.Multi.Generic (1)
17:34:41.0156 1764 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:34:41.0171 1764 WudfPf ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0171 1764 WudfPf - detected UnsignedFile.Multi.Generic (1)
17:34:41.0187 1764 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:34:41.0187 1764 WudfRd ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0187 1764 WudfRd - detected UnsignedFile.Multi.Generic (1)
17:34:41.0203 1764 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:34:41.0218 1764 WudfSvc ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0218 1764 WudfSvc - detected UnsignedFile.Multi.Generic (1)
17:34:41.0265 1764 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:34:41.0296 1764 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0296 1764 WZCSVC - detected UnsignedFile.Multi.Generic (1)
17:34:41.0328 1764 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:34:41.0343 1764 xmlprov ( UnsignedFile.Multi.Generic ) - warning
17:34:41.0343 1764 xmlprov - detected UnsignedFile.Multi.Generic (1)
17:34:41.0359 1764 ================ Scan global ===============================
17:34:41.0390 1764 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
17:34:41.0421 1764 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
17:34:41.0453 1764 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
17:34:41.0484 1764 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
17:34:41.0484 1764 [Global] - ok
17:34:41.0484 1764 ================ Scan MBR ==================================
17:34:41.0515 1764 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
17:34:41.0828 1764 \Device\Harddisk0\DR0 - ok
17:34:41.0828 1764 ================ Scan VBR ==================================
17:34:41.0828 1764 [ E9628C05CD689796F50F81329F7F04FE ] \Device\Harddisk0\DR0\Partition1
17:34:41.0828 1764 \Device\Harddisk0\DR0\Partition1 - ok
17:34:41.0828 1764 [ 91E91931C597D6DBBC80B65CCC81B347 ] \Device\Harddisk0\DR0\Partition2
17:34:41.0843 1764 \Device\Harddisk0\DR0\Partition2 - ok
17:34:41.0859 1764 ============================================================
17:34:41.0859 1764 Scan finished
17:34:41.0859 1764 ============================================================
17:34:41.0968 1012 Detected object count: 213
17:34:41.0984 1012 Actual detected object count: 213
17:37:12.0484 1012 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0484 1012 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0484 1012 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0484 1012 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0484 1012 ACS ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0484 1012 ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0500 1012 aec ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0500 1012 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0500 1012 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0500 1012 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0500 1012 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0500 1012 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0515 1012 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0515 1012 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0515 1012 AR5211 ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0515 1012 AR5211 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0515 1012 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0515 1012 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0515 1012 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0515 1012 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0515 1012 AtcL002 ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0515 1012 AtcL002 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0531 1012 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0531 1012 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0531 1012 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0531 1012 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0531 1012 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0531 1012 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0531 1012 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0531 1012 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0546 1012 audstub ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0546 1012 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0546 1012 Beep ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0546 1012 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0546 1012 BITS ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0546 1012 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0546 1012 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0546 1012 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0562 1012 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0562 1012 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0562 1012 CCDECODE ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0562 1012 CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0562 1012 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0562 1012 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0562 1012 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0562 1012 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0578 1012 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0578 1012 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0578 1012 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0578 1012 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0578 1012 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0578 1012 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0578 1012 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0578 1012 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0593 1012 Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0593 1012 Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0593 1012 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0593 1012 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0593 1012 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0593 1012 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0593 1012 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0593 1012 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0609 1012 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0609 1012 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0609 1012 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0609 1012 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0609 1012 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0609 1012 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0609 1012 dmload ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0609 1012 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0625 1012 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0625 1012 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0625 1012 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0625 1012 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0625 1012 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0625 1012 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0625 1012 Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0625 1012 Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0625 1012 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0625 1012 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0640 1012 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0640 1012 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0640 1012 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0640 1012 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0640 1012 Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0640 1012 Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0640 1012 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0640 1012 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0656 1012 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0656 1012 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0656 1012 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0656 1012 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0656 1012 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0656 1012 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0656 1012 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0656 1012 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0656 1012 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0671 1012 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0671 1012 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0671 1012 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0671 1012 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0671 1012 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0671 1012 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0671 1012 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0671 1012 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0671 1012 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0687 1012 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0687 1012 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0687 1012 helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0687 1012 helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0687 1012 hidusb ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0687 1012 hidusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0687 1012 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0687 1012 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0703 1012 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0703 1012 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0703 1012 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0703 1012 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0703 1012 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0703 1012 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0703 1012 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0703 1012 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0703 1012 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0703 1012 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0718 1012 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0718 1012 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0718 1012 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0718 1012 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0718 1012 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0718 1012 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0718 1012 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0718 1012 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0718 1012 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0718 1012 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0734 1012 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0734 1012 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0734 1012 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0734 1012 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0734 1012 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0734 1012 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0734 1012 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0734 1012 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0750 1012 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0750 1012 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0750 1012 kbfiltr ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0750 1012 kbfiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0750 1012 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0750 1012 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0750 1012 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0750 1012 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0750 1012 lanmanserver ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0750 1012 lanmanserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0765 1012 lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0765 1012 lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0765 1012 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0765 1012 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0765 1012 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0765 1012 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0765 1012 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0765 1012 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0781 1012 mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0781 1012 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0781 1012 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0781 1012 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0781 1012 MODEMCSA ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0781 1012 MODEMCSA ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0781 1012 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0781 1012 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0781 1012 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0781 1012 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0796 1012 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0796 1012 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0796 1012 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0796 1012 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0796 1012 MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0796 1012 MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0796 1012 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0796 1012 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0812 1012 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0812 1012 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0812 1012 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0812 1012 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0812 1012 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0812 1012 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0812 1012 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0812 1012 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0812 1012 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0812 1012 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0828 1012 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0828 1012 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0828 1012 MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0828 1012 MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0828 1012 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0828 1012 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0828 1012 NABTSFEC ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0828 1012 NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0828 1012 napagent ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0828 1012 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0843 1012 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0843 1012 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0843 1012 NdisIP ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0843 1012 NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0843 1012 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0843 1012 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0843 1012 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0843 1012 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0859 1012 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0859 1012 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0859 1012 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0859 1012 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0859 1012 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0859 1012 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0859 1012 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0859 1012 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0859 1012 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0859 1012 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0875 1012 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0875 1012 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0875 1012 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0875 1012 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0875 1012 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0875 1012 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0875 1012 Nla ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0875 1012 Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0890 1012 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0890 1012 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0890 1012 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0890 1012 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0890 1012 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0890 1012 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0890 1012 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0890 1012 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0890 1012 Null ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0890 1012 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0906 1012 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0906 1012 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0906 1012 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0906 1012 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0906 1012 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0906 1012 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0906 1012 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0906 1012 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0906 1012 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0921 1012 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0921 1012 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0921 1012 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0921 1012 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0921 1012 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0921 1012 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0921 1012 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0921 1012 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0921 1012 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0937 1012 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0937 1012 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0937 1012 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0937 1012 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0937 1012 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0937 1012 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0937 1012 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0937 1012 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0953 1012 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0953 1012 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0953 1012 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0953 1012 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0953 1012 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0953 1012 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0953 1012 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0953 1012 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0953 1012 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0953 1012 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0968 1012 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0968 1012 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0968 1012 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0968 1012 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0968 1012 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0968 1012 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0968 1012 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0968 1012 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0984 1012 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0984 1012 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0984 1012 RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0984 1012 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0984 1012 redbook ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0984 1012 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0984 1012 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0984 1012 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0984 1012 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0984 1012 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:12.0984 1012 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:12.0984 1012 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0000 1012 RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0000 1012 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0000 1012 RTSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0000 1012 RTSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0000 1012 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0000 1012 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0000 1012 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0000 1012 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0015 1012 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0015 1012 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0015 1012 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0015 1012 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0015 1012 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0015 1012 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0015 1012 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0015 1012 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0015 1012 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0015 1012 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0031 1012 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0031 1012 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0031 1012 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0031 1012 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0031 1012 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0031 1012 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0031 1012 SLIP ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0031 1012 SLIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0046 1012 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0046 1012 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0046 1012 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0046 1012 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0046 1012 sr ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0046 1012 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0046 1012 srservice ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0046 1012 srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0062 1012 Srv ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0062 1012 Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0062 1012 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0062 1012 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0062 1012 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0062 1012 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0062 1012 StkCMini ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0062 1012 StkCMini ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0062 1012 StkSSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0062 1012 StkSSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0078 1012 streamip ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0078 1012 streamip ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0078 1012 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0078 1012 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0078 1012 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0078 1012 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0078 1012 SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0078 1012 SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0078 1012 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0093 1012 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0093 1012 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0093 1012 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0093 1012 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0093 1012 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0093 1012 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0093 1012 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0093 1012 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0093 1012 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0109 1012 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0109 1012 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0109 1012 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0109 1012 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0109 1012 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0109 1012 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0109 1012 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0109 1012 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0109 1012 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0109 1012 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0125 1012 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0125 1012 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0125 1012 Update ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0125 1012 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0125 1012 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0125 1012 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0125 1012 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0125 1012 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0140 1012 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0140 1012 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0140 1012 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0140 1012 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0140 1012 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0140 1012 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0140 1012 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0140 1012 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0140 1012 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0140 1012 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0156 1012 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0156 1012 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0156 1012 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0156 1012 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0156 1012 usbstor ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0156 1012 usbstor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0156 1012 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0156 1012 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0171 1012 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0171 1012 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0171 1012 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0171 1012 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0171 1012 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0171 1012 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0171 1012 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0171 1012 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0171 1012 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0171 1012 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0187 1012 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0187 1012 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0187 1012 winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0187 1012 winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0187 1012 WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0187 1012 WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0187 1012 WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0187 1012 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0203 1012 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0203 1012 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0203 1012 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0203 1012 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0203 1012 WSIMD ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0203 1012 WSIMD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0203 1012 WSTCODEC ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0203 1012 WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0203 1012 wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0203 1012 wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0218 1012 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0218 1012 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0218 1012 WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0218 1012 WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0218 1012 WudfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0218 1012 WudfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0218 1012 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0218 1012 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:13.0234 1012 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
17:37:13.0234 1012 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:37:28.0828 2064 Deinitialize success

markusg · 15.05.2013, 16:46

Hi,
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

gunnarw · 15.05.2013, 17:07

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-05-15.01 - GunnarW 15.05.2013  17:55:15.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1919.1332 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\GunnarW\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\epyks.pad
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\GunnarW\5526142.dll
c:\dokumente und einstellungen\GunnarW\WINDOWS
c:\dokumente und einstellungen\GunnarW\WINDOWS\win.ini
C:\Thumbs.db
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-15 bis 2013-05-15  ))))))))))))))))))))))))))))))
.
.
2013-05-15 15:07 . 2013-05-15 15:22	--------	d-----w-	C:\_OTL
2013-04-25 20:06 . 2008-04-14 02:22	26624	----a-w-	c:\dokumente und einstellungen\LocalService\Anwendungsdaten\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2013-04-25 20:05 . 2013-04-25 20:05	--------	d-----w-	c:\programme\Windows Media Connect 2
2013-04-25 20:03 . 2013-04-25 20:04	--------	d-----w-	c:\windows\system32\drivers\UMDF
2013-04-25 20:03 . 2013-04-25 20:03	--------	d-----w-	c:\windows\system32\LogFiles
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-16 22:16 . 2006-02-28 12:00	920064	----a-w-	c:\windows\system32\wininet.dll
2013-04-16 22:16 . 2006-02-28 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-16 22:16 . 2006-02-28 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2006-02-28 12:00	385024	----a-w-	c:\windows\system32\html.iec
2013-04-12 14:00 . 2006-02-28 12:00	1876480	----a-w-	c:\windows\system32\win32k.sys
2013-03-30 09:15 . 2013-02-13 22:03	84744	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-03-30 09:15 . 2013-02-13 22:03	37352	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-03-30 09:15 . 2013-02-13 22:03	135136	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-03-08 08:36 . 2006-02-28 12:00	293888	----a-w-	c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2004-08-04 00:50	2031104	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-03-07 15:56 . 2006-02-28 12:00	2152448	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-27 07:56 . 2010-08-16 19:13	2067456	----a-w-	c:\windows\system32\mstscax.dll
2011-01-18 17:05 . 2011-01-18 17:04	2291256	----a-w-	c:\programme\TRex.exe
2010-09-16 08:41 . 2010-09-16 08:41	1277264	----a-w-	c:\programme\wlmessengersetup-custom.exe
2010-09-14 21:13 . 2010-09-14 21:13	19075976	----a-w-	c:\programme\SkypeSetup187Full.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2006-02-28 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2006-02-28 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2006-02-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2006-02-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2006-02-28 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\kbdclass.sys
[-] 2004-08-03 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2006-02-28 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2006-02-28 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[-] 2006-02-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2006-02-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748_1$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2006-02-28 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
.
[-] 2012-07-06 . B71549F23736ADF83A571061C47777FD . 78336 . . [5.1.2600.6260] . . c:\windows\system32\browser.dll
[-] 2012-07-06 . B71549F23736ADF83A571061C47777FD . 78336 . . [5.1.2600.6260] . . c:\windows\system32\dllcache\browser.dll
[-] 2012-07-06 . B2CC8D85D27BF10C5FAF5B98C335978E . 78336 . . [5.1.2600.6260] . . c:\windows\$hf_mig$\KB2705219\SP3QFE\browser.dll
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2705219$\browser.dll
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2006-02-28 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2006-02-28 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2006-02-28 . CDF4DA6B518105343FE9E8AFBBF8FBF4 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
.
[-] 2008-04-14 02:22 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 02:22 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2006-02-28 12:00 . 4B9D9E2708019763C5A72DA776DB1158 . 846848 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2006-02-28 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . D45BBCDDC74A1B0259A0C4B00C190D20 . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2006-02-28 . 9F28FF58D6D67B123272869D89D14004 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll
.
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-09 . 65F6B774819BD727358157CEDEA67B8E . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2006-02-28 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2006-02-28 . 54E7113A4BD696E430919BCAF5C65E06 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
.
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2006-02-28 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2006-02-28 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 2B6ADE29F8D00EEFA5FA2250CBE094AD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2006-02-28 . 2CF914215226B3F7FA1AE4A47E4D261C . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-02-28 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2006-02-28 . 9D0F57B9C65BF8A07DB655A9ED6EB2EE . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2006-02-28 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:16 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974_1$\es.dll
[-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2006-02-28 12:00 . 4E1A8645EE77CB9454FFE53C59620A25 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll
.
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2006-02-28 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2012-10-03 . 8214D49147FBB2CD5CF896CBE021D339 . 1063936 . . [5.1.2600.6293] . . c:\windows\system32\kernel32.dll
[-] 2012-10-03 . 8214D49147FBB2CD5CF896CBE021D339 . 1063936 . . [5.1.2600.6293] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2012-10-03 . A9D5CAF09ABD70F1CA28891ECED7B9E4 . 1065472 . . [5.1.2600.6293] . . c:\windows\$hf_mig$\KB2758857\SP3QFE\kernel32.dll
[-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$NtUninstallKB2758857$\kernel32.dll
[-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . B6053A5FA67EAC4A292A44F585881FFF . 1062912 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2006-02-28 . E6CD85D0D37416CF138F01F4BB0FC872 . 1057280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll
.
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2006-02-28 . 3898FFF548E2968CB3AC5A71D7F4E425 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2006-02-28 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2013-05-07 . B58C905D107E8E8F884F4D41053AA463 . 6015488 . . [8.00.6001.23487] . . c:\windows\SoftwareDistribution\Download\4b0978786d15e4e99869e76ba112785a\SP3QFE\mshtml.dll
[-] 2013-05-07 . B58C905D107E8E8F884F4D41053AA463 . 6015488 . . [8.00.6001.23487] . . c:\windows\system32\mshtml.dll
[-] 2013-05-07 . B58C905D107E8E8F884F4D41053AA463 . 6015488 . . [8.00.6001.23487] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2013-04-16 . F41ACFD0995036E71A2DC14FC43843ED . 6014976 . . [8.00.6001.23486] . . c:\windows\SoftwareDistribution\Download\8dd4b41e100ff95cdbf0efaa4817d9df\SP3QFE\mshtml.dll
[-] 2013-03-02 . EA9230C5CF9E866AE60115D5200D0477 . 6012416 . . [8.00.6001.19412] . . c:\windows\ie8updates\KB2847204-IE8\mshtml.dll
[-] 2013-03-02 . 0E34682AFAF8CAD72B4D80EF56678356 . 6013440 . . [8.00.6001.23480] . . c:\windows\$hf_mig$\KB2817183-IE8\SP3QFE\mshtml.dll
[-] 2013-03-01 . E30201393D0444EAFBA113BF929C3A84 . 6011392 . . [8.00.6001.19403] . . c:\windows\ie8updates\KB2817183-IE8\mshtml.dll
[-] 2013-03-01 . D0044B80AAB6E8CF061DBFF2A0D10916 . 6012928 . . [8.00.6001.23471] . . c:\windows\$hf_mig$\KB2809289-IE8\SP3QFE\mshtml.dll
[-] 2013-01-09 . D20F3CA24ECC9FCD03311B4614596D80 . 6011904 . . [8.00.6001.23468] . . c:\windows\$hf_mig$\KB2792100-IE8\SP3QFE\mshtml.dll
[-] 2013-01-08 . 4E791AFF01E8B2673706B0E3D926B8B8 . 6010368 . . [8.00.6001.19400] . . c:\windows\ie8updates\KB2809289-IE8\mshtml.dll
[-] 2013-01-06 . 736266D91BA396EE6D17F4DA20B35317 . 6009856 . . [8.00.6001.19394] . . c:\windows\ie8updates\KB2792100-IE8\mshtml.dll
[-] 2013-01-06 . 7E7AD1122829366ABFFD99282AA5E387 . 6011392 . . [8.00.6001.23462] . . c:\windows\$hf_mig$\KB2799329-IE8\SP3QFE\mshtml.dll
[-] 2012-11-13 . 9EE11942F73A9CEB7AF2EC2316488F1E . 6010880 . . [8.00.6001.23461] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\mshtml.dll
[-] 2012-11-12 . 8382463AD283ED95C83436988A5467E8 . 6008832 . . [8.00.6001.19393] . . c:\windows\ie8updates\KB2799329-IE8\mshtml.dll
[-] 2012-08-28 . 685AC6F538B3D4EBE03F19877187B4DF . 6008832 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\mshtml.dll
[-] 2012-08-28 . 871C7E18BC56164496CE97DE5C95E569 . 6010368 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\mshtml.dll
[-] 2012-07-02 . A73EF51CB4D047AC0831D3BDB9036149 . 6008320 . . [8.00.6001.19298] . . c:\windows\ie8updates\KB2744842-IE8\mshtml.dll
[-] 2012-07-02 . 4D2499E11D9F907ACD817CA76DD78024 . 6010368 . . [8.00.6001.23385] . . c:\windows\$hf_mig$\KB2722913-IE8\SP3QFE\mshtml.dll
[-] 2012-05-11 . 610AFC1D924512EEB7797ADD9E5F9455 . 6007808 . . [8.00.6001.19258] . . c:\windows\ie8updates\KB2722913-IE8\mshtml.dll
[-] 2012-05-11 . E3C9C5F75F06CECD02E0BE32E0BE7463 . 6009344 . . [8.00.6001.23345] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll
[-] 2012-03-01 . C34FC3162FE56D908A7285B5983D03FF . 5978624 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\mshtml.dll
[-] 2012-03-01 . AFF12544647103F756962F43BF60C238 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
[-] 2011-12-17 . ED2A6223A232E6463E6168A0A7A6EA93 . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
[-] 2011-12-17 . 384D5CD1286CA3364EE2DAA991CF4726 . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
[-] 2011-11-04 . 4823271E3A5F3A3D2229EACA01D849F1 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
[-] 2011-11-04 . CD31B8FA968485999C4B02802D8C482C . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[-] 2011-10-03 . F591C3C571E547DDED6624EB3DCAB7C9 . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[-] 2011-10-03 . CC43AB1B8E1C5244B7F354307A3C9A77 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
[-] 2011-07-25 . 9316AF4E14DC9C85A86A1A14A675F160 . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
[-] 2011-07-25 . 1D96C20A4B27E16481C3E774EFC87E09 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
[-] 2011-05-30 . 930A3ED33CD772EA8A2C4BB226A81CAF . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
[-] 2011-05-30 . F439589BF8C2B1B07DAED345CD2F710D . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . 581142E0B30A2457893EDCF11479BB6C . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . C37FC01CC7347AA073EA7AC3C70D7C7E . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
[-] 2010-12-20 . 10669CF45FBCA6774260726D6D62282C . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
[-] 2010-12-20 . BE8A4C7BFF06DC3BCCBCE689FAC751F7 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 40627E7D2717A6DD38337A54FDA03F34 . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 3414295B9307D2EFE47EE89F5CC43125 . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
[-] 2010-09-10 . 2EE27CDF8C897B5ABE5D86D1C03F1066 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
[-] 2010-09-10 . FC277C347BBAAE912A5B0748B3504483 . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 7CF74ED1A2C05369C67531E7855742CF . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . AC2E0BBFA7C01FD7CBF858C764B745DE . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
[-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
[-] 2010-05-06 . A0091E83B21A4C2627D1DD1A64C1B4B9 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-04-16 . 164B4195439F7A0919A6CA7BDEC238AC . 3094016 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\mshtml.dll
[-] 2010-04-16 . 65E4FEB30D4307C1425F8635EE75200D . 3094528 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
[-] 2010-04-16 . F78A7680EC0A14F1D601364DD4635D7B . 3086336 . . [6.00.2900.3698] . . c:\windows\ie8\mshtml.dll
[-] 2010-04-16 . 61244206F4B9840DE7AD5BF8DE5B9A49 . 3094016 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2006-02-28 . 3910C7977DF6C8BCB604350173066D79 . 3070464 . . [6.00.2900.2853] . . c:\windows\$NtUninstallKB982381$\mshtml.dll
[-] 2006-02-20 . 01432C2102578F0AB9ADDFEC91043D06 . 3073024 . . [6.00.2900.2853] . . c:\windows\$hf_mig$\KB911164\SP2QFE\mshtml.dll
.
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2006-02-28 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2006-02-28 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2006-02-28 . 365B3C43810E1CF41B3BE1E7180F583B . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . EB55B1D9978B61E9913EDCD27EEC4C7C . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748_1$\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2006-02-28 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll
.
[-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2006-02-28 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2006-02-28 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2006-02-28 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2006-02-28 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2006-02-28 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2006-02-28 . 4584E2A5FE662AB3E7C32936E1449043 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2006-02-28 . 56785FD5236D7B22CF471A6DA9DB46D8 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2006-02-28 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2013-04-16 . 10D06267C1B4AEA1B324F5EA32B9B922 . 920064 . . [8.00.6001.23486] . . c:\windows\SoftwareDistribution\Download\8dd4b41e100ff95cdbf0efaa4817d9df\SP3QFE\wininet.dll
[-] 2013-04-16 . 10D06267C1B4AEA1B324F5EA32B9B922 . 920064 . . [8.00.6001.23486] . . c:\windows\system32\wininet.dll
[-] 2013-04-16 . 10D06267C1B4AEA1B324F5EA32B9B922 . 920064 . . [8.00.6001.23486] . . c:\windows\system32\dllcache\wininet.dll
[-] 2013-03-02 . 214501D3CC7007F42822D22B01D1D2F7 . 916480 . . [8.00.6001.19412] . . c:\windows\ie8updates\KB2829530-IE8\wininet.dll
[-] 2013-03-02 . E7A3A46CB8E4CF41341BEFE9F7D9C9CE . 920064 . . [8.00.6001.23480] . . c:\windows\$hf_mig$\KB2817183-IE8\SP3QFE\wininet.dll
[-] 2013-02-05 . A6E0E07C08C7BA620B7A098BBAFA4208 . 916480 . . [8.00.6001.19401] . . c:\windows\ie8updates\KB2817183-IE8\wininet.dll
[-] 2013-02-05 . 08AE726D7115DB2CCE2D3C7CE12C5766 . 920064 . . [8.00.6001.23469] . . c:\windows\$hf_mig$\KB2809289-IE8\SP3QFE\wininet.dll
[-] 2012-12-26 . 660331C8727EEFE8FC21A8F028833824 . 916480 . . [8.00.6001.19394] . . c:\windows\ie8updates\KB2809289-IE8\wininet.dll
[-] 2012-12-26 . A852CCAA50A1571E7C05F16856A386C0 . 920064 . . [8.00.6001.23462] . . c:\windows\$hf_mig$\KB2792100-IE8\SP3QFE\wininet.dll
[-] 2012-11-01 . 2EDCBEBCAC154808D4BED260D1CC5B3E . 916992 . . [8.00.6001.19389] . . c:\windows\ie8updates\KB2792100-IE8\wininet.dll
[-] 2012-11-01 . 55DA1F687D28274A8257B78F72907300 . 920064 . . [8.00.6001.23458] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll
[-] 2012-08-28 . 8DA5C02D2CA9C2266C6E1ED1628388FF . 916992 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\wininet.dll
[-] 2012-08-28 . E51889F140ED2B32E986611E69DE148B . 920064 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll
[-] 2012-07-02 . 0085D5288271FA641F95A5A1845C6512 . 916992 . . [8.00.6001.19298] . . c:\windows\ie8updates\KB2744842-IE8\wininet.dll
[-] 2012-07-02 . 002E8799A0D811A9F611FFA72B0A405D . 920064 . . [8.00.6001.23385] . . c:\windows\$hf_mig$\KB2722913-IE8\SP3QFE\wininet.dll
[-] 2012-05-16 . CB1B69A4306EAE327DE46277CA3BA9C9 . 916992 . . [8.00.6001.19272] . . c:\windows\ie8updates\KB2722913-IE8\wininet.dll
[-] 2012-05-16 . FA932FB2522C5B8436DF9D2290F56A98 . 920064 . . [8.00.6001.23359] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll
[-] 2012-03-01 . 9C4ABC4869FB2EB0E6F38E27A536B325 . 916992 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\wininet.dll
[-] 2012-03-01 . 4CF6DBF445D93CAB7986F8EB90F27DEC . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
[-] 2011-12-17 . 4C4FA27D15C83B59B16CED7DED66E33D . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll
[-] 2011-12-17 . 48F111BC456924B4F131E9FF11B4925E . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll
[-] 2011-11-04 . 0BB4286D73CE2CF106F21C7D38C9F85A . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll
[-] 2011-11-04 . C87AFD199FB2BAA77BADC2974815A7A4 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[-] 2011-08-22 . 5F841994DB0F2B3A3303F8E6ADFDB13E . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll
[-] 2011-08-22 . 15F8399C03B9717AC8F5722649CB017D . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
[-] 2011-06-23 . 0BF4985026EF2B7F22B91B3A4A56E222 . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll
[-] 2011-06-23 . 11C398190972B60689CA0E61FEC75C42 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
[-] 2011-04-25 . 64F49D76DBEDDC28C676AF86A8613575 . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll
[-] 2011-04-25 . 69E2C6E3430C34698F72E735646B346E . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . 0E05446F197207A173E06A27C70A1DF7 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . A2B8733A4FB67717861CF97DB1F03053 . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll
[-] 2010-12-20 . 4E6109D5651FAB2D9C7ACEBFA5E49076 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll
[-] 2010-12-20 . B5FF24B723725959D6AE0904F53F74BC . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 628696B409200762C12C5140C434CBFA . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 24BC8815BBD3BB53829E0141529E49FD . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll
[-] 2010-09-10 . 41E62E6AA4D4C03322467FB0D2D29967 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[-] 2010-09-10 . 7B7028B726053782DD9B98B729515567 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 1ACB8E6FAD2A8690CBB41D3229A2B27D . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 5AC0C1733D8C3DE781002F45A678E0FC . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[-] 2010-05-06 . B5B9887088B8168D52CB28020CF05498 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-04-16 . 0CC0A30F7F06C6A5A40911616CA35085 . 672768 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\wininet.dll
[-] 2010-04-16 . 68B82A22151D41988B3BCB7C881E2B0E . 674304 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
[-] 2010-04-16 . C7B31EF1A7F52D99E92BFF1B053D6EB2 . 667648 . . [6.00.2900.3698] . . c:\windows\ie8\wininet.dll
[-] 2010-04-16 . 4350AD71E6C5F397BB76DFF7C4BCFCBD . 674304 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2006-02-28 . B1A1DA99C4A6EBFD59F86A453BF02F39 . 662016 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB982381$\wininet.dll
.
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2006-02-28 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2006-02-28 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2006-02-28 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2006-02-28 . 8193CE5FB09E83F2699FD65BBCBE2FD2 . 153600 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[-] 2011-11-01 . D684C601EC79D9543D50EB2DB124FE78 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[-] 2010-07-16 . B28AF7976F2D8109C0DC2CF2460BEDC2 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[-] 2010-07-16 . B3D7633CF83B09042A49810A7A72ADED . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2006-02-28 . D700449AD3045E81680C25A79620A171 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll
.
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . EB2AD9C7DADE6C63F5F933881BA2A430 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2006-02-28 . E4E40EAFF464EBE7752BAD3D82AF1715 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2004-08-03 . 4721744CE11F385073F6F9F7831752C7 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2006-02-28 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 927666F4228E3FBBC3D1171581DC8BDC . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2006-02-28 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2008-04-14 . DC4E223F5813150073FB5CC63D13293B . 4608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msimg32.dll
[-] 2008-04-14 . DC4E223F5813150073FB5CC63D13293B . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[-] 2006-02-28 . 3B8A9C87027BF8D6D156BE5FA6E8EBC6 . 4608 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msimg32.dll
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2006-02-28 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2006-02-28 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2006-02-28 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2010-12-09 . 0314B25236E38383DACD4527C40156E8 . 743936 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
[-] 2010-12-09 . E3BDD71DA7EAB0A503129D4D127AF1CB . 743936 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
[-] 2010-12-09 . E3BDD71DA7EAB0A503129D4D127AF1CB . 743936 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
[-] 2009-02-09 . 06DA2C9091606174BFC6F46037AAFFF8 . 740864 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[-] 2009-02-09 . 1392B1FB3CD232D4439418DB91DB57A1 . 740352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntdll.dll
[-] 2009-02-09 . 1392B1FB3CD232D4439418DB91DB57A1 . 740352 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll
[-] 2009-02-09 . 00396DB3298F569268C854D8192A6524 . 740352 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntdll.dll
[-] 2009-02-09 . 13F65D69BC90600C2F0274A4D42D38B5 . 740864 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntdll.dll
[-] 2008-04-14 . 95092EFBE367A108ECDD5D6E439754C3 . 731648 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\ntdll.dll
[-] 2008-04-14 . 95092EFBE367A108ECDD5D6E439754C3 . 731648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll
[-] 2006-02-28 . 00E9FF65CC5C4F965ABB0C7BBDAE8309 . 733696 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntdll.dll
.
[-] 2009-02-27 . B97AFE7A2A3D47E3BBBA37F913E50732 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\msctfime.ime
[-] 2009-02-27 . B97AFE7A2A3D47E3BBBA37F913E50732 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\dllcache\msctfime.ime
[-] 2009-02-27 . 29DAAEB07885C57AD6E5860BACDF6EAA . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3QFE\msctfime.ime
[-] 2008-04-14 . 275CAC40038A2643833B5F48FB474857 . 177152 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB961503$\msctfime.ime
[-] 2008-04-14 . 275CAC40038A2643833B5F48FB474857 . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
[-] 2006-02-28 . C7329927E2C73450323565DCFE17D78E . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
.
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2006-02-28 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2006-02-28 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2006-02-28 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2006-02-28 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2006-02-28 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2006-02-28 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2006-02-28 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2006-02-28 . AE93E415220A4C0112768A0DEE36D28D . 348672 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2006-02-28 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2006-02-28 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2010-09-18 07:18 . 4891FCDAE77486BFB56999AA217651FA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-02-28 12:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
.
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2006-02-28 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[-] 2008-04-14 02:22 . 6E18978B749F0696A774DE3F2CB142DD . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2006-02-28 12:00 . D68CC4EBF7B03FD770D5962295AD814E . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
.
[-] 2013-03-07 . F6D0ADD14A380F027A0863A1EE337B93 . 2072320 . . [5.1.2600.6368] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2013-03-07 . F6D0ADD14A380F027A0863A1EE337B93 . 2072320 . . [5.1.2600.6368] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2013-03-07 . 7AC180C47638A8394E9BCA27BD2EC5E7 . 2031104 . . [5.1.2600.6368] . . c:\windows\system32\ntkrnlpa.exe
[-] 2013-03-07 . 55A21C67E41EC94ECE980B33152E87F1 . 2072320 . . [5.1.2600.6368] . . c:\windows\$hf_mig$\KB2813170\SP3QFE\ntkrnlpa.exe
[-] 2013-01-07 . 6DA536958A593E44B5EE3881C5B74575 . 2030080 . . [5.1.2600.6335] . . c:\windows\$NtUninstallKB2813170$\ntkrnlpa.exe
[-] 2013-01-07 . 02CFD7C5E7F3EC63D6754D6B259A3BB6 . 2072064 . . [5.1.2600.6335] . . c:\windows\$hf_mig$\KB2799494\SP3QFE\ntkrnlpa.exe
[-] 2012-08-23 . 2A212067C4734FD67095DA9FF522B503 . 2030080 . . [5.1.2600.6284] . . c:\windows\$NtUninstallKB2799494$\ntkrnlpa.exe
[-] 2012-08-23 . 3E6F700819774FD290FA8A79465E41DA . 2071936 . . [5.1.2600.6284] . . c:\windows\$hf_mig$\KB2724197\SP3QFE\ntkrnlpa.exe
[-] 2012-05-05 . BE4A6D3DB8E11A1B644B8675FE7D1A43 . 2029056 . . [5.1.2600.6223] . . c:\windows\$NtUninstallKB2724197$\ntkrnlpa.exe
[-] 2012-05-05 . 339D9DA45F631C9D9D7132D9F6957943 . 2071424 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
[-] 2012-04-11 . 12E964E3514BC6ECD028A792F23E1976 . 2029056 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe
[-] 2012-04-11 . C3124524EDDDA49504AE558352440F65 . 2071424 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[-] 2011-10-26 . 07FD1B85212CB29D3D75932B8C3FD210 . 2029568 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
[-] 2011-10-26 . ADD968B4D4A095407FD5B915F89BA8B5 . 2071680 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 7B1CA0A6C042E4B90A18B49ED73CBA76 . 2071680 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 56371A8F18F7D9570A11B1C54D602A2A . 2029568 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[-] 2010-04-28 . 4EACA49489EB3C4A2E83C5546EB5884C . 2069248 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-28 . 6D8D53C3EE866AB72AC73A68808E7371 . 2027008 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[-] 2010-02-17 . FEDB0FDF1FE02ECC7A823A690175B876 . 2066048 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . 4C56EC495229ABC2F62862A7E145A852 . 2019328 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2010-02-16 . 9F24D01B6027FED0423FD28F1055E3DD . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . 1DFCBCFD1C9016C051BE6D7243459CCA . 2027008 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-02-10 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . 6A2980D9805A4285271FE50D91BC5C2A . 2018304 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[-] 2009-02-09 . 84C1C109552E9E276FF004E181B80C25 . 2065280 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . 43FBA8A9CBEEA36EA95AF77CD538200A . 2026496 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683_1$\ntkrnlpa.exe
[-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . FEFB3BDA35CF469809B0C89AB6833AFC . 2026496 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\ntkrnlpa.exe
[-] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2006-02-28 . F8D35488D41B19A306A454FFC0ED0336 . 2017792 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
.
[-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2006-02-28 12:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2006-02-28 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2006-02-28 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2006-02-28 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2006-02-28 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2006-02-28 12:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2006-02-28 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2006-02-28 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[-] 2013-03-07 . DACE71DFE04588B54C0396C6C2AC92EB . 2195712 . . [5.1.2600.6368] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2013-03-07 . DACE71DFE04588B54C0396C6C2AC92EB . 2195712 . . [5.1.2600.6368] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2013-03-07 . FE473D39B38D8542770F7C339914A8DF . 2152448 . . [5.1.2600.6368] . . c:\windows\system32\ntoskrnl.exe
[-] 2013-03-07 . 8FE0900688FFDA8BBA1701D9E543F867 . 2195840 . . [5.1.2600.6368] . . c:\windows\$hf_mig$\KB2813170\SP3QFE\ntoskrnl.exe
[-] 2013-01-07 . AF1C9AABC52AC0BA50F3CCA696D3F8B1 . 2151424 . . [5.1.2600.6335] . . c:\windows\$NtUninstallKB2813170$\ntoskrnl.exe
[-] 2013-01-07 . E3C3A9F90C77AEE8F70650109963E52D . 2195456 . . [5.1.2600.6335] . . c:\windows\$hf_mig$\KB2799494\SP3QFE\ntoskrnl.exe
[-] 2012-08-23 . 36E49FA67679847C40F452219D871163 . 2151424 . . [5.1.2600.6284] . . c:\windows\$NtUninstallKB2799494$\ntoskrnl.exe
[-] 2012-08-23 . DEF6103237BB417D4082DB5077837853 . 2195328 . . [5.1.2600.6284] . . c:\windows\$hf_mig$\KB2724197\SP3QFE\ntoskrnl.exe
[-] 2012-05-05 . 916B2FD262DDD2DD31EB5B80B5645516 . 2150912 . . [5.1.2600.6223] . . c:\windows\$NtUninstallKB2724197$\ntoskrnl.exe
[-] 2012-05-05 . C11516E90F6D8C45329A070429392A04 . 2194944 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
[-] 2012-04-11 . 1055CB3C62F7007EBD5ECB1E5CC8069E . 2150912 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe
[-] 2012-04-11 . 35BEC26067274CCFE4BE16CA22E54557 . 2194944 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
[-] 2011-10-26 . 63907C9E2D9EEA3ADA8263F0A8D79797 . 2151424 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
[-] 2011-10-26 . 43BA9F58FD87BBF57F958C06241F2C9C . 2195072 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . 2A5A8BE47E1F8E55520FB4031E21D129 . 2195072 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . DAC0BE266F11618A2B9A6EC4D1F255ED . 2151424 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[-] 2010-04-28 . 490911C4B913989D4958543FED2C8F21 . 2148864 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[-] 2010-04-28 . 6AF2E8CEB03F7CB3B8183359563DBB87 . 2192384 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-17 . 786F98EFD090AD93F03E3BD95FB68714 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 . 22FB992849C75B08F3A9BFB19B87935D . 2139648 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2010-02-16 . B76CEA13602DC99EE0E655E4798C24AA . 2189184 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . E1BD0FAFF2C1D0A825CBA97DCF0DDDAE . 2148864 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . AA84FFABC07AD44176598F6E253EF5EE . 2138624 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[-] 2009-02-09 . E22124EC3A33F40755DCD2F4B1BE8A87 . 2188416 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-09 . 18D976FE984BDA3DAC8164B05D69205D . 2147840 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683_1$\ntoskrnl.exe
[-] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2008-04-14 . 88077F757C6C793C33408D878B6E0F76 . 2147840 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\ntoskrnl.exe
[-] 2006-02-28 . C3EC5DD56E3EB15D80AF9FCEE030CABD . 2150912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2006-02-28 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2006-02-28 . C6D874CD2A5B83CD11CDEBD28A638584 . 176640 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-02-28 . 7E751068ADA60FC77638622E86A7CD9E . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2006-02-28 . 32641AE4D340C1AC2D9B3A3BD71F5C47 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2006-02-28 . 84028E2EBE7A25494766673A5FF4B304 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
.
[-] 2008-04-14 . 02AF8A799D173C2D0C71F399C03AC9E1 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[-] 2008-04-14 . 02AF8A799D173C2D0C71F399C03AC9E1 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[-] 2006-02-28 . 3FEADE4D0B41D22E8B8460739A9B4FEE . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:49	281760	----a-w-	c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\dokumente und einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\dokumente und einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\dokumente und einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\dokumente und einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 2"="c:\programme\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\programme\Atheros\ACU.exe" [2007-10-23 376921]
"ATKMEDIA"="c:\programme\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2010-08-16 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2010-08-16 33136]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2012-10-25 421888]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2013-02-18 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\GunnarW\Startmenü\Programme\Autostart\
Dropbox.lnk - c:\dokumente und einstellungen\GunnarW\Anwendungsdaten\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\programme\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon]
"shell"=hex(4486008):45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,2e,00,65,\
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^GunnarW^Startmenü^Programme^Autostart^Dropbox.lnk]
path=c:\dokumente und einstellungen\GunnarW\Startmenü\Programme\Autostart\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35	946352	----a-w-	c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58	37296	----a-w-	c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-10-06 00:52	59240	----a-w-	c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-01-28 12:08	59720	----a-w-	c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKHOTKEY]
2007-07-12 08:25	225280	----a-w-	c:\programme\ATK Hotkey\HControl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2007-10-17 17:04	7737344	----a-w-	c:\programme\ATKOSD2\ATKOSD2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36	30040	----a-w-	c:\programme\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-18 15:01	152392	----a-w-	c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22	1695232	------w-	c:\programme\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:12	3872080	----a-w-	c:\programme\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12	421888	----a-w-	c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-10-30 11:49	16269312	------r-	c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04	2879488	------r-	c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2012-08-18 16:54	5576408	----a-w-	c:\dokumente und einstellungen\GunnarW\Anwendungsdaten\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2012-08-18 16:54	1193176	----a-w-	c:\dokumente und einstellungen\GunnarW\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59	254696	----a-w-	c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-05-25 12:02	786521	----a-w-	c:\programme\Synaptics\SynTP\SynTPEnh.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Dokumente und Einstellungen\\GunnarW\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Dokumente und Einstellungen\\GunnarW\\Anwendungsdaten\\Spotify\\spotify.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15783:UDP"= 15783:UDP:UDP 15783
"17711:TCP"= 17711:TCP:TCP 17711
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [14.02.2013 00:03 37352]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [14.02.2013 00:03 86752]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [16.08.2010 22:49 24576]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [16.08.2010 22:49 1260672]
S2 Skype C2C Service;Skype C2C Service;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [02.10.2012 13:13 3064000]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [08.01.2013 13:55 161536]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.02.2013 01:21 21104]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 79581326
*Deregistered* - 79581326
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 15:31]
.
2013-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2013-05-15 c:\windows\Tasks\User_Feed_Synchronization-{A42691D2-4E50-44F7-8D45-525364F2FD6C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = hxxp://search.easylifeapp.com/?pid=499&r=2013/02/14&hid=817904650&lg=EN&cc=DE
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Google Sidewiki... - c:\programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-FreePDF Assistant - c:\programme\FreePDF_XP\fpassist.exe
MSConfigStartUp-ICQ - c:\programme\ICQ7.2\ICQ.exe
MSConfigStartUp-swg - c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM_ActiveSetup-ccc-core-static - msiexec
AddRemove-Free Audio CD Burner_is1 - c:\programme\DVDVideoSoft\Free Audio CD Burner\unins000.exe
AddRemove-Uninstall_is1 - c:\programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-05-15 18:00
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(848)
c:\windows\system32\Ati2evxx.dll
.
Zeit der Fertigstellung: 2013-05-15  18:04:55
ComboFix-quarantined-files.txt  2013-05-15 16:04
.
Vor Suchlauf: 7 Verzeichnis(se), 43.672.915.968 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 43.998.154.752 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - CB3D3793CBC9FB7319CBF2CD5A166B44

--- --- ---

markusg · 15.05.2013, 17:25

Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

gunnarw · 15.05.2013, 18:23

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.05.15.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
GunnarW :: GUNNAR [Administrator]

15.05.2013 18:30:25
mbam-log-2013-05-15 (18-30-25).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 321581
Laufzeit: 52 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

markusg · 15.05.2013, 21:15

Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

gunnarw · 28.05.2013, 13:11

Meine Liste befindet sich im Anhang!

markusg · 28.05.2013, 13:49

deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
BitZipper
BrowseToSave
Free PDF
Free YouTube
GPL
Java
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
MyScript
PDFKey
Safari
Spotify
Windows Live : alle für dich unnötigen

Öffne bitte CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

gunnarw · 28.05.2013, 15:27

Siehe Anhang!

15.05.2013, 16:22	#4
markusg /// Malware-holic	GVU-Trojaner! Benötige dringend Hilfe! ok, dann mal weiter mit dem Upload. __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

GVU-Trojaner! Benötige dringend Hilfe!

Plagegeister aller Art und deren Bekämpfung: GVU-Trojaner! Benötige dringend Hilfe!