Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   win32/mebroot Trojaner im Arbeitsspeicher (https://www.trojaner-board.de/120121-win32-mebroot-trojaner-arbeitsspeicher.html)

Torch 22.07.2012 16:05
win32/mebroot Trojaner im Arbeitsspeicher
 
Hallo,
also ESET Smart Security hat im Arbeitsspeicher einen Win32/Mebroot Trojaner gefunden. Allerdings kann ich diesen nicht bereinigen.

Hier habe ich die Logfiles:

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:48 on 22/07/2012 (Enrico)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Code:
OTL logfile created on: 22.07.2012 11:49:33 - Run 1
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Users\Enrico\Searches\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 41,22% Memory free
6,18 Gb Paging File | 4,73 Gb Available in Paging File | 76,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 400,58 Gb Free Space | 87,85% Space Free | Partition Type: NTFS
 
Computer Name: ENRICO-PC | User Name: Enrico | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.22 09:50:35 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Programme\ESET\ESET Smart Security\ekrn.exe
PRC - [2012.03.07 15:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Programme\ESET\ESET Smart Security\egui.exe
PRC - [2009.06.23 17:19:14 | 000,711,200 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
PRC - [2009.06.23 17:19:14 | 000,707,104 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
PRC - [2009.06.23 17:19:12 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe
PRC - [2009.05.26 15:26:50 | 000,254,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2009.05.26 15:26:20 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009.03.18 10:46:30 | 001,160,736 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\SetupMyPC\SmpSys.exe
PRC - [2009.02.19 05:42:50 | 000,866,824 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2008.11.06 05:53:58 | 000,474,168 | ---- | M] (Conexant Systems, Inc.) -- C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.17 10:44:58 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2008.01.21 04:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.09.11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.02.02 17:33:56 | 000,460,199 | ---- | M] () -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
MOD - [2003.06.07 23:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Programme\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.06.23 17:19:14 | 000,707,104 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.05.26 15:26:20 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.03.25 19:52:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.08.24 04:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Enrico\AppData\Local\Temp\pxdiypod.sys -- (pxdiypod)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Enrico\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.03.14 08:40:04 | 000,148,504 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2012.03.14 08:40:02 | 000,169,080 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2012.03.14 08:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.03.14 08:40:02 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2012.03.14 08:40:02 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2009.06.22 15:50:00 | 009,753,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.05.01 07:43:34 | 000,064,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.03.17 20:28:50 | 000,452,096 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.12.29 19:51:14 | 003,715,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.09.04 06:12:56 | 000,223,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKCU\..\SearchScopes,DefaultScope = {9F9E3EC7-2CD1-4716-85EB-968F1A9012CF}
IE - HKCU\..\SearchScopes\{9F9E3EC7-2CD1-4716-85EB-968F1A9012CF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 21:40:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.07.21 10:57:33 | 000,000,000 | ---D | M]
 
[2012.07.20 22:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Enrico\AppData\Roaming\mozilla\Extensions
[2012.07.21 10:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C949700C-0D8F-4F09-9BBD-A040D353F97D}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.22 09:50:24 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
[2012.07.21 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\ESET
[2012.07.21 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\ESET
[2012.07.21 10:59:11 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.07.21 10:52:10 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2012.07.20 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Mozilla
[2012.07.20 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Mozilla
[2012.07.20 22:14:05 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.07.20 21:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.07.20 21:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.07.20 21:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Users\Enrico\Documents\StarCraft II
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012.07.20 16:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.07.20 16:13:00 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Documents\Notes
[2012.07.20 15:57:34 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Adobe
[2012.07.20 15:33:42 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Packard Bell
[2012.07.20 15:32:39 | 000,290,248 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezsvc7x.dll
[2012.07.20 15:32:39 | 000,129,992 | ---- | C] (EasyBits Sofware AS) -- C:\Windows\System32\ezsvc7.dll
[2012.07.20 15:32:26 | 001,381,376 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vcl70.bpl
[2012.07.20 15:32:26 | 000,778,240 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\rtl70.bpl
[2012.07.20 15:32:26 | 000,268,288 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezSetup.exe
[2012.07.20 15:32:26 | 000,215,040 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vclx70.bpl
[2012.07.20 15:32:26 | 000,111,104 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezShellStart.exe
[2012.07.20 15:32:26 | 000,097,792 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vcljpg70.bpl
[2012.07.20 15:32:26 | 000,091,136 | ---- | C] (EasyBits Software Corp.) -- C:\Windows\System32\ezUninst.exe
[2012.07.20 15:32:26 | 000,064,512 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vclsmp70.bpl
[2012.07.20 15:32:26 | 000,049,152 | ---- | C] (EasyBits Software Corp.) -- C:\Windows\System32\ezUPBHook.dll
[2012.07.20 15:32:26 | 000,015,872 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezMAPIHelper.exe
[2012.07.20 15:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell
[2012.07.20 15:13:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Acer ePower Management V4
[2012.07.20 15:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2012.07.20 15:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2012.07.20 15:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012.07.20 15:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Internet
[2012.07.20 15:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell MyBackup
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Xp_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\w2k_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_ia64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_amd64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_x86
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_ia64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_amd64
[2012.07.20 15:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\Launch Manager
[2012.07.20 15:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012.07.20 15:01:29 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Macromedia
[2012.07.20 15:01:24 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Adobe
[2012.07.20 15:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Video Web Camera
[2012.07.20 15:00:49 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Google
[2012.07.20 14:59:25 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\InstallShield
[2012.07.20 14:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.07.20 14:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2012.07.20 14:59:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2012.07.20 14:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012.07.20 09:45:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\oem
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-TW
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-HK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-CN
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\uk-UA
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\tr-TR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\th-TH
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sv-SE
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sr-Latn-CS
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sl-SI
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sk-SK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ro-RO
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-PT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pl-PL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nb-NO
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lv-LV
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lt-LT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ko-KR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ja-JP
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hu-HU
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hr-HR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\he-IL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fi-FI
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\et-EE
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\en-US
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\el-GR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\bg-BG
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA
[2012.07.20 09:37:28 | 000,207,368 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINST32.EXE
[2012.07.20 09:36:28 | 000,273,408 | ---- | C] (Wistron Corp.) -- C:\Windows\PLAUNCH.EXE
[2012.07.20 09:36:28 | 000,020,480 | ---- | C] (Wistron Corp.) -- C:\Windows\PATCHFUL.EXE
[2012.07.20 09:36:28 | 000,000,000 | ---D | C] -- C:\Windows\Lan
[2012.07.20 01:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.07.20 00:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012.07.20 00:51:55 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.07.20 00:50:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.07.20 00:08:09 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Google
[2012.07.20 00:07:58 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Searches
[2012.07.20 00:07:58 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.07.20 00:07:51 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Identities
[2012.07.20 00:07:49 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Contacts
[2012.07.20 00:06:52 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Packard Bell
[2012.07.20 00:06:19 | 000,000,000 | ---D | C] -- C:\Windows\oem
[2012.07.20 00:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012.07.20 00:04:41 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\VirtualStore
[2012.07.20 00:04:37 | 000,000,000 | --SD | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Videos
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Saved Games
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Pictures
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Music
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Links
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Favorites
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Downloads
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Documents
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Vorlagen
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Verlauf
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Temporary Internet Files
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Startmenü
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\SendTo
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Recent
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Netzwerkumgebung
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Lokale Einstellungen
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Videos
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Musik
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Eigene Dateien
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Bilder
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Druckumgebung
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Cookies
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Anwendungsdaten
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Anwendungsdaten
[2012.07.20 00:04:37 | 000,000,000 | -H-D | C] -- C:\Users\Enrico\AppData
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Temp
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Microsoft
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Media Center Programs
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.22 11:47:14 | 000,000,000 | ---- | M] () -- C:\Users\Enrico\defogger_reenable
[2012.07.22 11:45:25 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.07.22 11:45:25 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.07.22 11:45:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.22 10:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.07.22 09:50:35 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
[2012.07.22 09:50:13 | 000,050,477 | ---- | M] () -- C:\Users\Enrico\Searches\Desktop\Defogger.exe
[2012.07.22 08:42:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.22 08:42:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.22 01:10:38 | 000,302,592 | ---- | M] () -- C:\Users\Enrico\Searches\Desktop\gjgeywfd.exe
[2012.07.21 10:56:34 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.21 10:56:34 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.21 10:56:34 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.21 10:56:34 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.21 10:52:32 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.07.21 10:51:32 | 3215,814,656 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.20 23:45:09 | 000,300,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.20 21:57:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012.07.20 21:40:17 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.20 21:20:49 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.07.20 15:32:42 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2012.07.20 15:32:41 | 000,008,172 | ---- | M] () -- C:\Windows\System32\ezdigsgn.dat
[2012.07.20 15:32:26 | 001,381,376 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vcl70.bpl
[2012.07.20 15:32:26 | 000,778,240 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\rtl70.bpl
[2012.07.20 15:32:26 | 000,268,288 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezSetup.exe
[2012.07.20 15:32:26 | 000,215,040 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vclx70.bpl
[2012.07.20 15:32:26 | 000,111,104 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezShellStart.exe
[2012.07.20 15:32:26 | 000,097,792 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vcljpg70.bpl
[2012.07.20 15:32:26 | 000,091,136 | ---- | M] (EasyBits Software Corp.) -- C:\Windows\System32\ezUninst.exe
[2012.07.20 15:32:26 | 000,064,512 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vclsmp70.bpl
[2012.07.20 15:32:26 | 000,049,152 | ---- | M] (EasyBits Software Corp.) -- C:\Windows\System32\ezUPBHook.dll
[2012.07.20 15:32:26 | 000,015,872 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezMAPIHelper.exe
[2012.07.20 15:18:56 | 000,000,193 | ---- | M] () -- C:\Windows\USER.XML
[2012.07.20 15:17:53 | 000,000,016 | ---- | M] () -- C:\Windows\SetLang.bat
[2012.07.20 15:14:48 | 000,000,206 | ---- | M] () -- C:\Windows\Factory.xml
[2012.07.20 15:14:47 | 000,003,584 | ---- | M] () -- C:\Users\Enrico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.20 15:04:09 | 000,000,000 | ---- | M] () -- C:\Windows\Setup.INI
[2012.07.20 15:03:40 | 000,000,083 | ---- | M] () -- C:\Windows\LManager.UNI
[2012.07.20 15:03:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2012.07.20 09:45:50 | 000,000,181 | RHS- | M] () -- C:\Preload.rev
[2012.07.20 01:01:11 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012.07.20 00:07:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\PackardBell_EasyNoteTJ65_N-A_LXBDC0X018933B7FAB2200.MRK
 
========== Files Created - No Company Name ==========
 
[2012.07.22 11:47:14 | 000,000,000 | ---- | C] () -- C:\Users\Enrico\defogger_reenable
[2012.07.22 09:50:12 | 000,050,477 | ---- | C] () -- C:\Users\Enrico\Searches\Desktop\Defogger.exe
[2012.07.22 01:10:35 | 000,302,592 | ---- | C] () -- C:\Users\Enrico\Searches\Desktop\gjgeywfd.exe
[2012.07.20 21:57:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012.07.20 21:48:15 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012.07.20 21:40:17 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.20 21:40:16 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.07.20 20:57:02 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.07.20 15:32:42 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012.07.20 15:32:28 | 000,008,172 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2012.07.20 15:14:45 | 000,003,584 | ---- | C] () -- C:\Users\Enrico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.20 15:04:09 | 000,000,000 | ---- | C] () -- C:\Windows\Setup.INI
[2012.07.20 15:03:40 | 000,000,083 | ---- | C] () -- C:\Windows\LManager.UNI
[2012.07.20 15:03:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2012.07.20 15:01:15 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.07.20 09:45:50 | 000,007,573 | -HS- | C] () -- C:\Patch.rev
[2012.07.20 09:36:46 | 000,010,156 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2012.07.20 09:36:46 | 000,001,407 | ---- | C] () -- C:\Windows\System32\nvhda.nvu
[2012.07.20 09:36:32 | 000,004,184 | ---- | C] () -- C:\Windows\System32\drivers\CDConfig.bin
[2012.07.20 09:36:28 | 000,000,193 | ---- | C] () -- C:\Windows\USER.XML
[2012.07.20 00:59:14 | 3215,814,656 | -HS- | C] () -- C:\hiberfil.sys
[2012.07.20 00:08:06 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012.07.20 00:08:00 | 000,000,951 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.07.20 00:07:58 | 000,000,946 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.07.20 00:07:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\PackardBell_EasyNoteTJ65_N-A_LXBDC0X018933B7FAB2200.MRK
[2012.07.20 00:07:49 | 000,000,917 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012.07.20 00:07:46 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.07.20 00:04:42 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== LOP Check ==========
 
[2012.07.21 11:08:32 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\ESET
[2012.07.20 15:33:42 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Packard Bell
[2012.07.22 10:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.07.21 10:50:36 | 000,014,672 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Code:
OTL Extras logfile created on: 22.07.2012 11:49:33 - Run 1
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Users\Enrico\Searches\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 41,22% Memory free
6,18 Gb Paging File | 4,73 Gb Available in Paging File | 76,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 400,58 Gb Free Space | 87,85% Space Free | Partition Type: NTFS
 
Computer Name: ENRICO-PC | User Name: Enrico | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4142781368-3790083805-2454621229-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5D85FB4E-21C2-4DE7-A519-44E685FB918D}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
"{8A7B7522-D73F-47C9-8CEB-7557F23DB616}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{954F1335-4CDE-41E9-8B87-1445D6F36FC0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12A1B519-5934-4508-ADBD-335347B0DC87}" = Video Web Camera
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell PowerSave Solution
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C1BF3AC-B19D-4C26-B0A0-90833A521031}" = Nero 8 Essentials
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{C90B0A63-978E-406C-A2E0-CFACE9C13B87}" = ESET Smart Security
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"CNXT_AUDIO_HDA" = Conexant HD Audio
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"Infocenter" = Infocenter
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Packard Bell Customer Registration" = Packard Bell Customer Registration
"PackardBell Screensaver" = PackardBell ScreenSaver
"SetupMyPC" = SetupMyPC
"StarCraft II" = StarCraft II
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Updator" = Updator
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21.07.2012 16:52:27 | Computer Name = Enrico-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 21.07.2012 18:10:07 | Computer Name = Enrico-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.07.2012 18:10:07 | Computer Name = Enrico-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.07.2012 18:10:07 | Computer Name = Enrico-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.07.2012 18:10:07 | Computer Name = Enrico-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.07.2012 18:10:07 | Computer Name = Enrico-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.07.2012 18:10:07 | Computer Name = Enrico-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.07.2012 18:10:07 | Computer Name = Enrico-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.07.2012 18:10:07 | Computer Name = Enrico-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.07.2012 19:20:30 | Computer Name = Enrico-PC | Source = Perflib | ID = 1010
Description =
 
[ System Events ]
Error - 20.07.2012 09:27:40 | Computer Name = Enrico-PC | Source = DCOM | ID = 10005
Description =
 
Error - 20.07.2012 09:27:40 | Computer Name = Enrico-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 20.07.2012 09:27:40 | Computer Name = Enrico-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 20.07.2012 14:20:54 | Computer Name = Enrico-PC | Source = HTTP | ID = 15016
Description =
 
Error - 20.07.2012 14:21:35 | Computer Name = Enrico-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 20.07.2012 14:46:51 | Computer Name = Enrico-PC | Source = HTTP | ID = 15016
Description =
 
Error - 20.07.2012 14:47:09 | Computer Name = Enrico-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 20.07.2012 14:55:53 | Computer Name = Enrico-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.123.152 für die Netzwerkkarte mit der Netzwerkadresse
 001E657ED0B0 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 20.07.2012 15:24:54 | Computer Name = Enrico-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.248 für die Netzwerkkarte mit der Netzwerkadresse
 001E657ED0B0 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 20.07.2012 15:34:31 | Computer Name = Enrico-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.248 für die Netzwerkkarte mit der Netzwerkadresse
 001E657ED0B0 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
 eine DHCPNACK-Meldung gesendet).
 
 
< End of report >


Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-22 12:38:37
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1  rev.
Running: gjgeywfd.exe; Driver: C:\Users\Enrico\AppData\Local\Temp\pxdiypod.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET)                                                                                ZwCreateThread [0xA061E7F0]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET)                                                                                ZwLoadDriver [0xA061E8B0]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET)                                                                                ZwSetSystemInformation [0xA061E870]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET)                                                                                ZwSystemDebugControl [0xA061E830]

---- Kernel code sections - GMER 1.0.15 ----

.text          ntkrnlpa.exe!KeSetTimerEx + 454                                                                                                                  820F8A78 4 Bytes  [F0, E7, 61, A0]
.text          ntkrnlpa.exe!KeSetTimerEx + 5B0                                                                                                                  820F8BD4 4 Bytes  CALL D6182C3A
.text          ntkrnlpa.exe!KeSetTimerEx + 810                                                                                                                  820F8E34 4 Bytes  [70, E8, 61, A0]
.text          ntkrnlpa.exe!KeSetTimerEx + 84C                                                                                                                  820F8E70 4 Bytes  CALL D81C2ED6
?              C:\Users\Enrico\AppData\Local\Temp\mbr.sys                                                                                                      Das System kann die angegebene Datei nicht finden. !

---- User code sections - GMER 1.0.15 ----

.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!DialogBoxIndirectParamW                                                        7655BD25 5 Bytes  JMP 6F170F0D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!DialogBoxParamW                                                                76571FD5 5 Bytes  JMP 6F170E97 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!DialogBoxParamA                                                                765980B2 5 Bytes  JMP 6F170ED2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!DialogBoxIndirectParamA                                                        765983DD 5 Bytes  JMP 6F170F48 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!MessageBoxIndirectA                                                            765AD471 5 Bytes  JMP 6F170E53 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!MessageBoxIndirectW                                                            765AD56B 5 Bytes  JMP 6F170E0F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!MessageBoxExA                                                                  765AD5D1 1 Byte  [E9]
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!MessageBoxExA                                                                  765AD5D1 5 Bytes  JMP 6F170DD5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] USER32.dll!MessageBoxExW                                                                  765AD5F5 5 Bytes  JMP 6F170D9B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[2988] ole32.dll!OleLoadFromStream                                                                77B29794 5 Bytes  JMP 6F171123 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text          C:\Program Files\ESET\ESET Smart Security\ekrn.exe[3440] kernel32.dll!SetUnhandledExceptionFilter                                                77E86E2D 4 Bytes  [C2, 04, 00, 00]

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                                          Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                                          Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

Device          \Driver\disk \Device\Harddisk0\DR0                                                                                                              88D0EA0A

AttachedDevice  \FileSystem\fastfat \Fat                                                                                                                        fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Processes - GMER 1.0.15 ----

Process        C:\Program Files\Internet Explorer\iexplore.exe (*** hidden *** )                                                                                2988                                                                                                     

---- Disk sectors - GMER 1.0.15 ----

Disk            \Device\Harddisk0\DR0                                                                                                                            Whistler@MBR code has been found                                                                          <-- ROOTKIT !!!
Disk            \Device\Harddisk0\DR0                                                                                                                            sector 00: rootkit-like behavior

---- Files - GMER 1.0.15 ----

File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7F6UDWUI\httpErrorPagesScripts[1]  0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9H7N25U5\info_48[2]                0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9H7N25U5\background_gradient[2]    0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NL0BW065\bullet[2]                0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NL0BW065\info_48[3]                0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPGVXYLA\info_48[2]                0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPGVXYLA\background_gradient[2]    0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPGVXYLA\errorPageStrings[1]      0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPGVXYLA\ErrorPageTemplate[3]      0 bytes

---- EOF - GMER 1.0.15 ----

Vielen Dank im voraus für eure Hilfe

cosinus 25.07.2012 13:34
Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Torch 27.07.2012 18:38
Habe die Suchläufe gemacht und hat nichts gefunden.

Hier die Logfiles:

Code:
nmMalwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.27.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Enrico :: ENRICO-PC [limitiert]

Schutz: Aktiviert

27.07.2012 13:41:17
mbam-log-2012-07-27 (13-41-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 356582
Laufzeit: 2 Stunde(n), 6 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=1
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=20cde3f9c6055845b10f926a794797b5
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-27 03:35:35
# local_time=2012-07-27 05:35:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776573 100 100 7911 180935848 0 0
# compatibility_mode=8206 39157117 100 88 4 12279112 0 0
# scanned=1876
# found=0
# cleaned=0
# scan_time=215
# nod_component=V3 Build:0x30000000
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=20cde3f9c6055845b10f926a794797b5
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-27 05:03:39
# local_time=2012-07-27 07:03:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776573 100 100 8873 180936810 0 0
# compatibility_mode=8206 39157181 100 88 966 12280074 0 0
# scanned=195707
# found=0
# cleaned=0
# scan_time=4536
# nod_component=V3 Build:0x30000000
Aber dennoch meldet mein ESET Smart Security immer folgendes:

"27.07.2012 19:34:49 Prüfung der Systemstartdateien Arbeitsspeicher Arbeitsspeicher Win32/Mebroot Trojaner Fehler beim Säubern Enrico-PC\Enrico"

bzw. Säubern nicht möglich

Mit freundlichen Grüßen, Enrico

cosinus 27.07.2012 22:00
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Torch 30.07.2012 17:48
Code:
# AdwCleaner v1.703 - Logfile created 07/30/2012 at 18:47:31
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Enrico - ENRICO-PC
# Running from : C:\Users\Enrico\Searches\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****

Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\Enrico\AppData\Roaming\Mozilla\Firefox\Profiles\lh47lsh7.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1186 octets] - [30/07/2012 18:41:54]
AdwCleaner[R2].txt - [1246 octets] - [30/07/2012 18:42:33]
AdwCleaner[R3].txt - [1306 octets] - [30/07/2012 18:43:51]
AdwCleaner[R4].txt - [1237 octets] - [30/07/2012 18:47:31]

########## EOF - C:\AdwCleaner[R4].txt - [1365 octets] ##########

cosinus 30.07.2012 20:31
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Torch 31.07.2012 16:23
Hier ist die Logdatei:

Code:
# AdwCleaner v1.703 - Logfile created 07/31/2012 at 17:05:38
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Enrico - ENRICO-PC
# Running from : C:\Users\Enrico\Searches\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****

Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\Enrico\AppData\Roaming\Mozilla\Firefox\Profiles\lh47lsh7.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1186 octets] - [30/07/2012 18:41:54]
AdwCleaner[R2].txt - [1246 octets] - [30/07/2012 18:42:33]
AdwCleaner[R3].txt - [1306 octets] - [30/07/2012 18:43:51]
AdwCleaner[R4].txt - [1366 octets] - [30/07/2012 18:47:31]
AdwCleaner[S1].txt - [1303 octets] - [31/07/2012 17:05:38]

########## EOF - C:\AdwCleaner[S1].txt - [1431 octets] ##########

cosinus 31.07.2012 20:18
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Torch 01.08.2012 15:26
Hallo,

also der normale Modus funktioniert soweit ich es weiß uneingeschränkt. Bin aber immer als Administrator angemeldet.
Außerdem fällt mir auch nichts ungewöhnliches im Startmenü auf. Alle Ordner unter "alle Programme" beinhalten etwas bis auf der Ordner Startmenü, aber ich glaube das hatte ich extra rausgenommen.

Soweit fehlt dem PC nichts weiter, also aus meiner Sicht könnte es sich auch um eine Fehlmeldung von ESET handeln.

Liebe Grüße

cosinus 02.08.2012 12:13
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Torch 02.08.2012 17:33
Hallo
habe hier das Logfile

Code:
OTL logfile created on: 02.08.2012 17:21:10 - Run 2
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\Enrico\Searches\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,49% Memory free
6,18 Gb Paging File | 5,23 Gb Available in Paging File | 84,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 323,78 Gb Free Space | 71,01% Space Free | Partition Type: NTFS
 
Computer Name: ENRICO-PC | User Name: Enrico | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.02 16:21:15 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Programme\ESET\ESET Smart Security\ekrn.exe
PRC - [2012.03.07 15:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Programme\ESET\ESET Smart Security\egui.exe
PRC - [2009.06.23 17:19:14 | 000,711,200 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
PRC - [2009.06.23 17:19:14 | 000,707,104 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
PRC - [2009.06.23 17:19:12 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe
PRC - [2009.05.26 15:26:20 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.02.19 05:42:50 | 000,866,824 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2008.11.06 05:53:58 | 000,474,168 | ---- | M] (Conexant Systems, Inc.) -- C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2008.10.17 10:44:58 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.09.11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2003.06.07 23:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Programme\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.06.23 17:19:14 | 000,707,104 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.05.26 15:26:20 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.03.25 19:52:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.08.24 04:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.03.14 08:40:04 | 000,148,504 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2012.03.14 08:40:02 | 000,169,080 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2012.03.14 08:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.03.14 08:40:02 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2012.03.14 08:40:02 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2009.06.22 15:50:00 | 009,753,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.05.01 07:43:34 | 000,064,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.03.17 20:28:50 | 000,452,096 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.12.29 19:51:14 | 003,715,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.09.04 06:12:56 | 000,223,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\..\SearchScopes,DefaultScope = {9F9E3EC7-2CD1-4716-85EB-968F1A9012CF}
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\..\SearchScopes\{9F9E3EC7-2CD1-4716-85EB-968F1A9012CF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_de
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 21:40:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.07.21 10:57:33 | 000,000,000 | ---D | M]
 
[2012.07.20 22:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Enrico\AppData\Roaming\mozilla\Extensions
[2012.07.21 10:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.123.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A28009ED-7356-40C6-945C-EA4D1F47490C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C949700C-0D8F-4F09-9BBD-A040D353F97D}: DhcpNameServer = 192.168.123.100
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.02 16:21:05 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
[2012.08.02 16:16:48 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2012.08.01 17:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.08.01 16:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.07.27 20:20:05 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Favorites
[2012.07.26 23:16:29 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Malwarebytes
[2012.07.26 23:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.23 21:21:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012.07.23 21:21:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012.07.23 21:21:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012.07.22 23:19:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.07.22 22:55:56 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Microsoft Games
[2012.07.22 22:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2012.07.22 22:41:43 | 000,000,000 | ---D | C] -- C:\Users\Enrico\Logfiles
[2012.07.22 22:40:35 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Nero
[2012.07.22 22:34:51 | 000,000,000 | R--D | C] -- C:\Users\Enrico\My Stuff
[2012.07.21 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\ESET
[2012.07.21 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\ESET
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.07.20 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Mozilla
[2012.07.20 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Mozilla
[2012.07.20 22:14:05 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.07.20 21:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.07.20 21:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.07.20 21:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Users\Enrico\Documents\StarCraft II
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012.07.20 16:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.07.20 16:13:00 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Documents\Notes
[2012.07.20 15:57:34 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Adobe
[2012.07.20 15:33:42 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Packard Bell
[2012.07.20 15:32:39 | 000,588,472 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezsvc7x.dll
[2012.07.20 15:32:39 | 000,129,992 | ---- | C] (EasyBits Sofware AS) -- C:\Windows\System32\ezsvc7.dll
[2012.07.20 15:32:26 | 001,381,376 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vcl70.bpl
[2012.07.20 15:32:26 | 000,778,240 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\rtl70.bpl
[2012.07.20 15:32:26 | 000,268,288 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezSetup.exe
[2012.07.20 15:32:26 | 000,215,040 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vclx70.bpl
[2012.07.20 15:32:26 | 000,111,104 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezShellStart.exe
[2012.07.20 15:32:26 | 000,097,792 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vcljpg70.bpl
[2012.07.20 15:32:26 | 000,091,136 | ---- | C] (EasyBits Software Corp.) -- C:\Windows\System32\ezUninst.exe
[2012.07.20 15:32:26 | 000,064,512 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vclsmp70.bpl
[2012.07.20 15:32:26 | 000,049,152 | ---- | C] (EasyBits Software Corp.) -- C:\Windows\System32\ezUPBHook.dll
[2012.07.20 15:32:26 | 000,015,872 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezMAPIHelper.exe
[2012.07.20 15:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell
[2012.07.20 15:13:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Acer ePower Management V4
[2012.07.20 15:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2012.07.20 15:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2012.07.20 15:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012.07.20 15:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Internet
[2012.07.20 15:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell MyBackup
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Xp_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\w2k_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_ia64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_amd64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_x86
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_ia64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_amd64
[2012.07.20 15:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\Launch Manager
[2012.07.20 15:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012.07.20 15:01:29 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Macromedia
[2012.07.20 15:01:24 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Adobe
[2012.07.20 15:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Video Web Camera
[2012.07.20 15:00:49 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Google
[2012.07.20 14:59:25 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\InstallShield
[2012.07.20 14:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.07.20 14:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2012.07.20 14:59:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2012.07.20 14:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012.07.20 09:45:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\oem
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-TW
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-HK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-CN
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\uk-UA
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\tr-TR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\th-TH
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sv-SE
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sr-Latn-CS
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sl-SI
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sk-SK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ro-RO
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-PT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pl-PL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nb-NO
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lv-LV
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lt-LT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ko-KR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ja-JP
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hu-HU
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hr-HR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\he-IL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fi-FI
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\et-EE
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\en-US
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\el-GR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\bg-BG
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA
[2012.07.20 09:37:28 | 000,207,368 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINST32.EXE
[2012.07.20 09:36:28 | 000,273,408 | ---- | C] (Wistron Corp.) -- C:\Windows\PLAUNCH.EXE
[2012.07.20 09:36:28 | 000,020,480 | ---- | C] (Wistron Corp.) -- C:\Windows\PATCHFUL.EXE
[2012.07.20 09:36:28 | 000,000,000 | ---D | C] -- C:\Windows\Lan
[2012.07.20 01:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.07.20 00:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012.07.20 00:51:55 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.07.20 00:50:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.07.20 00:08:09 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Google
[2012.07.20 00:07:58 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Searches
[2012.07.20 00:07:58 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.07.20 00:07:51 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Identities
[2012.07.20 00:07:49 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Contacts
[2012.07.20 00:06:52 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Packard Bell
[2012.07.20 00:06:19 | 000,000,000 | ---D | C] -- C:\Windows\oem
[2012.07.20 00:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012.07.20 00:04:41 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\VirtualStore
[2012.07.20 00:04:37 | 000,000,000 | --SD | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Videos
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Pictures
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Music
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Downloads
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Documents
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Vorlagen
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Verlauf
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Temporary Internet Files
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Startmenü
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\SendTo
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Recent
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Netzwerkumgebung
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Lokale Einstellungen
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Videos
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Musik
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Eigene Dateien
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Bilder
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Druckumgebung
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Cookies
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Anwendungsdaten
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Anwendungsdaten
[2012.07.20 00:04:37 | 000,000,000 | -H-D | C] -- C:\Users\Enrico\AppData
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Temp
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Microsoft
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Media Center Programs
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.02 17:09:05 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.08.02 17:09:05 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.08.02 17:09:04 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.08.02 17:09:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.02 16:23:13 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.02 16:23:13 | 000,583,486 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.02 16:23:13 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.02 16:23:13 | 000,097,558 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.02 16:21:15 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
[2012.08.02 16:16:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 16:16:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 16:16:17 | 3215,814,656 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.01 17:16:53 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.08.01 16:28:47 | 000,239,946 | ---- | M] () -- C:\Users\Enrico\Documents\I follow River-Trigerfinger.xps
[2012.07.30 18:40:19 | 000,632,049 | ---- | M] () -- C:\Users\Enrico\Searches\Desktop\adwcleaner.exe
[2012.07.28 10:09:22 | 000,588,472 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezsvc7x.dll
[2012.07.27 20:18:26 | 000,300,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.27 19:57:42 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.07.27 19:57:42 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.07.27 19:57:19 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.07.22 22:46:54 | 000,005,632 | ---- | M] () -- C:\Users\Enrico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.22 22:46:54 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.07.20 21:57:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012.07.20 21:40:17 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.20 15:32:42 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2012.07.20 15:32:41 | 000,008,172 | ---- | M] () -- C:\Windows\System32\ezdigsgn.dat
[2012.07.20 15:32:26 | 001,381,376 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vcl70.bpl
[2012.07.20 15:32:26 | 000,778,240 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\rtl70.bpl
[2012.07.20 15:32:26 | 000,268,288 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezSetup.exe
[2012.07.20 15:32:26 | 000,215,040 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vclx70.bpl
[2012.07.20 15:32:26 | 000,111,104 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezShellStart.exe
[2012.07.20 15:32:26 | 000,097,792 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vcljpg70.bpl
[2012.07.20 15:32:26 | 000,091,136 | ---- | M] (EasyBits Software Corp.) -- C:\Windows\System32\ezUninst.exe
[2012.07.20 15:32:26 | 000,064,512 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vclsmp70.bpl
[2012.07.20 15:32:26 | 000,049,152 | ---- | M] (EasyBits Software Corp.) -- C:\Windows\System32\ezUPBHook.dll
[2012.07.20 15:32:26 | 000,015,872 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezMAPIHelper.exe
[2012.07.20 15:18:56 | 000,000,193 | ---- | M] () -- C:\Windows\USER.XML
[2012.07.20 15:17:53 | 000,000,016 | ---- | M] () -- C:\Windows\SetLang.bat
[2012.07.20 15:14:48 | 000,000,206 | ---- | M] () -- C:\Windows\Factory.xml
[2012.07.20 15:03:40 | 000,000,083 | ---- | M] () -- C:\Windows\LManager.UNI
[2012.07.20 15:03:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2012.07.20 09:45:50 | 000,000,181 | RHS- | M] () -- C:\Preload.rev
[2012.07.20 01:01:11 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012.07.20 00:07:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\PackardBell_EasyNoteTJ65_N-A_LXBDC0X018933B7FAB2200.MRK
 
========== Files Created - No Company Name ==========
 
[2012.08.01 16:28:45 | 000,239,946 | ---- | C] () -- C:\Users\Enrico\Documents\I follow River-Trigerfinger.xps
[2012.07.30 18:40:07 | 000,632,049 | ---- | C] () -- C:\Users\Enrico\Searches\Desktop\adwcleaner.exe
[2012.07.27 19:57:19 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.07.22 23:17:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.07.22 23:17:41 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012.07.22 23:17:39 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.07.22 23:17:39 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012.07.22 23:17:36 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012.07.22 23:17:34 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012.07.22 23:17:33 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012.07.22 23:17:19 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.07.22 23:17:18 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012.07.22 23:17:18 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012.07.20 21:57:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012.07.20 21:48:15 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012.07.20 21:40:17 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.20 21:40:16 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.07.20 20:57:02 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.07.20 15:32:42 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012.07.20 15:32:28 | 000,008,172 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2012.07.20 15:14:45 | 000,005,632 | ---- | C] () -- C:\Users\Enrico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.20 15:03:40 | 000,000,083 | ---- | C] () -- C:\Windows\LManager.UNI
[2012.07.20 15:03:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2012.07.20 15:01:15 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.07.20 09:45:50 | 000,007,573 | -HS- | C] () -- C:\Patch.rev
[2012.07.20 09:36:46 | 000,010,156 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2012.07.20 09:36:46 | 000,001,407 | ---- | C] () -- C:\Windows\System32\nvhda.nvu
[2012.07.20 09:36:32 | 000,004,184 | ---- | C] () -- C:\Windows\System32\drivers\CDConfig.bin
[2012.07.20 09:36:28 | 000,000,193 | ---- | C] () -- C:\Windows\USER.XML
[2012.07.20 00:59:14 | 3215,814,656 | -HS- | C] () -- C:\hiberfil.sys
[2012.07.20 00:08:06 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012.07.20 00:08:00 | 000,000,951 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.07.20 00:07:58 | 000,000,946 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.07.20 00:07:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\PackardBell_EasyNoteTJ65_N-A_LXBDC0X018933B7FAB2200.MRK
[2012.07.20 00:07:49 | 000,000,917 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012.07.20 00:07:46 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.07.20 00:04:42 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== LOP Check ==========
 
[2012.07.21 11:08:32 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\ESET
[2012.07.20 15:33:42 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Packard Bell
[2012.08.02 17:09:04 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.08.01 18:14:40 | 000,023,390 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.07.27 20:13:23 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Adobe
[2012.07.21 11:08:32 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\ESET
[2012.07.20 15:02:56 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Google
[2012.07.20 00:07:51 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Identities
[2012.07.20 14:59:25 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\InstallShield
[2012.07.20 15:01:29 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Macromedia
[2012.07.26 23:16:29 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Media Center Programs
[2012.07.31 20:52:26 | 000,000,000 | --SD | M] -- C:\Users\Enrico\AppData\Roaming\Microsoft
[2012.07.20 22:25:36 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Mozilla
[2012.07.22 22:40:35 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Nero
[2012.07.20 15:33:42 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Packard Bell
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2009.02.12 18:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Acer\Preload\Autorun\DRV\AHCI\X64\IaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Acer\Preload\Autorun\DRV\AHCI\X86\IaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_c491546e\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.04.11 08:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dhcpcsvc6.dll
[2008.01.21 04:24:47 | 000,014,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\winnsi.dll

< End of report >
Danke nochmal für die Hilfe

Hallo,
ich habe das Logfile eigentlich schon mal reingestellt, aber es erscheint irgendwie nicht.
Code:
OTL logfile created on: 02.08.2012 17:21:10 - Run 2
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\Enrico\Searches\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,49% Memory free
6,18 Gb Paging File | 5,23 Gb Available in Paging File | 84,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 323,78 Gb Free Space | 71,01% Space Free | Partition Type: NTFS
 
Computer Name: ENRICO-PC | User Name: Enrico | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.02 16:21:15 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Programme\ESET\ESET Smart Security\ekrn.exe
PRC - [2012.03.07 15:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Programme\ESET\ESET Smart Security\egui.exe
PRC - [2009.06.23 17:19:14 | 000,711,200 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
PRC - [2009.06.23 17:19:14 | 000,707,104 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
PRC - [2009.06.23 17:19:12 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe
PRC - [2009.05.26 15:26:20 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.02.19 05:42:50 | 000,866,824 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2008.11.06 05:53:58 | 000,474,168 | ---- | M] (Conexant Systems, Inc.) -- C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2008.10.17 10:44:58 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.09.11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2003.06.07 23:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Programme\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.06.23 17:19:14 | 000,707,104 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.05.26 15:26:20 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.03.25 19:52:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.08.24 04:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.03.14 08:40:04 | 000,148,504 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2012.03.14 08:40:02 | 000,169,080 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2012.03.14 08:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.03.14 08:40:02 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2012.03.14 08:40:02 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2009.06.22 15:50:00 | 009,753,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.05.01 07:43:34 | 000,064,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.03.17 20:28:50 | 000,452,096 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.12.29 19:51:14 | 003,715,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.09.04 06:12:56 | 000,223,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0712&m=easynote_tj65
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\..\SearchScopes,DefaultScope = {9F9E3EC7-2CD1-4716-85EB-968F1A9012CF}
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\..\SearchScopes\{9F9E3EC7-2CD1-4716-85EB-968F1A9012CF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_de
IE - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 21:40:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.07.21 10:57:33 | 000,000,000 | ---D | M]
 
[2012.07.20 22:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Enrico\AppData\Roaming\mozilla\Extensions
[2012.07.21 10:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4142781368-3790083805-2454621229-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.123.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A28009ED-7356-40C6-945C-EA4D1F47490C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C949700C-0D8F-4F09-9BBD-A040D353F97D}: DhcpNameServer = 192.168.123.100
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.02 16:21:05 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
[2012.08.02 16:16:48 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2012.08.01 17:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.08.01 16:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.07.27 20:20:05 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Favorites
[2012.07.26 23:16:29 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Malwarebytes
[2012.07.26 23:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.23 21:21:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012.07.23 21:21:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012.07.23 21:21:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012.07.22 23:19:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.07.22 22:55:56 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Microsoft Games
[2012.07.22 22:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2012.07.22 22:41:43 | 000,000,000 | ---D | C] -- C:\Users\Enrico\Logfiles
[2012.07.22 22:40:35 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Nero
[2012.07.22 22:34:51 | 000,000,000 | R--D | C] -- C:\Users\Enrico\My Stuff
[2012.07.21 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\ESET
[2012.07.21 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\ESET
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.07.21 10:57:19 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.07.20 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Mozilla
[2012.07.20 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Mozilla
[2012.07.20 22:14:05 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.07.20 21:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.07.20 21:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.07.20 21:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Users\Enrico\Documents\StarCraft II
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.07.20 20:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012.07.20 16:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.07.20 16:13:00 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Documents\Notes
[2012.07.20 15:57:34 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Adobe
[2012.07.20 15:33:42 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Packard Bell
[2012.07.20 15:32:39 | 000,588,472 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezsvc7x.dll
[2012.07.20 15:32:39 | 000,129,992 | ---- | C] (EasyBits Sofware AS) -- C:\Windows\System32\ezsvc7.dll
[2012.07.20 15:32:26 | 001,381,376 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vcl70.bpl
[2012.07.20 15:32:26 | 000,778,240 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\rtl70.bpl
[2012.07.20 15:32:26 | 000,268,288 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezSetup.exe
[2012.07.20 15:32:26 | 000,215,040 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vclx70.bpl
[2012.07.20 15:32:26 | 000,111,104 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezShellStart.exe
[2012.07.20 15:32:26 | 000,097,792 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vcljpg70.bpl
[2012.07.20 15:32:26 | 000,091,136 | ---- | C] (EasyBits Software Corp.) -- C:\Windows\System32\ezUninst.exe
[2012.07.20 15:32:26 | 000,064,512 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\vclsmp70.bpl
[2012.07.20 15:32:26 | 000,049,152 | ---- | C] (EasyBits Software Corp.) -- C:\Windows\System32\ezUPBHook.dll
[2012.07.20 15:32:26 | 000,015,872 | ---- | C] (EasyBits Software AS) -- C:\Windows\System32\ezMAPIHelper.exe
[2012.07.20 15:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell
[2012.07.20 15:13:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Acer ePower Management V4
[2012.07.20 15:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2012.07.20 15:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2012.07.20 15:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012.07.20 15:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Internet
[2012.07.20 15:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell MyBackup
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Xp_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\w2k_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_x86
[2012.07.20 15:10:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_ia64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\Vista_amd64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_x86
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_ia64
[2012.07.20 15:10:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nti\2003_amd64
[2012.07.20 15:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\Launch Manager
[2012.07.20 15:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012.07.20 15:01:29 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Macromedia
[2012.07.20 15:01:24 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Adobe
[2012.07.20 15:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Video Web Camera
[2012.07.20 15:00:49 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Google
[2012.07.20 14:59:25 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\InstallShield
[2012.07.20 14:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.07.20 14:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2012.07.20 14:59:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2012.07.20 14:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012.07.20 09:45:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\oem
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-TW
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-HK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-CN
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\uk-UA
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\tr-TR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\th-TH
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sv-SE
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sr-Latn-CS
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sl-SI
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sk-SK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ro-RO
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-PT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pl-PL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nb-NO
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lv-LV
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lt-LT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ko-KR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ja-JP
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hu-HU
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hr-HR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\he-IL
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fi-FI
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\et-EE
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\en-US
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\el-GR
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\bg-BG
[2012.07.20 09:43:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA
[2012.07.20 09:37:28 | 000,207,368 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINST32.EXE
[2012.07.20 09:36:28 | 000,273,408 | ---- | C] (Wistron Corp.) -- C:\Windows\PLAUNCH.EXE
[2012.07.20 09:36:28 | 000,020,480 | ---- | C] (Wistron Corp.) -- C:\Windows\PATCHFUL.EXE
[2012.07.20 09:36:28 | 000,000,000 | ---D | C] -- C:\Windows\Lan
[2012.07.20 01:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.07.20 00:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012.07.20 00:51:55 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.07.20 00:50:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.07.20 00:08:09 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Google
[2012.07.20 00:07:58 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Searches
[2012.07.20 00:07:58 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.07.20 00:07:51 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Identities
[2012.07.20 00:07:49 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Contacts
[2012.07.20 00:06:52 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Packard Bell
[2012.07.20 00:06:19 | 000,000,000 | ---D | C] -- C:\Windows\oem
[2012.07.20 00:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012.07.20 00:04:41 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\VirtualStore
[2012.07.20 00:04:37 | 000,000,000 | --SD | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Videos
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Pictures
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Music
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Downloads
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\Documents
[2012.07.20 00:04:37 | 000,000,000 | R--D | C] -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Vorlagen
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Verlauf
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Temporary Internet Files
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Startmenü
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\SendTo
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Recent
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Netzwerkumgebung
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Lokale Einstellungen
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Videos
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Musik
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Eigene Dateien
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Documents\Eigene Bilder
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Druckumgebung
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Cookies
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\AppData\Local\Anwendungsdaten
[2012.07.20 00:04:37 | 000,000,000 | -HSD | C] -- C:\Users\Enrico\Anwendungsdaten
[2012.07.20 00:04:37 | 000,000,000 | -H-D | C] -- C:\Users\Enrico\AppData
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Temp
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Local\Microsoft
[2012.07.20 00:04:37 | 000,000,000 | ---D | C] -- C:\Users\Enrico\AppData\Roaming\Media Center Programs
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012.07.20 00:04:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.02 17:09:05 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.08.02 17:09:05 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.08.02 17:09:04 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.08.02 17:09:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.02 16:23:13 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.02 16:23:13 | 000,583,486 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.02 16:23:13 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.02 16:23:13 | 000,097,558 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.02 16:21:15 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Enrico\Searches\Desktop\OTL.exe
[2012.08.02 16:16:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 16:16:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 16:16:17 | 3215,814,656 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.01 17:16:53 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.08.01 16:28:47 | 000,239,946 | ---- | M] () -- C:\Users\Enrico\Documents\I follow River-Trigerfinger.xps
[2012.07.30 18:40:19 | 000,632,049 | ---- | M] () -- C:\Users\Enrico\Searches\Desktop\adwcleaner.exe
[2012.07.28 10:09:22 | 000,588,472 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezsvc7x.dll
[2012.07.27 20:18:26 | 000,300,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.27 19:57:42 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.07.27 19:57:42 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.07.27 19:57:19 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.07.22 22:46:54 | 000,005,632 | ---- | M] () -- C:\Users\Enrico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.22 22:46:54 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.07.20 21:57:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012.07.20 21:40:17 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.20 15:32:42 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2012.07.20 15:32:41 | 000,008,172 | ---- | M] () -- C:\Windows\System32\ezdigsgn.dat
[2012.07.20 15:32:26 | 001,381,376 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vcl70.bpl
[2012.07.20 15:32:26 | 000,778,240 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\rtl70.bpl
[2012.07.20 15:32:26 | 000,268,288 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezSetup.exe
[2012.07.20 15:32:26 | 000,215,040 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vclx70.bpl
[2012.07.20 15:32:26 | 000,111,104 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezShellStart.exe
[2012.07.20 15:32:26 | 000,097,792 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vcljpg70.bpl
[2012.07.20 15:32:26 | 000,091,136 | ---- | M] (EasyBits Software Corp.) -- C:\Windows\System32\ezUninst.exe
[2012.07.20 15:32:26 | 000,064,512 | ---- | M] (Borland Software Corporation) -- C:\Windows\System32\vclsmp70.bpl
[2012.07.20 15:32:26 | 000,049,152 | ---- | M] (EasyBits Software Corp.) -- C:\Windows\System32\ezUPBHook.dll
[2012.07.20 15:32:26 | 000,015,872 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezMAPIHelper.exe
[2012.07.20 15:18:56 | 000,000,193 | ---- | M] () -- C:\Windows\USER.XML
[2012.07.20 15:17:53 | 000,000,016 | ---- | M] () -- C:\Windows\SetLang.bat
[2012.07.20 15:14:48 | 000,000,206 | ---- | M] () -- C:\Windows\Factory.xml
[2012.07.20 15:03:40 | 000,000,083 | ---- | M] () -- C:\Windows\LManager.UNI
[2012.07.20 15:03:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2012.07.20 09:45:50 | 000,000,181 | RHS- | M] () -- C:\Preload.rev
[2012.07.20 01:01:11 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012.07.20 00:07:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\PackardBell_EasyNoteTJ65_N-A_LXBDC0X018933B7FAB2200.MRK
 
========== Files Created - No Company Name ==========
 
[2012.08.01 16:28:45 | 000,239,946 | ---- | C] () -- C:\Users\Enrico\Documents\I follow River-Trigerfinger.xps
[2012.07.30 18:40:07 | 000,632,049 | ---- | C] () -- C:\Users\Enrico\Searches\Desktop\adwcleaner.exe
[2012.07.27 19:57:19 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.07.22 23:17:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.07.22 23:17:41 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012.07.22 23:17:39 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.07.22 23:17:39 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012.07.22 23:17:36 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012.07.22 23:17:34 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012.07.22 23:17:33 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012.07.22 23:17:19 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.07.22 23:17:18 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012.07.22 23:17:18 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012.07.20 21:57:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012.07.20 21:48:15 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012.07.20 21:40:17 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.20 21:40:16 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.07.20 20:57:02 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.07.20 15:32:42 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012.07.20 15:32:28 | 000,008,172 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2012.07.20 15:14:45 | 000,005,632 | ---- | C] () -- C:\Users\Enrico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.20 15:03:40 | 000,000,083 | ---- | C] () -- C:\Windows\LManager.UNI
[2012.07.20 15:03:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2012.07.20 15:01:15 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.07.20 09:45:50 | 000,007,573 | -HS- | C] () -- C:\Patch.rev
[2012.07.20 09:36:46 | 000,010,156 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2012.07.20 09:36:46 | 000,001,407 | ---- | C] () -- C:\Windows\System32\nvhda.nvu
[2012.07.20 09:36:32 | 000,004,184 | ---- | C] () -- C:\Windows\System32\drivers\CDConfig.bin
[2012.07.20 09:36:28 | 000,000,193 | ---- | C] () -- C:\Windows\USER.XML
[2012.07.20 00:59:14 | 3215,814,656 | -HS- | C] () -- C:\hiberfil.sys
[2012.07.20 00:08:06 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012.07.20 00:08:00 | 000,000,951 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.07.20 00:07:58 | 000,000,946 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.07.20 00:07:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\PackardBell_EasyNoteTJ65_N-A_LXBDC0X018933B7FAB2200.MRK
[2012.07.20 00:07:49 | 000,000,917 | ---- | C] () -- C:\Users\Enrico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012.07.20 00:07:46 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.07.20 00:04:42 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== LOP Check ==========
 
[2012.07.21 11:08:32 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\ESET
[2012.07.20 15:33:42 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Packard Bell
[2012.08.02 17:09:04 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\Packard Bell Customer Registration Reminder - Enrico.job
[2012.08.01 18:14:40 | 000,023,390 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.07.27 20:13:23 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Adobe
[2012.07.21 11:08:32 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\ESET
[2012.07.20 15:02:56 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Google
[2012.07.20 00:07:51 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Identities
[2012.07.20 14:59:25 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\InstallShield
[2012.07.20 15:01:29 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Macromedia
[2012.07.26 23:16:29 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Media Center Programs
[2012.07.31 20:52:26 | 000,000,000 | --SD | M] -- C:\Users\Enrico\AppData\Roaming\Microsoft
[2012.07.20 22:25:36 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Mozilla
[2012.07.22 22:40:35 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Nero
[2012.07.20 15:33:42 | 000,000,000 | ---D | M] -- C:\Users\Enrico\AppData\Roaming\Packard Bell
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2009.02.12 18:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Acer\Preload\Autorun\DRV\AHCI\X64\IaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Acer\Preload\Autorun\DRV\AHCI\X86\IaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys
[2009.02.12 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_c491546e\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.04.11 08:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dhcpcsvc6.dll
[2008.01.21 04:24:47 | 000,014,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\winnsi.dll

< End of report >

cosinus 03.08.2012 15:43
Ist ziemlich unauffällig

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Torch 05.08.2012 13:41
Hey,
also diesmal hat er zumindestens etwas gefunden. Hier das Log:

Code:
11:29:28.0458 1144        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:29:28.0474 1144        ============================================================
11:29:28.0474 1144        Current date / time: 2012/08/05 11:29:28.0474
11:29:28.0474 1144        SystemInfo:
11:29:28.0474 1144       
11:29:28.0474 1144        OS Version: 6.0.6002 ServicePack: 2.0
11:29:28.0474 1144        Product type: Workstation
11:29:28.0474 1144        ComputerName: ENRICO-PC
11:29:28.0474 1144        UserName: Enrico
11:29:28.0474 1144        Windows directory: C:\Windows
11:29:28.0474 1144        System windows directory: C:\Windows
11:29:28.0474 1144        Processor architecture: Intel x86
11:29:28.0474 1144        Number of processors: 2
11:29:28.0474 1144        Page size: 0x1000
11:29:28.0474 1144        Boot type: Normal boot
11:29:28.0474 1144        ============================================================
11:29:29.0020 1144        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:29:29.0020 1144        ============================================================
11:29:29.0020 1144        \Device\Harddisk0\DR0:
11:29:29.0020 1144        MBR partitions:
11:29:29.0020 1144        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x38FFD000
11:29:29.0020 1144        ============================================================
11:29:29.0051 1144        C: <-> \Device\Harddisk0\DR0\Partition0
11:29:29.0051 1144        ============================================================
11:29:29.0051 1144        Initialize success
11:29:29.0051 1144        ============================================================
11:30:42.0052 4488        ============================================================
11:30:42.0052 4488        Scan started
11:30:42.0052 4488        Mode: Manual; SigCheck; TDLFS;
11:30:42.0052 4488        ============================================================
11:30:43.0799 4488        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:30:43.0893 4488        ACPI - ok
11:30:43.0986 4488        AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
11:30:43.0986 4488        AdobeActiveFileMonitor6.0 - ok
11:30:44.0064 4488        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:30:44.0096 4488        adp94xx - ok
11:30:44.0127 4488        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:30:44.0142 4488        adpahci - ok
11:30:44.0158 4488        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:30:44.0174 4488        adpu160m - ok
11:30:44.0220 4488        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:30:44.0236 4488        adpu320 - ok
11:30:44.0298 4488        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:30:44.0439 4488        AeLookupSvc - ok
11:30:44.0548 4488        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:30:44.0626 4488        AFD - ok
11:30:44.0688 4488        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:30:44.0704 4488        agp440 - ok
11:30:44.0735 4488        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:30:44.0766 4488        aic78xx - ok
11:30:44.0798 4488        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:30:44.0954 4488        ALG - ok
11:30:45.0000 4488        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:30:45.0000 4488        aliide - ok
11:30:45.0063 4488        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:30:45.0078 4488        amdagp - ok
11:30:45.0110 4488        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:30:45.0125 4488        amdide - ok
11:30:45.0188 4488        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:30:45.0219 4488        AmdK7 - ok
11:30:45.0250 4488        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:30:45.0281 4488        AmdK8 - ok
11:30:45.0375 4488        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:30:45.0406 4488        Appinfo - ok
11:30:45.0437 4488        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:30:45.0453 4488        arc - ok
11:30:45.0515 4488        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:30:45.0531 4488        arcsas - ok
11:30:45.0578 4488        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:30:45.0609 4488        AsyncMac - ok
11:30:45.0640 4488        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:30:45.0656 4488        atapi - ok
11:30:45.0718 4488        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:30:45.0749 4488        AudioEndpointBuilder - ok
11:30:45.0749 4488        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:30:45.0765 4488        Audiosrv - ok
11:30:45.0843 4488        b57nd60x        (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
11:30:45.0890 4488        b57nd60x - ok
11:30:45.0936 4488        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:30:45.0983 4488        Beep - ok
11:30:46.0046 4488        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:30:46.0077 4488        BFE - ok
11:30:46.0170 4488        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:30:46.0217 4488        BITS - ok
11:30:46.0233 4488        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:30:46.0264 4488        blbdrive - ok
11:30:46.0295 4488        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:30:46.0326 4488        bowser - ok
11:30:46.0373 4488        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:30:46.0404 4488        BrFiltLo - ok
11:30:46.0420 4488        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:30:46.0436 4488        BrFiltUp - ok
11:30:46.0467 4488        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:30:46.0529 4488        Browser - ok
11:30:46.0638 4488        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:30:47.0309 4488        Brserid - ok
11:30:47.0372 4488        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:30:47.0434 4488        BrSerWdm - ok
11:30:47.0465 4488        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:30:47.0528 4488        BrUsbMdm - ok
11:30:47.0528 4488        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:30:47.0574 4488        BrUsbSer - ok
11:30:47.0621 4488        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:30:47.0684 4488        BTHMODEM - ok
11:30:47.0762 4488        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:30:47.0793 4488        cdfs - ok
11:30:47.0824 4488        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:30:47.0855 4488        cdrom - ok
11:30:47.0918 4488        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:30:47.0964 4488        CertPropSvc - ok
11:30:47.0980 4488        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:30:48.0011 4488        circlass - ok
11:30:48.0058 4488        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:30:48.0089 4488        CLFS - ok
11:30:48.0167 4488        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:30:48.0183 4488        clr_optimization_v2.0.50727_32 - ok
11:30:48.0245 4488        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:30:48.0276 4488        CmBatt - ok
11:30:48.0292 4488        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:30:48.0308 4488        cmdide - ok
11:30:48.0370 4488        CnxtHdAudService (01b80273c019f0f25f27fa2e80a85578) C:\Windows\system32\drivers\CHDRT32.sys
11:30:48.0401 4488        CnxtHdAudService - ok
11:30:48.0432 4488        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:30:48.0448 4488        Compbatt - ok
11:30:48.0448 4488        COMSysApp - ok
11:30:48.0448 4488        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:30:48.0464 4488        crcdisk - ok
11:30:48.0479 4488        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:30:48.0510 4488        Crusoe - ok
11:30:48.0573 4488        CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
11:30:48.0604 4488        CryptSvc - ok
11:30:48.0713 4488        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:30:48.0791 4488        DcomLaunch - ok
11:30:48.0807 4488        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:30:48.0838 4488        DfsC - ok
11:30:48.0994 4488        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:30:49.0103 4488        DFSR - ok
11:30:49.0259 4488        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:30:49.0290 4488        Dhcp - ok
11:30:49.0322 4488        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:30:49.0337 4488        disk - ok
11:30:49.0384 4488        DKbFltr        (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
11:30:49.0400 4488        DKbFltr - ok
11:30:49.0446 4488        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:30:49.0493 4488        Dnscache - ok
11:30:49.0524 4488        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:30:49.0571 4488        dot3svc - ok
11:30:49.0587 4488        Scan interrupted by user!
11:30:49.0587 4488        Scan interrupted by user!
11:30:49.0587 4488        Scan interrupted by user!
11:30:49.0587 4488        ============================================================
11:30:49.0587 4488        Scan finished
11:30:49.0587 4488        ============================================================
11:30:49.0602 0984        Detected object count: 0
11:30:49.0602 0984        Actual detected object count: 0
11:30:53.0112 5988        ============================================================
11:30:53.0112 5988        Scan started
11:30:53.0112 5988        Mode: Manual; SigCheck; TDLFS;
11:30:53.0112 5988        ============================================================
11:30:53.0456 5988        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:30:53.0487 5988        ACPI - ok
11:30:53.0565 5988        AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
11:30:53.0565 5988        AdobeActiveFileMonitor6.0 - ok
11:30:53.0612 5988        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:30:53.0627 5988        adp94xx - ok
11:30:53.0643 5988        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:30:53.0658 5988        adpahci - ok
11:30:53.0690 5988        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:30:53.0690 5988        adpu160m - ok
11:30:53.0721 5988        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:30:53.0736 5988        adpu320 - ok
11:30:53.0768 5988        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:30:53.0783 5988        AeLookupSvc - ok
11:30:53.0814 5988        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:30:53.0830 5988        AFD - ok
11:30:53.0846 5988        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:30:53.0861 5988        agp440 - ok
11:30:53.0892 5988        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:30:53.0908 5988        aic78xx - ok
11:30:53.0939 5988        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:30:53.0955 5988        ALG - ok
11:30:53.0970 5988        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:30:53.0986 5988        aliide - ok
11:30:54.0017 5988        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:30:54.0017 5988        amdagp - ok
11:30:54.0048 5988        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:30:54.0064 5988        amdide - ok
11:30:54.0095 5988        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:30:54.0111 5988        AmdK7 - ok
11:30:54.0126 5988        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:30:54.0158 5988        AmdK8 - ok
11:30:54.0173 5988        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:30:54.0189 5988        Appinfo - ok
11:30:54.0204 5988        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:30:54.0220 5988        arc - ok
11:30:54.0236 5988        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:30:54.0251 5988        arcsas - ok
11:30:54.0251 5988        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:30:54.0267 5988        AsyncMac - ok
11:30:54.0298 5988        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:30:54.0314 5988        atapi - ok
11:30:54.0345 5988        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:30:54.0360 5988        AudioEndpointBuilder - ok
11:30:54.0376 5988        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:30:54.0392 5988        Audiosrv - ok
11:30:54.0392 5988        b57nd60x        (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
11:30:54.0423 5988        b57nd60x - ok
11:30:54.0438 5988        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:30:54.0454 5988        Beep - ok
11:30:54.0501 5988        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:30:54.0532 5988        BFE - ok
11:30:54.0563 5988        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:30:54.0594 5988        BITS - ok
11:30:54.0626 5988        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:30:54.0641 5988        blbdrive - ok
11:30:54.0672 5988        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:30:54.0672 5988        bowser - ok
11:30:54.0704 5988        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:30:54.0719 5988        BrFiltLo - ok
11:30:54.0735 5988        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:30:54.0750 5988        BrFiltUp - ok
11:30:54.0782 5988        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:30:54.0797 5988        Browser - ok
11:30:54.0813 5988        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:30:54.0860 5988        Brserid - ok
11:30:54.0860 5988        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:30:54.0906 5988        BrSerWdm - ok
11:30:54.0922 5988        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:30:54.0969 5988        BrUsbMdm - ok
11:30:54.0969 5988        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:30:55.0016 5988        BrUsbSer - ok
11:30:55.0031 5988        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:30:55.0062 5988        BTHMODEM - ok
11:30:55.0078 5988        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:30:55.0094 5988        cdfs - ok
11:30:55.0125 5988        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:30:55.0140 5988        cdrom - ok
11:30:55.0156 5988        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:30:55.0187 5988        CertPropSvc - ok
11:30:55.0187 5988        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:30:55.0218 5988        circlass - ok
11:30:55.0250 5988        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:30:55.0265 5988        CLFS - ok
11:30:55.0343 5988        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:30:55.0359 5988        clr_optimization_v2.0.50727_32 - ok
11:30:55.0421 5988        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:30:55.0437 5988        CmBatt - ok
11:30:55.0452 5988        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:30:55.0468 5988        cmdide - ok
11:30:55.0499 5988        CnxtHdAudService (01b80273c019f0f25f27fa2e80a85578) C:\Windows\system32\drivers\CHDRT32.sys
11:30:55.0515 5988        CnxtHdAudService - ok
11:30:55.0530 5988        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:30:55.0546 5988        Compbatt - ok
11:30:55.0546 5988        COMSysApp - ok
11:30:55.0546 5988        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:30:55.0562 5988        crcdisk - ok
11:30:55.0577 5988        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:30:55.0608 5988        Crusoe - ok
11:30:55.0655 5988        CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
11:30:55.0671 5988        CryptSvc - ok
11:30:55.0733 5988        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:30:55.0764 5988        DcomLaunch - ok
11:30:55.0796 5988        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:30:55.0796 5988        DfsC - ok
11:30:55.0889 5988        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:30:55.0936 5988        DFSR - ok
11:30:56.0014 5988        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:30:56.0030 5988        Dhcp - ok
11:30:56.0061 5988        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:30:56.0076 5988        disk - ok
11:30:56.0092 5988        DKbFltr        (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
11:30:56.0108 5988        DKbFltr - ok
11:30:56.0123 5988        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:30:56.0139 5988        Dnscache - ok
11:30:56.0154 5988        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:30:56.0186 5988        dot3svc - ok
11:30:56.0217 5988        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:30:56.0264 5988        DPS - ok
11:30:56.0310 5988        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:30:56.0342 5988        drmkaud - ok
11:30:56.0451 5988        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:30:56.0482 5988        DXGKrnl - ok
11:30:56.0560 5988        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:30:56.0607 5988        E1G60 - ok
11:30:56.0654 5988        eamonm          (8a45015e85a4dce0086b9973f0fd9a20) C:\Windows\system32\DRIVERS\eamonm.sys
11:30:56.0669 5988        eamonm - ok
11:30:56.0700 5988        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:30:56.0747 5988        EapHost - ok
11:30:56.0810 5988        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:30:56.0825 5988        Ecache - ok
11:30:56.0903 5988        ehdrv          (5412ed24fffca64e2f0168399b86c952) C:\Windows\system32\DRIVERS\ehdrv.sys
11:30:56.0919 5988        ehdrv - ok
11:30:56.0966 5988        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
11:30:57.0012 5988        ehRecvr - ok
11:30:57.0044 5988        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
11:30:57.0075 5988        ehSched - ok
11:30:57.0075 5988        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
11:30:57.0106 5988        ehstart - ok
11:30:57.0200 5988        ekrn            (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
11:30:57.0231 5988        ekrn - ok
11:30:57.0402 5988        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:30:57.0434 5988        elxstor - ok
11:30:57.0512 5988        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:30:57.0605 5988        EMDMgmt - ok
11:30:57.0668 5988        epfw            (774babcb1144513dc86992003740b774) C:\Windows\system32\DRIVERS\epfw.sys
11:30:57.0683 5988        epfw - ok
11:30:57.0699 5988        EpfwLWF        (2c22cc39309ee06ae870c183bf2a769d) C:\Windows\system32\DRIVERS\EpfwLWF.sys
11:30:57.0714 5988        EpfwLWF - ok
11:30:57.0730 5988        epfwwfp        (2b4e5f01a4e786b422f4d617b51fa7d9) C:\Windows\system32\DRIVERS\epfwwfp.sys
11:30:57.0746 5988        epfwwfp - ok
11:30:57.0917 5988        ePowerSvc      (2072cbe938dd355c4a52e9a4dcf5439f) C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
11:30:57.0948 5988        ePowerSvc - ok
11:30:58.0011 5988        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:30:58.0042 5988        ErrDev - ok
11:30:58.0089 5988        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:30:58.0136 5988        EventSystem - ok
11:30:58.0198 5988        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:30:58.0245 5988        exfat - ok
11:30:58.0307 5988        ezSharedSvc    (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
11:30:58.0323 5988        ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
11:30:58.0323 5988        ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
11:30:58.0354 5988        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:30:58.0416 5988        fastfat - ok
11:30:58.0432 5988        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:30:58.0479 5988        fdc - ok
11:30:58.0494 5988        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:30:58.0526 5988        fdPHost - ok
11:30:58.0526 5988        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:30:58.0588 5988        FDResPub - ok
11:30:58.0604 5988        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:30:58.0619 5988        FileInfo - ok
11:30:58.0650 5988        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:30:58.0666 5988        Filetrace - ok
11:30:58.0822 5988        FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:30:58.0869 5988        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:30:58.0869 5988        FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:30:58.0884 5988        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:30:58.0916 5988        flpydisk - ok
11:30:58.0947 5988        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:30:58.0962 5988        FltMgr - ok
11:30:59.0072 5988        FontCache      (452feaab2a8dbb42ed751754cb2594f5) C:\Windows\system32\FntCache.dll
11:30:59.0196 5988        FontCache - ok
11:30:59.0306 5988        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:30:59.0321 5988        FontCache3.0.0.0 - ok
11:30:59.0384 5988        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
11:30:59.0415 5988        Fs_Rec - ok
11:30:59.0446 5988        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:30:59.0462 5988        gagp30kx - ok
11:30:59.0524 5988        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:30:59.0571 5988        gpsvc - ok
11:30:59.0649 5988        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:30:59.0727 5988        HdAudAddService - ok
11:30:59.0789 5988        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:30:59.0836 5988        HDAudBus - ok
11:30:59.0852 5988        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:30:59.0930 5988        HidBth - ok
11:30:59.0945 5988        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:30:59.0992 5988        HidIr - ok
11:31:00.0008 5988        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
11:31:00.0054 5988        hidserv - ok
11:31:00.0086 5988        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:31:00.0101 5988        HidUsb - ok
11:31:00.0132 5988        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:31:00.0164 5988        hkmsvc - ok
11:31:00.0179 5988        HpCISSs        (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:31:00.0195 5988        HpCISSs - ok
11:31:00.0257 5988        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
11:31:00.0288 5988        HSFHWAZL - ok
11:31:00.0351 5988        HSF_DPV        (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
11:31:00.0413 5988        HSF_DPV - ok
11:31:00.0460 5988        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:31:00.0507 5988        HTTP - ok
11:31:00.0569 5988        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:31:00.0569 5988        i2omp - ok
11:31:00.0632 5988        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:31:00.0663 5988        i8042prt - ok
11:31:00.0710 5988        iaStor          (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
11:31:00.0725 5988        iaStor - ok
11:31:00.0741 5988        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:31:00.0756 5988        iaStorV - ok
11:31:00.0866 5988        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:31:00.0881 5988        idsvc - ok
11:31:00.0928 5988        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:31:00.0928 5988        iirsp - ok
11:31:00.0975 5988        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:31:01.0006 5988        IKEEXT - ok
11:31:01.0100 5988        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:31:01.0100 5988        intelide - ok
11:31:01.0131 5988        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:31:01.0162 5988        intelppm - ok
11:31:01.0178 5988        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:31:01.0224 5988        IPBusEnum - ok
11:31:01.0240 5988        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:31:01.0287 5988        IpFilterDriver - ok
11:31:01.0302 5988        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
11:31:01.0349 5988        iphlpsvc - ok
11:31:01.0349 5988        IpInIp - ok
11:31:01.0380 5988        IPMIDRV        (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
11:31:01.0396 5988        IPMIDRV - ok
11:31:01.0396 5988        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:31:01.0427 5988        IPNAT - ok
11:31:01.0490 5988        irda            (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
11:31:01.0505 5988        irda - ok
11:31:01.0536 5988        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:31:01.0552 5988        IRENUM - ok
11:31:01.0583 5988        Irmon          (cbb0d940221a281bcfeaea695bd1cda5) C:\Windows\System32\irmon.dll
11:31:01.0630 5988        Irmon - ok
11:31:01.0661 5988        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
11:31:01.0677 5988        isapnp - ok
11:31:01.0724 5988        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:31:01.0739 5988        iScsiPrt - ok
11:31:01.0755 5988        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:31:01.0755 5988        iteatapi - ok
11:31:01.0770 5988        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:31:01.0786 5988        iteraid - ok
11:31:01.0848 5988        k57nd60x        (eac21e8014c7e6ee341afffb7e2bbd54) C:\Windows\system32\DRIVERS\k57nd60x.sys
11:31:01.0895 5988        k57nd60x - ok
11:31:01.0895 5988        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:31:01.0911 5988        kbdclass - ok
11:31:01.0926 5988        kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
11:31:01.0958 5988        kbdhid - ok
11:31:02.0004 5988        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:31:02.0051 5988        KeyIso - ok
11:31:02.0067 5988        KSecDD          (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
11:31:02.0098 5988        KSecDD - ok
11:31:02.0160 5988        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:31:02.0223 5988        KtmRm - ok
11:31:02.0285 5988        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
11:31:02.0348 5988        LanmanServer - ok
11:31:02.0410 5988        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
11:31:02.0441 5988        LanmanWorkstation - ok
11:31:02.0472 5988        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:31:02.0504 5988        lltdio - ok
11:31:02.0566 5988        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:31:02.0691 5988        lltdsvc - ok
11:31:02.0706 5988        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:31:02.0738 5988        lmhosts - ok
11:31:02.0753 5988        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
11:31:02.0769 5988        LSI_FC - ok
11:31:02.0784 5988        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
11:31:02.0784 5988        LSI_SAS - ok
11:31:02.0831 5988        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
11:31:02.0847 5988        LSI_SCSI - ok
11:31:02.0862 5988        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:31:02.0909 5988        luafv - ok
11:31:02.0925 5988        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
11:31:02.0956 5988        Mcx2Svc - ok
11:31:03.0003 5988        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
11:31:03.0003 5988        megasas - ok
11:31:03.0034 5988        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
11:31:03.0081 5988        MegaSR - ok
11:31:03.0112 5988        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:31:03.0174 5988        MMCSS - ok
11:31:03.0190 5988        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:31:03.0221 5988        Modem - ok
11:31:03.0284 5988        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:31:03.0315 5988        monitor - ok
11:31:03.0315 5988        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:31:03.0330 5988        mouclass - ok
11:31:03.0346 5988        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:31:03.0377 5988        mouhid - ok
11:31:03.0393 5988        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:31:03.0408 5988        MountMgr - ok
11:31:03.0502 5988        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:31:03.0518 5988        MozillaMaintenance - ok
11:31:03.0580 5988        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
11:31:03.0596 5988        mpio - ok
11:31:03.0611 5988        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:31:03.0658 5988        mpsdrv - ok
11:31:03.0705 5988        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
11:31:03.0783 5988        MpsSvc - ok
11:31:03.0798 5988        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:31:03.0814 5988        Mraid35x - ok
11:31:03.0861 5988        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:31:03.0892 5988        MRxDAV - ok
11:31:03.0923 5988        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:31:03.0954 5988        mrxsmb - ok
11:31:03.0986 5988        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:31:04.0001 5988        mrxsmb10 - ok
11:31:04.0017 5988        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:31:04.0048 5988        mrxsmb20 - ok
11:31:04.0095 5988        msahci          (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
11:31:04.0110 5988        msahci - ok
11:31:04.0126 5988        msdsm          (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
11:31:04.0142 5988        msdsm - ok
11:31:04.0173 5988        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:31:04.0204 5988        MSDTC - ok
11:31:04.0204 5988        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:31:04.0235 5988        Msfs - ok
11:31:04.0282 5988        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:31:04.0298 5988        msisadrv - ok
11:31:04.0313 5988        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:31:04.0360 5988        MSiSCSI - ok
11:31:04.0360 5988        msiserver - ok
11:31:04.0376 5988        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:31:04.0407 5988        MSKSSRV - ok
11:31:04.0422 5988        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:31:04.0454 5988        MSPCLOCK - ok
11:31:04.0454 5988        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:31:04.0485 5988        MSPQM - ok
11:31:04.0516 5988        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:31:04.0532 5988        MsRPC - ok
11:31:04.0547 5988        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:31:04.0547 5988        mssmbios - ok
11:31:04.0594 5988        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:31:04.0610 5988        MSTEE - ok
11:31:04.0641 5988        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:31:04.0656 5988        Mup - ok
11:31:04.0672 5988        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
11:31:04.0703 5988        napagent - ok
11:31:04.0781 5988        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:31:04.0781 5988        NativeWifiP - ok
11:31:04.0812 5988        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:31:04.0844 5988        NDIS - ok
11:31:04.0875 5988        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:31:04.0906 5988        NdisTapi - ok
11:31:04.0922 5988        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:31:04.0937 5988        Ndisuio - ok
11:31:04.0984 5988        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:31:05.0015 5988        NdisWan - ok
11:31:05.0015 5988        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:31:05.0031 5988        NDProxy - ok
11:31:05.0187 5988        Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
11:31:05.0218 5988        Nero BackItUp Scheduler 3 - ok
11:31:05.0218 5988        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:31:05.0265 5988        NetBIOS - ok
11:31:05.0296 5988        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:31:05.0327 5988        netbt - ok
11:31:05.0374 5988        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:31:05.0390 5988        Netlogon - ok
11:31:05.0436 5988        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:31:05.0483 5988        Netman - ok
11:31:05.0514 5988        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:31:05.0561 5988        netprofm - ok
11:31:05.0655 5988        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:31:05.0655 5988        NetTcpPortSharing - ok
11:31:06.0014 5988        NETw5v32        (ae642d069681a826d5f16e4f6ad158f3) C:\Windows\system32\DRIVERS\NETw5v32.sys
11:31:06.0185 5988        NETw5v32 - ok
11:31:06.0310 5988        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:31:06.0326 5988        nfrd960 - ok
11:31:06.0357 5988        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:31:06.0388 5988        NlaSvc - ok
11:31:06.0513 5988        NMIndexingService (cd4326bc339f98de21aa07b208a305ae) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
11:31:06.0528 5988        NMIndexingService - ok
11:31:06.0560 5988        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:31:06.0591 5988        Npfs - ok
11:31:06.0606 5988        NSCIRDA        (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
11:31:06.0638 5988        NSCIRDA - ok
11:31:06.0653 5988        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:31:06.0684 5988        nsi - ok
11:31:06.0700 5988        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:31:06.0731 5988        nsiproxy - ok
11:31:06.0825 5988        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:31:06.0903 5988        Ntfs - ok
11:31:06.0981 5988        NTI IScheduleSvc (0f0f75069c8016645dfcae93a190cacf) C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
11:31:06.0996 5988        NTI IScheduleSvc - ok
11:31:07.0012 5988        NTIDrvr        (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
11:31:07.0028 5988        NTIDrvr - ok
11:31:07.0043 5988        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:31:07.0090 5988        ntrigdigi - ok
11:31:07.0090 5988        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:31:07.0121 5988        Null - ok
11:31:07.0199 5988        NVHDA          (603b0c9bb86f7b3efb88a482c6663ec4) C:\Windows\system32\drivers\nvhda32v.sys
11:31:07.0215 5988        NVHDA - ok
11:31:08.0088 5988        nvlddmkm        (3a3eb304b9bd9f4f6b3b745972f2c1e5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:31:09.0227 5988        nvlddmkm - ok
11:31:09.0368 5988        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
11:31:09.0383 5988        nvraid - ok
11:31:09.0383 5988        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
11:31:09.0399 5988        nvstor - ok
11:31:09.0446 5988        nvsvc          (c4efe7a3370351ed15ae728517fe09cb) C:\Windows\system32\nvvsvc.exe
11:31:09.0461 5988        nvsvc - ok
11:31:09.0461 5988        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
11:31:09.0477 5988        nv_agp - ok
11:31:09.0492 5988        NwlnkFlt - ok
11:31:09.0492 5988        NwlnkFwd - ok
11:31:09.0602 5988        odserv          (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:31:09.0633 5988        odserv - ok
11:31:09.0695 5988        ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
11:31:09.0726 5988        ohci1394 - ok
11:31:09.0820 5988        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:31:09.0836 5988        ose - ok
11:31:09.0914 5988        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:31:10.0007 5988        p2pimsvc - ok
11:31:10.0023 5988        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:31:10.0132 5988        p2psvc - ok
11:31:10.0179 5988        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:31:10.0226 5988        Parport - ok
11:31:10.0272 5988        partmgr        (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
11:31:10.0288 5988        partmgr - ok
11:31:10.0288 5988        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:31:10.0335 5988        Parvdm - ok
11:31:10.0366 5988        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:31:10.0428 5988        PcaSvc - ok
11:31:10.0460 5988        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:31:10.0491 5988        pci - ok
11:31:10.0506 5988        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
11:31:10.0522 5988        pciide - ok
11:31:10.0569 5988        pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
11:31:10.0584 5988        pcmcia - ok
11:31:10.0662 5988        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:31:10.0725 5988        PEAUTH - ok
11:31:10.0803 5988        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:31:10.0896 5988        pla - ok
11:31:10.0959 5988        PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
11:31:10.0974 5988        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
11:31:10.0974 5988        PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
11:31:11.0006 5988        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
11:31:11.0037 5988        PlugPlay - ok
11:31:11.0084 5988        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:31:11.0099 5988        PNRPAutoReg - ok
11:31:11.0115 5988        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:31:11.0162 5988        PNRPsvc - ok
11:31:11.0224 5988        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
11:31:11.0255 5988        PolicyAgent - ok
11:31:11.0318 5988        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:31:11.0349 5988        PptpMiniport - ok
11:31:11.0364 5988        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
11:31:11.0396 5988        Processor - ok
11:31:11.0411 5988        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
11:31:11.0442 5988        ProfSvc - ok
11:31:11.0474 5988        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:31:11.0474 5988        ProtectedStorage - ok
11:31:11.0505 5988        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:31:11.0536 5988        PSched - ok
11:31:11.0567 5988        PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
11:31:11.0567 5988        PxHelp20 - ok
11:31:11.0661 5988        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
11:31:11.0708 5988        ql2300 - ok
11:31:11.0739 5988        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:31:11.0754 5988        ql40xx - ok
11:31:11.0786 5988        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:31:11.0817 5988        QWAVE - ok
11:31:11.0832 5988        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:31:11.0832 5988        QWAVEdrv - ok
11:31:11.0848 5988        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:31:11.0879 5988        RasAcd - ok
11:31:11.0910 5988        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:31:11.0957 5988        RasAuto - ok
11:31:11.0973 5988        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:31:11.0988 5988        Rasl2tp - ok
11:31:12.0020 5988        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
11:31:12.0066 5988        RasMan - ok
11:31:12.0082 5988        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:31:12.0098 5988        RasPppoe - ok
11:31:12.0129 5988        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:31:12.0129 5988        RasSstp - ok
11:31:12.0160 5988        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:31:12.0176 5988        rdbss - ok
11:31:12.0191 5988        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:31:12.0222 5988        RDPCDD - ok
11:31:12.0254 5988        rdpdr          (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
11:31:12.0269 5988        rdpdr - ok
11:31:12.0285 5988        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:31:12.0332 5988        RDPENCDD - ok
11:31:12.0394 5988        RDPWD          (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
11:31:12.0425 5988        RDPWD - ok
11:31:12.0503 5988        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:31:12.0534 5988        RemoteAccess - ok
11:31:12.0550 5988        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
11:31:12.0581 5988        RemoteRegistry - ok
11:31:12.0597 5988        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:31:12.0628 5988        RpcLocator - ok
11:31:12.0706 5988        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:31:12.0737 5988        RpcSs - ok
11:31:12.0753 5988        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:31:12.0800 5988        rspndr - ok
11:31:12.0846 5988        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:31:12.0862 5988        SamSs - ok
11:31:12.0878 5988        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:31:12.0893 5988        sbp2port - ok
11:31:12.0956 5988        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
11:31:12.0987 5988        SCardSvr - ok
11:31:13.0034 5988        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
11:31:13.0080 5988        Schedule - ok
11:31:13.0112 5988        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:31:13.0143 5988        SCPolicySvc - ok
11:31:13.0158 5988        sdbus          (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
11:31:13.0221 5988        sdbus - ok
11:31:13.0236 5988        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:31:13.0299 5988        SDRSVC - ok
11:31:13.0314 5988        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:31:13.0361 5988        secdrv - ok
11:31:13.0377 5988        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:31:13.0408 5988        seclogon - ok
11:31:13.0424 5988        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
11:31:13.0455 5988        SENS - ok
11:31:13.0470 5988        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:31:13.0517 5988        Serenum - ok
11:31:13.0548 5988        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:31:13.0595 5988        Serial - ok
11:31:13.0595 5988        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:31:13.0626 5988        sermouse - ok
11:31:13.0658 5988        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:31:13.0689 5988        SessionEnv - ok
11:31:13.0736 5988        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
11:31:13.0751 5988        sffdisk - ok
11:31:13.0814 5988        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
11:31:13.0845 5988        sffp_mmc - ok
11:31:13.0876 5988        sffp_sd        (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
11:31:13.0892 5988        sffp_sd - ok
11:31:13.0907 5988        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:31:13.0970 5988        sfloppy - ok
11:31:14.0001 5988        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:31:14.0048 5988        SharedAccess - ok
11:31:14.0079 5988        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
11:31:14.0110 5988        ShellHWDetection - ok
11:31:14.0141 5988        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
11:31:14.0157 5988        sisagp - ok
11:31:14.0157 5988        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
11:31:14.0172 5988        SiSRaid2 - ok
11:31:14.0172 5988        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
11:31:14.0188 5988        SiSRaid4 - ok
11:31:14.0344 5988        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
11:31:14.0656 5988        slsvc - ok
11:31:14.0750 5988        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
11:31:14.0796 5988        SLUINotify - ok
11:31:14.0812 5988        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:31:14.0843 5988        Smb - ok
11:31:14.0874 5988        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:31:14.0874 5988        SNMPTRAP - ok
11:31:14.0906 5988        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:31:14.0921 5988        spldr - ok
11:31:14.0952 5988        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
11:31:14.0968 5988        Spooler - ok
11:31:14.0999 5988        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:31:15.0030 5988        srv - ok
11:31:15.0062 5988        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:31:15.0093 5988        srv2 - ok
11:31:15.0108 5988        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:31:15.0124 5988        srvnet - ok
11:31:15.0155 5988        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:31:15.0186 5988        SSDPSRV - ok
11:31:15.0218 5988        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:31:15.0233 5988        SstpSvc - ok
11:31:15.0280 5988        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
11:31:15.0311 5988        stisvc - ok
11:31:15.0327 5988        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:31:15.0342 5988        swenum - ok
11:31:15.0374 5988        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
11:31:15.0405 5988        swprv - ok
11:31:15.0420 5988        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:31:15.0436 5988        Symc8xx - ok
11:31:15.0452 5988        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:31:15.0467 5988        Sym_hi - ok
11:31:15.0467 5988        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:31:15.0483 5988        Sym_u3 - ok
11:31:15.0545 5988        SynTP          (5c3e900f41426a372de60675afc8aa07) C:\Windows\system32\DRIVERS\SynTP.sys
11:31:15.0561 5988        SynTP - ok
11:31:15.0592 5988        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
11:31:15.0639 5988        SysMain - ok
11:31:15.0701 5988        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:31:15.0717 5988        TabletInputService - ok
11:31:15.0748 5988        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
11:31:15.0795 5988        TapiSrv - ok
11:31:15.0810 5988        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:31:15.0857 5988        TBS - ok
11:31:15.0935 5988        Tcpip          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
11:31:15.0966 5988        Tcpip - ok
11:31:15.0982 5988        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
11:31:16.0013 5988        Tcpip6 - ok
11:31:16.0029 5988        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:31:16.0044 5988        tcpipreg - ok
11:31:16.0091 5988        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:31:16.0122 5988        TDPIPE - ok
11:31:16.0138 5988        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:31:16.0169 5988        TDTCP - ok
11:31:16.0185 5988        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:31:16.0216 5988        tdx - ok
11:31:16.0247 5988        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:31:16.0263 5988        TermDD - ok
11:31:16.0294 5988        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
11:31:16.0341 5988        TermService - ok
11:31:16.0372 5988        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
11:31:16.0388 5988        Themes - ok
11:31:16.0403 5988        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:31:16.0419 5988        THREADORDER - ok
11:31:16.0450 5988        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:31:16.0481 5988        TrkWks - ok
11:31:16.0512 5988        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
11:31:16.0544 5988        TrustedInstaller - ok
11:31:16.0575 5988        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:31:16.0622 5988        tssecsrv - ok
11:31:16.0622 5988        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:31:16.0653 5988        tunnel - ok
11:31:16.0668 5988        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
11:31:16.0684 5988        uagp35 - ok
11:31:16.0731 5988        UBHelper        (d79c0b9bb011218b93705cbf77fa3e5e) C:\Windows\system32\drivers\UBHelper.sys
11:31:16.0746 5988        UBHelper - ok
11:31:16.0778 5988        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:31:16.0793 5988        udfs - ok
11:31:16.0824 5988        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:31:16.0856 5988        UI0Detect - ok
11:31:16.0887 5988        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
11:31:16.0902 5988        uliagpkx - ok
11:31:16.0934 5988        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
11:31:16.0949 5988        uliahci - ok
11:31:16.0996 5988        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:31:16.0996 5988        UlSata - ok
11:31:17.0027 5988        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:31:17.0058 5988        ulsata2 - ok
11:31:17.0058 5988        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:31:17.0105 5988        umbus - ok
11:31:17.0136 5988        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:31:17.0168 5988        upnphost - ok
11:31:17.0183 5988        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:31:17.0214 5988        usbccgp - ok
11:31:17.0246 5988        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:31:17.0292 5988        usbcir - ok
11:31:17.0339 5988        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:31:17.0370 5988        usbehci - ok
11:31:17.0386 5988        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:31:17.0417 5988        usbhub - ok
11:31:17.0448 5988        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:31:17.0495 5988        usbohci - ok
11:31:17.0495 5988        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
11:31:17.0542 5988        usbprint - ok
11:31:17.0558 5988        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:31:17.0573 5988        USBSTOR - ok
11:31:17.0589 5988        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:31:17.0620 5988        usbuhci - ok
11:31:17.0636 5988        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:31:17.0667 5988        usbvideo - ok
11:31:17.0698 5988        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
11:31:17.0729 5988        UxSms - ok
11:31:17.0776 5988        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
11:31:17.0823 5988        vds - ok
11:31:17.0838 5988        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:31:17.0885 5988        vga - ok
11:31:17.0901 5988        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:31:17.0916 5988        VgaSave - ok
11:31:17.0932 5988        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
11:31:17.0948 5988        viaagp - ok
11:31:17.0963 5988        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
11:31:17.0979 5988        ViaC7 - ok
11:31:18.0010 5988        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
11:31:18.0010 5988        viaide - ok
11:31:18.0041 5988        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:31:18.0041 5988        volmgr - ok
11:31:18.0072 5988        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:31:18.0104 5988        volmgrx - ok
11:31:18.0119 5988        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:31:18.0135 5988        volsnap - ok
11:31:18.0182 5988        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
11:31:18.0182 5988        vsmraid - ok
11:31:18.0244 5988        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
11:31:18.0291 5988        VSS - ok
11:31:18.0322 5988        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
11:31:18.0338 5988        W32Time - ok
11:31:18.0416 5988        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:31:18.0478 5988        WacomPen - ok
11:31:18.0494 5988        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:31:18.0525 5988        Wanarp - ok
11:31:18.0525 5988        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:31:18.0540 5988        Wanarpv6 - ok
11:31:18.0587 5988        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
11:31:18.0603 5988        wcncsvc - ok
11:31:18.0634 5988        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:31:18.0665 5988        WcsPlugInService - ok
11:31:18.0681 5988        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
11:31:18.0696 5988        Wd - ok
11:31:18.0743 5988        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:31:18.0790 5988        Wdf01000 - ok
11:31:18.0821 5988        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:31:18.0852 5988        WdiServiceHost - ok
11:31:18.0868 5988        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:31:18.0884 5988        WdiSystemHost - ok
11:31:18.0946 5988        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
11:31:18.0977 5988        WebClient - ok
11:31:19.0008 5988        Wecsvc          (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
11:31:19.0024 5988        Wecsvc - ok
11:31:19.0040 5988        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:31:19.0071 5988        wercplsupport - ok
11:31:19.0102 5988        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
11:31:19.0118 5988        WerSvc - ok
11:31:19.0164 5988        winachsf        (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
11:31:19.0227 5988        winachsf - ok
11:31:19.0305 5988        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:31:19.0320 5988        WinDefend - ok
11:31:19.0336 5988        WinHttpAutoProxySvc - ok
11:31:19.0383 5988        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
11:31:19.0414 5988        Winmgmt - ok
11:31:19.0508 5988        WinRM          (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
11:31:19.0601 5988        WinRM - ok
11:31:19.0664 5988        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
11:31:19.0742 5988        Wlansvc - ok
11:31:19.0804 5988        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:31:19.0820 5988        WmiAcpi - ok
11:31:19.0882 5988        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
11:31:19.0929 5988        wmiApSrv - ok
11:31:20.0069 5988        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:31:20.0210 5988        WMPNetworkSvc - ok
11:31:20.0241 5988        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
11:31:20.0288 5988        WPCSvc - ok
11:31:20.0397 5988        WPDBusEnum      (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
11:31:20.0444 5988        WPDBusEnum - ok
11:31:20.0490 5988        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:31:20.0522 5988        ws2ifsl - ok
11:31:20.0553 5988        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
11:31:20.0584 5988        wscsvc - ok
11:31:20.0584 5988        WSearch - ok
11:31:20.0771 5988        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
11:31:20.0865 5988        wuauserv - ok
11:31:21.0068 5988        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:31:21.0114 5988        WUDFRd - ok
11:31:21.0146 5988        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:31:21.0192 5988        wudfsvc - ok
11:31:21.0239 5988        MBR (0x1B8)    (9c603bc3977968c891de319283e1e7af) \Device\Harddisk0\DR0
11:31:21.0270 5988        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
11:31:21.0270 5988        \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
11:31:21.0411 5988        Boot (0x1200)  (b82810ea05973f2aade2d107958e1e7e) \Device\Harddisk0\DR0\Partition0
11:31:21.0411 5988        \Device\Harddisk0\DR0\Partition0 - ok
11:31:21.0426 5988        ============================================================
11:31:21.0426 5988        Scan finished
11:31:21.0426 5988        ============================================================
11:31:21.0426 4020        Detected object count: 4
11:31:21.0426 4020        Actual detected object count: 4
11:31:55.0668 4020        ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:55.0668 4020        ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:31:55.0668 4020        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:55.0668 4020        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:31:55.0668 4020        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:55.0668 4020        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:31:55.0684 4020        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - skipped by user
11:31:55.0684 4020        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Skip
11:32:40.0332 4000        Deinitialize success

cosinus 05.08.2012 16:02
Code:
\Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - skipped by user
Das ist die Zecke!

Diesen Eintrag => Rootkit.Boot.Wistler.a <= bitte mit dem TDSS-Killer fixen. Aber bitte nur diesen Eintrag!
Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.

Torch 05.08.2012 21:52
So also es sieht gut aus. Habe Eset auch noch mal im Arbeitsspeichern scannen lassen und der hat nichts gefunden :-)
So hier ist das Log:

Code:
22:44:34.0200 1644        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:44:34.0231 1644        ============================================================
22:44:34.0231 1644        Current date / time: 2012/08/05 22:44:34.0231
22:44:34.0231 1644        SystemInfo:
22:44:34.0231 1644       
22:44:34.0231 1644        OS Version: 6.0.6002 ServicePack: 2.0
22:44:34.0231 1644        Product type: Workstation
22:44:34.0231 1644        ComputerName: ENRICO-PC
22:44:34.0231 1644        UserName: Enrico
22:44:34.0231 1644        Windows directory: C:\Windows
22:44:34.0231 1644        System windows directory: C:\Windows
22:44:34.0231 1644        Processor architecture: Intel x86
22:44:34.0231 1644        Number of processors: 2
22:44:34.0231 1644        Page size: 0x1000
22:44:34.0231 1644        Boot type: Normal boot
22:44:34.0231 1644        ============================================================
22:44:34.0761 1644        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:44:34.0761 1644        ============================================================
22:44:34.0761 1644        \Device\Harddisk0\DR0:
22:44:34.0761 1644        MBR partitions:
22:44:34.0761 1644        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x38FFD000
22:44:34.0761 1644        ============================================================
22:44:34.0793 1644        C: <-> \Device\Harddisk0\DR0\Partition0
22:44:34.0793 1644        ============================================================
22:44:34.0793 1644        Initialize success
22:44:34.0793 1644        ============================================================
22:45:04.0542 2840        ============================================================
22:45:04.0542 2840        Scan started
22:45:04.0542 2840        Mode: Manual; SigCheck; TDLFS;
22:45:04.0542 2840        ============================================================
22:45:04.0760 2840        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:45:04.0854 2840        ACPI - ok
22:45:04.0932 2840        AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
22:45:04.0947 2840        AdobeActiveFileMonitor6.0 - ok
22:45:05.0010 2840        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:45:05.0041 2840        adp94xx - ok
22:45:05.0057 2840        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:45:05.0072 2840        adpahci - ok
22:45:05.0088 2840        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:45:05.0103 2840        adpu160m - ok
22:45:05.0119 2840        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:45:05.0135 2840        adpu320 - ok
22:45:05.0181 2840        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:45:05.0197 2840        AeLookupSvc - ok
22:45:05.0275 2840        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:45:05.0306 2840        AFD - ok
22:45:05.0369 2840        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:45:05.0369 2840        agp440 - ok
22:45:05.0400 2840        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:45:05.0415 2840        aic78xx - ok
22:45:05.0447 2840        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:45:05.0462 2840        ALG - ok
22:45:05.0478 2840        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:45:05.0478 2840        aliide - ok
22:45:05.0493 2840        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:45:05.0509 2840        amdagp - ok
22:45:05.0525 2840        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:45:05.0540 2840        amdide - ok
22:45:05.0587 2840        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:45:05.0618 2840        AmdK7 - ok
22:45:05.0634 2840        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:45:05.0649 2840        AmdK8 - ok
22:45:05.0727 2840        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:45:05.0743 2840        Appinfo - ok
22:45:05.0759 2840        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:45:05.0774 2840        arc - ok
22:45:05.0821 2840        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:45:05.0837 2840        arcsas - ok
22:45:05.0868 2840        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:45:05.0899 2840        AsyncMac - ok
22:45:05.0915 2840        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:45:05.0930 2840        atapi - ok
22:45:06.0008 2840        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:45:06.0039 2840        AudioEndpointBuilder - ok
22:45:06.0039 2840        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:45:06.0071 2840        Audiosrv - ok
22:45:06.0149 2840        b57nd60x        (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:45:06.0180 2840        b57nd60x - ok
22:45:06.0242 2840        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:45:06.0273 2840        Beep - ok
22:45:06.0351 2840        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
22:45:06.0383 2840        BFE - ok
22:45:06.0492 2840        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
22:45:06.0539 2840        BITS - ok
22:45:06.0570 2840        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:45:06.0585 2840        blbdrive - ok
22:45:06.0617 2840        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:45:06.0617 2840        bowser - ok
22:45:06.0663 2840        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:45:06.0695 2840        BrFiltLo - ok
22:45:06.0710 2840        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:45:06.0726 2840        BrFiltUp - ok
22:45:06.0741 2840        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:45:06.0757 2840        Browser - ok
22:45:06.0819 2840        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:45:06.0866 2840        Brserid - ok
22:45:06.0866 2840        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:45:06.0913 2840        BrSerWdm - ok
22:45:06.0929 2840        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:45:06.0960 2840        BrUsbMdm - ok
22:45:06.0975 2840        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:45:07.0007 2840        BrUsbSer - ok
22:45:07.0022 2840        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:45:07.0069 2840        BTHMODEM - ok
22:45:07.0116 2840        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:45:07.0147 2840        cdfs - ok
22:45:07.0178 2840        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:45:07.0194 2840        cdrom - ok
22:45:07.0256 2840        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:45:07.0287 2840        CertPropSvc - ok
22:45:07.0303 2840        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:45:07.0334 2840        circlass - ok
22:45:07.0381 2840        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:45:07.0397 2840        CLFS - ok
22:45:07.0490 2840        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:45:07.0506 2840        clr_optimization_v2.0.50727_32 - ok
22:45:07.0553 2840        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:45:07.0584 2840        CmBatt - ok
22:45:07.0599 2840        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:45:07.0615 2840        cmdide - ok
22:45:07.0709 2840        CnxtHdAudService (01b80273c019f0f25f27fa2e80a85578) C:\Windows\system32\drivers\CHDRT32.sys
22:45:07.0755 2840        CnxtHdAudService - ok
22:45:07.0771 2840        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:45:07.0787 2840        Compbatt - ok
22:45:07.0802 2840        COMSysApp - ok
22:45:07.0802 2840        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:45:07.0818 2840        crcdisk - ok
22:45:07.0833 2840        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:45:07.0865 2840        Crusoe - ok
22:45:07.0927 2840        CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
22:45:07.0958 2840        CryptSvc - ok
22:45:08.0052 2840        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:45:08.0083 2840        DcomLaunch - ok
22:45:08.0114 2840        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:45:08.0130 2840        DfsC - ok
22:45:08.0286 2840        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
22:45:08.0333 2840        DFSR - ok
22:45:08.0473 2840        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
22:45:08.0489 2840        Dhcp - ok
22:45:08.0504 2840        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:45:08.0520 2840        disk - ok
22:45:08.0582 2840        DKbFltr        (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
22:45:08.0598 2840        DKbFltr - ok
22:45:08.0645 2840        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
22:45:08.0691 2840        Dnscache - ok
22:45:08.0707 2840        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
22:45:08.0738 2840        dot3svc - ok
22:45:08.0785 2840        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:45:08.0801 2840        DPS - ok
22:45:08.0832 2840        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:45:08.0863 2840        drmkaud - ok
22:45:08.0910 2840        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:45:08.0941 2840        DXGKrnl - ok
22:45:09.0003 2840        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:45:09.0019 2840        E1G60 - ok
22:45:09.0066 2840        eamonm          (8a45015e85a4dce0086b9973f0fd9a20) C:\Windows\system32\DRIVERS\eamonm.sys
22:45:09.0081 2840        eamonm - ok
22:45:09.0113 2840        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:45:09.0128 2840        EapHost - ok
22:45:09.0206 2840        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:45:09.0237 2840        Ecache - ok
22:45:09.0300 2840        ehdrv          (5412ed24fffca64e2f0168399b86c952) C:\Windows\system32\DRIVERS\ehdrv.sys
22:45:09.0315 2840        ehdrv - ok
22:45:09.0378 2840        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
22:45:09.0393 2840        ehRecvr - ok
22:45:09.0409 2840        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
22:45:09.0425 2840        ehSched - ok
22:45:09.0440 2840        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
22:45:09.0456 2840        ehstart - ok
22:45:09.0581 2840        ekrn            (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
22:45:09.0612 2840        ekrn - ok
22:45:09.0783 2840        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:45:09.0815 2840        elxstor - ok
22:45:09.0908 2840        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
22:45:09.0939 2840        EMDMgmt - ok
22:45:10.0002 2840        epfw            (774babcb1144513dc86992003740b774) C:\Windows\system32\DRIVERS\epfw.sys
22:45:10.0017 2840        epfw - ok
22:45:10.0033 2840        EpfwLWF        (2c22cc39309ee06ae870c183bf2a769d) C:\Windows\system32\DRIVERS\EpfwLWF.sys
22:45:10.0033 2840        EpfwLWF - ok
22:45:10.0049 2840        epfwwfp        (2b4e5f01a4e786b422f4d617b51fa7d9) C:\Windows\system32\DRIVERS\epfwwfp.sys
22:45:10.0064 2840        epfwwfp - ok
22:45:10.0251 2840        ePowerSvc      (2072cbe938dd355c4a52e9a4dcf5439f) C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
22:45:10.0283 2840        ePowerSvc - ok
22:45:10.0314 2840        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:45:10.0345 2840        ErrDev - ok
22:45:10.0392 2840        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
22:45:10.0423 2840        EventSystem - ok
22:45:10.0501 2840        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:45:10.0532 2840        exfat - ok
22:45:10.0610 2840        ezSharedSvc    (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
22:45:10.0610 2840        ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
22:45:10.0610 2840        ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
22:45:10.0641 2840        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:45:10.0657 2840        fastfat - ok
22:45:10.0688 2840        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:45:10.0719 2840        fdc - ok
22:45:10.0735 2840        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:45:10.0766 2840        fdPHost - ok
22:45:10.0766 2840        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:45:10.0829 2840        FDResPub - ok
22:45:10.0844 2840        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:45:10.0860 2840        FileInfo - ok
22:45:10.0875 2840        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:45:10.0891 2840        Filetrace - ok
22:45:11.0000 2840        FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:45:11.0016 2840        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:45:11.0016 2840        FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:45:11.0031 2840        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:45:11.0063 2840        flpydisk - ok
22:45:11.0094 2840        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:45:11.0125 2840        FltMgr - ok
22:45:11.0265 2840        FontCache      (452feaab2a8dbb42ed751754cb2594f5) C:\Windows\system32\FntCache.dll
22:45:11.0312 2840        FontCache - ok
22:45:11.0406 2840        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:45:11.0421 2840        FontCache3.0.0.0 - ok
22:45:11.0453 2840        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
22:45:11.0484 2840        Fs_Rec - ok
22:45:11.0499 2840        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:45:11.0515 2840        gagp30kx - ok
22:45:11.0593 2840        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
22:45:11.0640 2840        gpsvc - ok
22:45:11.0702 2840        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
22:45:11.0765 2840        HdAudAddService - ok
22:45:11.0811 2840        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:45:11.0843 2840        HDAudBus - ok
22:45:11.0858 2840        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:45:11.0905 2840        HidBth - ok
22:45:11.0921 2840        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:45:11.0952 2840        HidIr - ok
22:45:11.0983 2840        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
22:45:11.0983 2840        hidserv - ok
22:45:12.0014 2840        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:45:12.0030 2840        HidUsb - ok
22:45:12.0061 2840        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:45:12.0092 2840        hkmsvc - ok
22:45:12.0108 2840        HpCISSs        (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:45:12.0108 2840        HpCISSs - ok
22:45:12.0170 2840        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:45:12.0186 2840        HSFHWAZL - ok
22:45:12.0248 2840        HSF_DPV        (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:45:12.0295 2840        HSF_DPV - ok
22:45:12.0357 2840        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:45:12.0404 2840        HTTP - ok
22:45:12.0451 2840        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:45:12.0467 2840        i2omp - ok
22:45:12.0513 2840        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:45:12.0529 2840        i8042prt - ok
22:45:12.0560 2840        iaStor          (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
22:45:12.0576 2840        iaStor - ok
22:45:12.0623 2840        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:45:12.0638 2840        iaStorV - ok
22:45:12.0732 2840        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:45:12.0763 2840        idsvc - ok
22:45:12.0810 2840        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:45:12.0825 2840        iirsp - ok
22:45:12.0857 2840        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
22:45:12.0888 2840        IKEEXT - ok
22:45:12.0950 2840        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:45:12.0966 2840        intelide - ok
22:45:13.0013 2840        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:45:13.0028 2840        intelppm - ok
22:45:13.0059 2840        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:45:13.0075 2840        IPBusEnum - ok
22:45:13.0091 2840        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:45:13.0122 2840        IpFilterDriver - ok
22:45:13.0153 2840        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
22:45:13.0169 2840        iphlpsvc - ok
22:45:13.0184 2840        IpInIp - ok
22:45:13.0200 2840        IPMIDRV        (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:45:13.0231 2840        IPMIDRV - ok
22:45:13.0231 2840        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:45:13.0262 2840        IPNAT - ok
22:45:13.0309 2840        irda            (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
22:45:13.0325 2840        irda - ok
22:45:13.0340 2840        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:45:13.0356 2840        IRENUM - ok
22:45:13.0387 2840        Irmon          (cbb0d940221a281bcfeaea695bd1cda5) C:\Windows\System32\irmon.dll
22:45:13.0434 2840        Irmon - ok
22:45:13.0434 2840        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:45:13.0449 2840        isapnp - ok
22:45:13.0496 2840        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:45:13.0512 2840        iScsiPrt - ok
22:45:13.0512 2840        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:45:13.0527 2840        iteatapi - ok
22:45:13.0543 2840        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:45:13.0559 2840        iteraid - ok
22:45:13.0621 2840        k57nd60x        (eac21e8014c7e6ee341afffb7e2bbd54) C:\Windows\system32\DRIVERS\k57nd60x.sys
22:45:13.0668 2840        k57nd60x - ok
22:45:13.0699 2840        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:45:13.0715 2840        kbdclass - ok
22:45:13.0715 2840        kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
22:45:13.0746 2840        kbdhid - ok
22:45:13.0793 2840        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:45:13.0824 2840        KeyIso - ok
22:45:13.0871 2840        KSecDD          (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
22:45:13.0902 2840        KSecDD - ok
22:45:14.0011 2840        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:45:14.0058 2840        KtmRm - ok
22:45:14.0073 2840        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
22:45:14.0105 2840        LanmanServer - ok
22:45:14.0167 2840        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
22:45:14.0198 2840        LanmanWorkstation - ok
22:45:14.0229 2840        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:45:14.0245 2840        lltdio - ok
22:45:14.0385 2840        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:45:14.0432 2840        lltdsvc - ok
22:45:14.0448 2840        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:45:14.0495 2840        lmhosts - ok
22:45:14.0510 2840        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:45:14.0526 2840        LSI_FC - ok
22:45:14.0526 2840        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:45:14.0541 2840        LSI_SAS - ok
22:45:14.0573 2840        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:45:14.0588 2840        LSI_SCSI - ok
22:45:14.0619 2840        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:45:14.0635 2840        luafv - ok
22:45:14.0651 2840        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
22:45:14.0666 2840        Mcx2Svc - ok
22:45:14.0729 2840        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:45:14.0744 2840        megasas - ok
22:45:14.0760 2840        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:45:14.0791 2840        MegaSR - ok
22:45:14.0822 2840        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:45:14.0853 2840        MMCSS - ok
22:45:14.0869 2840        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:45:14.0885 2840        Modem - ok
22:45:14.0947 2840        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:45:14.0978 2840        monitor - ok
22:45:14.0978 2840        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:45:14.0994 2840        mouclass - ok
22:45:15.0009 2840        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:45:15.0041 2840        mouhid - ok
22:45:15.0056 2840        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:45:15.0056 2840        MountMgr - ok
22:45:15.0150 2840        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:45:15.0165 2840        MozillaMaintenance - ok
22:45:15.0228 2840        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:45:15.0243 2840        mpio - ok
22:45:15.0259 2840        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:45:15.0290 2840        mpsdrv - ok
22:45:15.0321 2840        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
22:45:15.0337 2840        MpsSvc - ok
22:45:15.0384 2840        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:45:15.0399 2840        Mraid35x - ok
22:45:15.0431 2840        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:45:15.0446 2840        MRxDAV - ok
22:45:15.0462 2840        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:45:15.0493 2840        mrxsmb - ok
22:45:15.0509 2840        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:45:15.0524 2840        mrxsmb10 - ok
22:45:15.0555 2840        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:45:15.0555 2840        mrxsmb20 - ok
22:45:15.0633 2840        msahci          (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
22:45:15.0633 2840        msahci - ok
22:45:15.0649 2840        msdsm          (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:45:15.0665 2840        msdsm - ok
22:45:15.0696 2840        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:45:15.0727 2840        MSDTC - ok
22:45:15.0743 2840        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:45:15.0774 2840        Msfs - ok
22:45:15.0789 2840        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:45:15.0805 2840        msisadrv - ok
22:45:15.0836 2840        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:45:15.0867 2840        MSiSCSI - ok
22:45:15.0867 2840        msiserver - ok
22:45:15.0883 2840        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:45:15.0899 2840        MSKSSRV - ok
22:45:15.0914 2840        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:45:15.0930 2840        MSPCLOCK - ok
22:45:15.0945 2840        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:45:15.0977 2840        MSPQM - ok
22:45:16.0008 2840        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:45:16.0023 2840        MsRPC - ok
22:45:16.0055 2840        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:45:16.0055 2840        mssmbios - ok
22:45:16.0101 2840        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:45:16.0117 2840        MSTEE - ok
22:45:16.0148 2840        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:45:16.0164 2840        Mup - ok
22:45:16.0211 2840        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
22:45:16.0242 2840        napagent - ok
22:45:16.0304 2840        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:45:16.0335 2840        NativeWifiP - ok
22:45:16.0429 2840        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:45:16.0460 2840        NDIS - ok
22:45:16.0476 2840        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:45:16.0507 2840        NdisTapi - ok
22:45:16.0507 2840        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:45:16.0538 2840        Ndisuio - ok
22:45:16.0569 2840        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:45:16.0585 2840        NdisWan - ok
22:45:16.0601 2840        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:45:16.0616 2840        NDProxy - ok
22:45:16.0757 2840        Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
22:45:16.0788 2840        Nero BackItUp Scheduler 3 - ok
22:45:16.0788 2840        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:45:16.0819 2840        NetBIOS - ok
22:45:16.0850 2840        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:45:16.0866 2840        netbt - ok
22:45:16.0913 2840        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:45:16.0928 2840        Netlogon - ok
22:45:16.0975 2840        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:45:17.0022 2840        Netman - ok
22:45:17.0053 2840        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:45:17.0100 2840        netprofm - ok
22:45:17.0178 2840        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:45:17.0193 2840        NetTcpPortSharing - ok
22:45:17.0474 2840        NETw5v32        (ae642d069681a826d5f16e4f6ad158f3) C:\Windows\system32\DRIVERS\NETw5v32.sys
22:45:17.0646 2840        NETw5v32 - ok
22:45:17.0771 2840        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:45:17.0786 2840        nfrd960 - ok
22:45:17.0817 2840        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:45:17.0849 2840        NlaSvc - ok
22:45:18.0005 2840        NMIndexingService (cd4326bc339f98de21aa07b208a305ae) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
22:45:18.0036 2840        NMIndexingService - ok
22:45:18.0067 2840        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:45:18.0098 2840        Npfs - ok
22:45:18.0129 2840        NSCIRDA        (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
22:45:18.0161 2840        NSCIRDA - ok
22:45:18.0192 2840        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:45:18.0223 2840        nsi - ok
22:45:18.0223 2840        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:45:18.0254 2840        nsiproxy - ok
22:45:18.0301 2840        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:45:18.0348 2840        Ntfs - ok
22:45:18.0410 2840        NTI IScheduleSvc (0f0f75069c8016645dfcae93a190cacf) C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
22:45:18.0426 2840        NTI IScheduleSvc - ok
22:45:18.0441 2840        NTIDrvr        (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
22:45:18.0457 2840        NTIDrvr - ok
22:45:18.0473 2840        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:45:18.0519 2840        ntrigdigi - ok
22:45:18.0519 2840        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:45:18.0551 2840        Null - ok
22:45:18.0613 2840        NVHDA          (603b0c9bb86f7b3efb88a482c6663ec4) C:\Windows\system32\drivers\nvhda32v.sys
22:45:18.0629 2840        NVHDA - ok
22:45:19.0674 2840        nvlddmkm        (3a3eb304b9bd9f4f6b3b745972f2c1e5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:45:20.0267 2840        nvlddmkm - ok
22:45:20.0407 2840        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:45:20.0423 2840        nvraid - ok
22:45:20.0423 2840        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:45:20.0438 2840        nvstor - ok
22:45:20.0485 2840        nvsvc          (c4efe7a3370351ed15ae728517fe09cb) C:\Windows\system32\nvvsvc.exe
22:45:20.0501 2840        nvsvc - ok
22:45:20.0516 2840        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:45:20.0532 2840        nv_agp - ok
22:45:20.0532 2840        NwlnkFlt - ok
22:45:20.0532 2840        NwlnkFwd - ok
22:45:20.0641 2840        odserv          (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:45:20.0672 2840        odserv - ok
22:45:20.0735 2840        ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
22:45:20.0766 2840        ohci1394 - ok
22:45:20.0875 2840        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:45:20.0891 2840        ose - ok
22:45:20.0984 2840        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:45:21.0031 2840        p2pimsvc - ok
22:45:21.0047 2840        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:45:21.0078 2840        p2psvc - ok
22:45:21.0093 2840        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:45:21.0156 2840        Parport - ok
22:45:21.0203 2840        partmgr        (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
22:45:21.0218 2840        partmgr - ok
22:45:21.0218 2840        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:45:21.0281 2840        Parvdm - ok
22:45:21.0296 2840        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:45:21.0312 2840        PcaSvc - ok
22:45:21.0343 2840        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:45:21.0359 2840        pci - ok
22:45:21.0374 2840        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
22:45:21.0390 2840        pciide - ok
22:45:21.0437 2840        pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
22:45:21.0452 2840        pcmcia - ok
22:45:21.0530 2840        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:45:21.0608 2840        PEAUTH - ok
22:45:21.0702 2840        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:45:21.0764 2840        pla - ok
22:45:21.0889 2840        PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
22:45:21.0889 2840        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
22:45:21.0889 2840        PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
22:45:21.0920 2840        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
22:45:21.0951 2840        PlugPlay - ok
22:45:22.0029 2840        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:45:22.0045 2840        PNRPAutoReg - ok
22:45:22.0061 2840        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:45:22.0092 2840        PNRPsvc - ok
22:45:22.0139 2840        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
22:45:22.0170 2840        PolicyAgent - ok
22:45:22.0217 2840        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:45:22.0248 2840        PptpMiniport - ok
22:45:22.0263 2840        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:45:22.0295 2840        Processor - ok
22:45:22.0326 2840        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
22:45:22.0357 2840        ProfSvc - ok
22:45:22.0388 2840        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:45:22.0404 2840        ProtectedStorage - ok
22:45:22.0435 2840        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:45:22.0466 2840        PSched - ok
22:45:22.0497 2840        PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
22:45:22.0513 2840        PxHelp20 - ok
22:45:22.0591 2840        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:45:22.0638 2840        ql2300 - ok
22:45:22.0669 2840        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:45:22.0685 2840        ql40xx - ok
22:45:22.0716 2840        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:45:22.0731 2840        QWAVE - ok
22:45:22.0747 2840        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:45:22.0763 2840        QWAVEdrv - ok
22:45:22.0778 2840        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:45:22.0794 2840        RasAcd - ok
22:45:22.0809 2840        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:45:22.0841 2840        RasAuto - ok
22:45:22.0856 2840        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:45:22.0887 2840        Rasl2tp - ok
22:45:22.0919 2840        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
22:45:22.0934 2840        RasMan - ok
22:45:22.0950 2840        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:45:22.0965 2840        RasPppoe - ok
22:45:22.0981 2840        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:45:22.0997 2840        RasSstp - ok
22:45:23.0012 2840        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:45:23.0043 2840        rdbss - ok
22:45:23.0043 2840        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:45:23.0075 2840        RDPCDD - ok
22:45:23.0106 2840        rdpdr          (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:45:23.0121 2840        rdpdr - ok
22:45:23.0137 2840        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:45:23.0168 2840        RDPENCDD - ok
22:45:23.0231 2840        RDPWD          (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
22:45:23.0246 2840        RDPWD - ok
22:45:23.0324 2840        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:45:23.0355 2840        RemoteAccess - ok
22:45:23.0371 2840        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
22:45:23.0402 2840        RemoteRegistry - ok
22:45:23.0418 2840        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:45:23.0433 2840        RpcLocator - ok
22:45:23.0511 2840        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:45:23.0558 2840        RpcSs - ok
22:45:23.0574 2840        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:45:23.0605 2840        rspndr - ok
22:45:23.0652 2840        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:45:23.0667 2840        SamSs - ok
22:45:23.0683 2840        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:45:23.0699 2840        sbp2port - ok
22:45:23.0761 2840        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
22:45:23.0792 2840        SCardSvr - ok
22:45:23.0870 2840        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
22:45:23.0917 2840        Schedule - ok
22:45:23.0933 2840        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:45:23.0964 2840        SCPolicySvc - ok
22:45:23.0995 2840        sdbus          (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
22:45:24.0026 2840        sdbus - ok
22:45:24.0057 2840        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:45:24.0073 2840        SDRSVC - ok
22:45:24.0089 2840        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:45:24.0135 2840        secdrv - ok
22:45:24.0151 2840        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:45:24.0167 2840        seclogon - ok
22:45:24.0182 2840        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
22:45:24.0213 2840        SENS - ok
22:45:24.0229 2840        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:45:24.0260 2840        Serenum - ok
22:45:24.0276 2840        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:45:24.0307 2840        Serial - ok
22:45:24.0323 2840        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:45:24.0338 2840        sermouse - ok
22:45:24.0369 2840        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:45:24.0401 2840        SessionEnv - ok
22:45:24.0401 2840        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:45:24.0416 2840        sffdisk - ok
22:45:24.0432 2840        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:45:24.0463 2840        sffp_mmc - ok
22:45:24.0463 2840        sffp_sd        (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:45:24.0494 2840        sffp_sd - ok
22:45:24.0494 2840        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:45:24.0541 2840        sfloppy - ok
22:45:24.0572 2840        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:45:24.0619 2840        SharedAccess - ok
22:45:24.0666 2840        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
22:45:24.0697 2840        ShellHWDetection - ok
22:45:24.0728 2840        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:45:24.0744 2840        sisagp - ok
22:45:24.0759 2840        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:45:24.0775 2840        SiSRaid2 - ok
22:45:24.0791 2840        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:45:24.0806 2840        SiSRaid4 - ok
22:45:25.0134 2840        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
22:45:25.0259 2840        slsvc - ok
22:45:25.0399 2840        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
22:45:25.0430 2840        SLUINotify - ok
22:45:25.0446 2840        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:45:25.0477 2840        Smb - ok
22:45:25.0493 2840        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:45:25.0524 2840        SNMPTRAP - ok
22:45:25.0539 2840        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:45:25.0555 2840        spldr - ok
22:45:25.0586 2840        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
22:45:25.0617 2840        Spooler - ok
22:45:25.0664 2840        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:45:25.0695 2840        srv - ok
22:45:25.0711 2840        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:45:25.0742 2840        srv2 - ok
22:45:25.0773 2840        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:45:25.0789 2840        srvnet - ok
22:45:25.0820 2840        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:45:25.0851 2840        SSDPSRV - ok
22:45:25.0898 2840        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:45:25.0914 2840        SstpSvc - ok
22:45:25.0945 2840        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
22:45:25.0976 2840        stisvc - ok
22:45:25.0992 2840        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:45:26.0007 2840        swenum - ok
22:45:26.0039 2840        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
22:45:26.0054 2840        swprv - ok
22:45:26.0070 2840        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:45:26.0085 2840        Symc8xx - ok
22:45:26.0101 2840        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:45:26.0117 2840        Sym_hi - ok
22:45:26.0117 2840        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:45:26.0132 2840        Sym_u3 - ok
22:45:26.0195 2840        SynTP          (5c3e900f41426a372de60675afc8aa07) C:\Windows\system32\DRIVERS\SynTP.sys
22:45:26.0210 2840        SynTP - ok
22:45:26.0257 2840        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
22:45:26.0273 2840        SysMain - ok
22:45:26.0304 2840        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:45:26.0319 2840        TabletInputService - ok
22:45:26.0351 2840        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
22:45:26.0366 2840        TapiSrv - ok
22:45:26.0382 2840        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:45:26.0413 2840        TBS - ok
22:45:26.0491 2840        Tcpip          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
22:45:26.0522 2840        Tcpip - ok
22:45:26.0538 2840        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
22:45:26.0553 2840        Tcpip6 - ok
22:45:26.0585 2840        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:45:26.0600 2840        tcpipreg - ok
22:45:26.0631 2840        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:45:26.0647 2840        TDPIPE - ok
22:45:26.0663 2840        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:45:26.0694 2840        TDTCP - ok
22:45:26.0709 2840        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:45:26.0725 2840        tdx - ok
22:45:26.0741 2840        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:45:26.0756 2840        TermDD - ok
22:45:26.0803 2840        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
22:45:26.0819 2840        TermService - ok
22:45:26.0850 2840        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
22:45:26.0865 2840        Themes - ok
22:45:26.0881 2840        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:45:26.0912 2840        THREADORDER - ok
22:45:26.0943 2840        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:45:26.0959 2840        TrkWks - ok
22:45:26.0990 2840        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
22:45:27.0006 2840        TrustedInstaller - ok
22:45:27.0037 2840        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:45:27.0068 2840        tssecsrv - ok
22:45:27.0084 2840        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:45:27.0099 2840        tunnel - ok
22:45:27.0131 2840        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:45:27.0131 2840        uagp35 - ok
22:45:27.0193 2840        UBHelper        (d79c0b9bb011218b93705cbf77fa3e5e) C:\Windows\system32\drivers\UBHelper.sys
22:45:27.0209 2840        UBHelper - ok
22:45:27.0240 2840        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:45:27.0271 2840        udfs - ok
22:45:27.0287 2840        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:45:27.0318 2840        UI0Detect - ok
22:45:27.0349 2840        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:45:27.0365 2840        uliagpkx - ok
22:45:27.0396 2840        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:45:27.0411 2840        uliahci - ok
22:45:27.0427 2840        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:45:27.0443 2840        UlSata - ok
22:45:27.0474 2840        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:45:27.0489 2840        ulsata2 - ok
22:45:27.0505 2840        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:45:27.0521 2840        umbus - ok
22:45:27.0552 2840        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:45:27.0583 2840        upnphost - ok
22:45:27.0614 2840        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:45:27.0630 2840        usbccgp - ok
22:45:27.0645 2840        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:45:27.0692 2840        usbcir - ok
22:45:27.0755 2840        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:45:27.0770 2840        usbehci - ok
22:45:27.0786 2840        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:45:27.0817 2840        usbhub - ok
22:45:27.0833 2840        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:45:27.0879 2840        usbohci - ok
22:45:27.0911 2840        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
22:45:27.0942 2840        usbprint - ok
22:45:27.0973 2840        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:45:27.0989 2840        USBSTOR - ok
22:45:28.0004 2840        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:45:28.0020 2840        usbuhci - ok
22:45:28.0035 2840        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:45:28.0067 2840        usbvideo - ok
22:45:28.0098 2840        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
22:45:28.0113 2840        UxSms - ok
22:45:28.0160 2840        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
22:45:28.0191 2840        vds - ok
22:45:28.0223 2840        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:45:28.0238 2840        vga - ok
22:45:28.0254 2840        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:45:28.0285 2840        VgaSave - ok
22:45:28.0301 2840        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:45:28.0301 2840        viaagp - ok
22:45:28.0332 2840        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:45:28.0347 2840        ViaC7 - ok
22:45:28.0379 2840        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:45:28.0394 2840        viaide - ok
22:45:28.0410 2840        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:45:28.0425 2840        volmgr - ok
22:45:28.0472 2840        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:45:28.0488 2840        volmgrx - ok
22:45:28.0503 2840        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:45:28.0519 2840        volsnap - ok
22:45:28.0581 2840        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:45:28.0597 2840        vsmraid - ok
22:45:28.0691 2840        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
22:45:28.0753 2840        VSS - ok
22:45:28.0784 2840        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
22:45:28.0800 2840        W32Time - ok
22:45:28.0878 2840        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:45:28.0925 2840        WacomPen - ok
22:45:28.0956 2840        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:45:28.0971 2840        Wanarp - ok
22:45:28.0987 2840        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:45:29.0003 2840        Wanarpv6 - ok
22:45:29.0065 2840        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
22:45:29.0096 2840        wcncsvc - ok
22:45:29.0127 2840        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
22:45:29.0174 2840        WcsPlugInService - ok
22:45:29.0190 2840        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:45:29.0205 2840        Wd - ok
22:45:29.0268 2840        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:45:29.0299 2840        Wdf01000 - ok
22:45:29.0315 2840        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:45:29.0346 2840        WdiServiceHost - ok
22:45:29.0346 2840        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:45:29.0377 2840        WdiSystemHost - ok
22:45:29.0408 2840        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
22:45:29.0424 2840        WebClient - ok
22:45:29.0471 2840        Wecsvc          (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
22:45:29.0486 2840        Wecsvc - ok
22:45:29.0502 2840        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:45:29.0517 2840        wercplsupport - ok
22:45:29.0549 2840        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
22:45:29.0580 2840        WerSvc - ok
22:45:29.0627 2840        winachsf        (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:45:29.0658 2840        winachsf - ok
22:45:29.0736 2840        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
22:45:29.0751 2840        WinDefend - ok
22:45:29.0751 2840        WinHttpAutoProxySvc - ok
22:45:29.0814 2840        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
22:45:29.0829 2840        Winmgmt - ok
22:45:29.0876 2840        WinRM          (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
22:45:29.0923 2840        WinRM - ok
22:45:29.0954 2840        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
22:45:30.0001 2840        Wlansvc - ok
22:45:30.0063 2840        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:45:30.0079 2840        WmiAcpi - ok
22:45:30.0141 2840        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
22:45:30.0157 2840        wmiApSrv - ok
22:45:30.0282 2840        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:45:30.0344 2840        WMPNetworkSvc - ok
22:45:30.0391 2840        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
22:45:30.0422 2840        WPCSvc - ok
22:45:30.0438 2840        WPDBusEnum      (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
22:45:30.0453 2840        WPDBusEnum - ok
22:45:30.0516 2840        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:45:30.0547 2840        ws2ifsl - ok
22:45:30.0563 2840        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
22:45:30.0578 2840        wscsvc - ok
22:45:30.0594 2840        WSearch - ok
22:45:30.0687 2840        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:45:30.0750 2840        wuauserv - ok
22:45:30.0890 2840        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:45:30.0937 2840        WUDFRd - ok
22:45:30.0968 2840        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
22:45:31.0015 2840        wudfsvc - ok
22:45:31.0062 2840        MBR (0x1B8)    (beedf9b7f43a72a91456f7131afc11b2) \Device\Harddisk0\DR0
22:45:31.0358 2840        \Device\Harddisk0\DR0 - ok
22:45:31.0358 2840        Boot (0x1200)  (b82810ea05973f2aade2d107958e1e7e) \Device\Harddisk0\DR0\Partition0
22:45:31.0358 2840        \Device\Harddisk0\DR0\Partition0 - ok
22:45:31.0358 2840        ============================================================
22:45:31.0358 2840        Scan finished
22:45:31.0358 2840        ============================================================
22:45:31.0374 3068        Detected object count: 3
22:45:31.0374 3068        Actual detected object count: 3
22:45:51.0389 3068        ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:45:51.0389 3068        ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:45:51.0389 3068        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:45:51.0389 3068        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:45:51.0404 3068        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:45:51.0404 3068        PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:46:02.0589 3780        Deinitialize success
Vielen Dank für die Hilfe und Geduld. Hätte mir es leichter vorgestellt.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:13 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129